Sahamati / rahasya

The project aims to simplify the usage of ECC curve (curve25519) with Diffie-Hellman Key exchange. The work is inline with the Account Aggregator Specification.
Apache License 2.0
13 stars 20 forks source link

create x25519 service mirroring the ecc service #16

Closed saukap closed 3 years ago

saukap commented 3 years ago

Created an x25519 service which is an almost exact copy of the ECC service with the following differences:

  1. X25519 algorithm is used to generate keys and secret keys
  2. For PEM encoding and decoding we now use BouncyCastle methods instead of constructing the strings ourselves
  3. The ECC tests have been modified to use x25519 style keys.

With this implemenation we have been able to perform the Diffie Helman Key Exchange with our service written in Python (uses OpenSSL under the hood). Further, we have been able to decrypt data in Python that is encrypted by the Java service.

Without this change we are not able to load, using OpenSSL, the public key that is generated by the EC service. This is because that's a generic EC key and stores all the Curve25519 information within it.

gsasikumar commented 3 years ago

@saukap Thanks for the fix i will review this by next week and we will take it the closure.