Topic: [SOLVED] DHKey calculation

Hello everybody,

I am stuck with the calculation of a DHKey (P256 for a Bluetooth LE security connection).
I have a public key (x,y) from the peer and a private key from my own. Now I need to calculate a DHKey.

When I call the 'wc_ecc_shared_secret' I get a result -3, but here I do not know how to generate a public key out of the x and y values. Is this approach the correct one?

Can somebody give my a hint?

Thank you very much for the support.

Share

Re: [SOLVED] DHKey calculation

Hi AEL,

I see you are working with Bluetooth.

First I will address your question but then I would like to suggest an alternate approach for your consideration.

For the DHAgree you will want to look at the API's

wc_DhAgree

Excerpt from our manual chapter 10 here: https://www.wolfssl.com/docs/wolfssl-manual/ch10/

After sideB sends their public key (pubB) to sideA, sideA can then generate the mutually-agreed key(agreeA) using the wc_DhAgree() function.
wc_DhAgree(&dhPublicKey, agreeA, &agreeASz, privA, privASz,
           pubB, pubBSz);

OK. Now for something to consider.
When working with bluetooth you can easily take advantage of the TLS functionality completely. wolfSSL has implemented an I/O abstraction layer that allows for plug and play of any I/O medium. We have examples of doing TLS connections in memory, through files on a PC, over a USB Serial connection, and we have even done Bluetooth solutions for some of our customers through our consulting service. If you would prefer to take the route of using straight up TLS in place of the Bluetooth specs please let me know and I'd be happy to shed some more light on registering a custom send/receive callback to allow for using TLS over bluetooth.

Warm Regards,

Kaleb

Re: [SOLVED] DHKey calculation

Hi Kaleb,

thanks for the answer. We are working with a Nordic chip and need to implement the Bluetooth Low Energy Security Encryped connection and we are working on a microcontroller.

With the wolfSSL we are generating the private and public key of our side:

          WC_RNG rng;
          ecc_key priv;
          result = wc_InitRng(&rng);
          result = wc_ecc_init(&priv);
          result = wc_ecc_set_curve(&priv, 32, ECC_SECP256R1);
          result = wc_ecc_make_key(&rng, 32, &priv); // make public/private key pair

now we receive a "BLE_GAP_EVT_LESC_DHKEY_REQUEST" from the nordic softdevice from the peer, in this event-case we need to calculate the agreed secret and send this secret back.
The format of the received data is a x,y (32bit value each) of the ECC keys. But as far as I understand the

result = wc_DhAgree();

needs a p and q value.
Is the 'wc_ecc_shared_secret_gen' not the solution better function? But then what to use for the z-value? 1?

I think this little last calculation is missing and when we have this, the Bluetooth connection is encrypted, so I do not think that the other approach makes more sense. Or probably you can short describe which steps are necessary to reach the goal there.

Thank you again for the support and kind Regards
Lorenz

Share

Re: [SOLVED] DHKey calculation

I managed to solve the issue, I did the following steps:

ecc_point *point = wc_ecc_new_point();
mp_read_unsigned_bin(point->x, xPoint, 32);
mp_read_unsigned_bin(point->y, yPoint, 32);
mp_set(point->z, 1);
wc_ecc_shared_secret_gen(&privateKey, point, sharedSecret, &sharedSecretSize);

And this sharedSecret I send back to the softdevice of the nordic chip.

Thanks you very much for the support.

Share