ecdh.rb

#openssl 
require 'openssl'
require 'base64'
require "digest"
include OpenSSL
 
def aes256_encrypt(key, data)
  key = Digest::SHA256.digest(key) if(key.kind_of?(String) && 32 != key.bytesize)
  aes = OpenSSL::Cipher.new('AES-256-CBC')
  aes.encrypt
  aes.key = key
  aes.update(data) + aes.final
end
 
def aes256_decrypt(key, data)
  key = Digest::SHA256.digest(key) if(key.kind_of?(String) && 32 != key.bytesize)
  aes = OpenSSL::Cipher.new('AES-256-CBC')
  aes.decrypt
  aes.key = key
  aes.update(data) + aes.final
end

#for i in (0..100) do
  # ECDH implementation https://github.com/nappa/eliptic_curve_names/blob/master/README.md
  group = "secp128r2"
  # client
  c = OpenSSL::PKey::EC.new(group) 
  # generate EDCH key on client
  c.generate_key
  pub_c = c.public_key.to_bn
  puts "Client Public Key: #{pub_c}, length: #{pub_c.to_s.length}"

  # generate ECDH key on server
  s = OpenSSL::PKey::EC.new(group)
  s.generate_key
  pub_s = s.public_key.to_bn
  puts "Server Public Key: #{pub_s}, length: #{pub_s.to_s.length}"

  
  # generate shared secret on client using server public key
  client_ss = c.dh_compute_key(s.public_key)
  c_ss = client_ss.unpack('H*').join("")
  puts "Client Shared Secret (HEX): #{c_ss}"
  
  # encrypt/decript using aes 256
  # encrypt using client shared secret as key
  msg = "testing encryption"
  encrypted_data = aes256_encrypt(c_ss, msg)
  puts "Plain Text: '#{msg}'\nbyte size: #{msg.bytesize}"
  puts "Encrypted data (HEX): #{encrypted_data.unpack('H*').join("")}"
  
  # lets try to decrypt using client public key
  
  # generate shared secret on server using client public key
  server_ss = s.dh_compute_key(c.public_key)
  s_ss = server_ss.unpack('H*').join("")
  puts "Server Shared Secret (HEX): #{s_ss}"
  
  # lets decrypt
  decrypted_data = aes256_decrypt(s_ss, encrypted_data)
  puts "Decrypted data (TEXT): '#{decrypted_data}'\nbyte size: #{decrypted_data.bytesize}"
#end