We’re trying to use Crypto++ to implement Blockstack encryption/decryption support on iOS.

So far we’ve been able to use Crypto++ to encrypt/decrypt data using keys generated by Blockstack. We’re we are still somewhat stuck is interoperability between the Blockstack web encryption and Crypto++.

Crypto++'s built-in ECIES encryptor output is a byte array without direct access to the {K, C, T} tuple ("… output of the encryption function is the tuple {K,C,T}, where K is the encrypted common secret, C is the ciphertext, and T is the authentication tag." - https://www.cryptopp.com/wiki/Elliptic_Curve_Integrated_Encryption_Scheme). I’m looking to examine their decryptor code to see how the tuple may be extracted, which would then just leave deriving a shared ephemeral public key and mac from the data in the tuple. However, I still have doubts about compatiblity between this and Blockstack encryption–can anyone suggest if this is obviously not going to work?

I also looked into replicating Blockstack’s encryptECIES code from encryption.js directly. The key exchange/shared secret derivation seems like it may be incompatible. Crypto++ give this solution using the ECDH Agree function to arrive at a shared key: https://www.cryptopp.com/wiki/Elliptic_Curve_Diffie-Hellman#Ephemeral_Key_as_.28x.2Cy.29. Is this compatible with blockstack’s shared key derivation? (When looking at encrytpion.js’ sharedSecretToKeys, I’m somewhat doubtful.)

In reading on the subject I came across this quote “ECIES is defined ambiguously, with at least 576 possible combinations of options and algorithms defined over at least four standards, even before considering curve choices [*], and assuming correct implementation.” (https://github.com/zcash/zcash/issues/558) That’s a bit worrisome–any suggestions on how to better approach this problem are welcome as I’m relatively new to crypto?