ECDH in gcrypt

Stef Bon stefbon at gmail.com
Fri Feb 9 19:24:28 CET 2018


Hi Michael,

you cannot call a function "do dh" or "do ecdh" with gcrypt.

What you can do with gcrypt is the generation of ephemeral key pair
(client) and write the public key as string to a buffer,
and create the exchange hash, and verify the signature received from the server.

See: https://tools.ietf.org/html/rfc5656#section-4
The creation of the shared secret is specific to the algorithm used.
Sometimes an extra library is required (with
curve25519-sha256 at libssh.org for example).

See: https://git.libssh.org/projects/libssh.git/tree/doc/curve25519-sha256@libssh.org.txt

Stef



More information about the Gcrypt-devel mailing list