Hi Oleksandr,

I understand you want to validate your implementation against the test vectors in the cited reference. It's obvious, but just in case my reply is read out of context some day, I want to emphasize: what I'm recommending below is for testing purposes only, importing a private key from a public reference must never be done in production.

In your situation the simplest way to proceed is probably to directly import the private and public key from the test vector to your ECDH context.

For example (assuming the data in the reference is big-endian, and omitting error checking for brevity):

static unsigned char private_a[32] = { 0x3f, 0x49, /* ... from the reference */ };
static unsigned char public_a[65] = {
0x04, /* this special value marks the start of an uncompressed public key */
0x20, 0xb0, /* ... (public A(x) from the reference) */
0xdc, 0x80, /* ... (public B(x) from the reference) */
};
static mbedtls_ecdh_context ctx_a;

mbedtls_ecdh_init(&ctx_a);

/* load the private/public key pair
 * this replaces mbedtls_ecdh_gen_public() */
mbedtls_mpi_read_binary( &ctx_a->d, private_a, sizeof( private_a ) ); /* should check errors! */
mbedtls_ecp_point_read_binary( &ctx_a->Q, public_a, sizeof( public_a ) ); /* should check errors! */

Doing the same with ctx_b and then exchanging public keys and computing the shared secret as usual, you should obtain values that match the reference.

Again, this is only for validating against known test vectors. Importing a private key from a public reference must never be done in production.

Hope that helps,
Manuel.


From: mbed-tls <mbed-tls-bounces@lists.trustedfirmware.org> on behalf of Oleksandr Nychyporuk via mbed-tls <mbed-tls@lists.trustedfirmware.org>
Sent: 22 June 2020 15:33
To: mbed-tls@lists.trustedfirmware.org <mbed-tls@lists.trustedfirmware.org>
Subject: [mbed-tls] ECDH set custom private key
 
Hi,

I wanna configure the ECDH algorithm to repeat the following keys:
image.png

I was able to configure the algorithm, generate private and public keys on both: client and server sides. And it works as expected. The secret keys are equal on both sides.
But I did not manage to calculate the secret key that is on the picture. I do not know how to set these private keys. Could someone help me to do that?

Thanks,