iron.git

commit 3d8121d6cae857b24d613cd312ef728c4794b3d2

Author: Paolo Lulli <paolo@lulli.net>

Add ECDH method (Ellyptic curve)


 key_exchange/ecdh/kx-derive | 16 ++++++++++++++++
 key_exchange/ecdh/kx-export-pub | 16 ++++++++++++++++
 key_exchange/ecdh/kx-gen-keypair | 16 ++++++++++++++++
 key_exchange/ecdh/kx-init-dh | 9 +++++++++


diff --git a/key_exchange/ecdh/kx-derive b/key_exchange/ecdh/kx-derive
new file mode 100755
index 0000000000000000000000000000000000000000..7eb24ff7e9cb414ccf1e202af014beebb882999c
--- /dev/null
+++ b/key_exchange/ecdh/kx-derive
@@ -0,0 +1,16 @@
+#! /bin/bash 
+
+cd $(dirname $0)
+KEYS_DIR=./keys
+
+if [ "$#" != 2 ]; then
+	echo "Usage: $0 <profile> <peer>"
+	exit 1
+fi
+
+test -d ${KEYS_DIR} || mkdir -p ${KEYS_DIR}
+
+profile=$1
+peer=$2
+
+openssl pkeyutl -derive -inkey  ${KEYS_DIR}/"${profile}.pem" -peerkey ${KEYS_DIR}/"${peer}-pub.pem" -out "${profile}-${peer}.key"




diff --git a/key_exchange/ecdh/kx-export-pub b/key_exchange/ecdh/kx-export-pub
new file mode 100755
index 0000000000000000000000000000000000000000..e1701bb05f9e7dda5469b407f6be5ff5fd6640ea
--- /dev/null
+++ b/key_exchange/ecdh/kx-export-pub
@@ -0,0 +1,16 @@
+#! /bin/bash 
+
+cd $(dirname $0)
+KEYS_DIR=./keys
+
+if [ "$#" != 1 ]; then
+	echo "Usage: $0 <profile>"
+	exit 1
+fi
+
+test -d ${KEYS_DIR} || mkdir -p ${KEYS_DIR}
+
+profile=$1
+
+#openssl pkey -in ${KEYS_DIR}/"${profile}.pem" -pubout -out ${KEYS_DIR}/"${profile}-pub.pem"
+openssl ec -in ${KEYS_DIR}/"${profile}.pem" -pubout -out ${KEYS_DIR}/"${profile}-pub.pem"




diff --git a/key_exchange/ecdh/kx-gen-keypair b/key_exchange/ecdh/kx-gen-keypair
new file mode 100755
index 0000000000000000000000000000000000000000..a91d988e3370d6226396df04f859f05713ca5c43
--- /dev/null
+++ b/key_exchange/ecdh/kx-gen-keypair
@@ -0,0 +1,16 @@
+#! /bin/bash 
+
+cd $(dirname $0)
+KEYS_DIR=./keys
+
+if [ "$#" != 1 ]; then
+	echo "Usage: $0 <profile>"
+	exit 1
+fi
+
+test -d ${KEYS_DIR} || mkdir -p ${KEYS_DIR}
+
+profile=$1
+
+#openssl genpkey -paramfile ${KEYS_DIR}/dhp.pem -out ${KEYS_DIR}/"${profile}.pem"
+openssl ecparam -in ${KEYS_DIR}/prime256v1.pem -genkey -noout -out ${KEYS_DIR}/"${profile}.pem"




diff --git a/key_exchange/ecdh/kx-init-dh b/key_exchange/ecdh/kx-init-dh
new file mode 100755
index 0000000000000000000000000000000000000000..93d6e3ae8366f3533aabdb24d7f659db25731de9
--- /dev/null
+++ b/key_exchange/ecdh/kx-init-dh
@@ -0,0 +1,9 @@
+#! /bin/bash -x
+
+cd $(dirname $0)
+WORK_DIR=./keys
+
+test -d ${WORK_DIR} || mkdir -p ${WORK_DIR}
+
+
+openssl ecparam -name prime256v1 -out ${WORK_DIR}/prime256v1.pem