[openssl-users] Naive: how to generate EC public key from EC private key?
Blumenthal, Uri - 0553 - MITLL
uri at ll.mit.edu
Mon Mar 21 02:32:35 UTC 2016
Thank you!!
Now the code works (using the outline Stephen suggested, as it is simpler
:)!
I still have a few questions/issues.
1. EVP_PKEY_get0_EC_KEY(key) is only defined for 1.1. I had to use
EVP_PKEY_get1_EC_KEY(key) with 1.0.2g. (this is not a problem - just a
remark)
2. For some reason the following code does not work - subsequent requests
that involve pub key fail:
dup_ekey = EVP_PKEY_get1_EC_KEY(pubkey);
group = (EC_GROUP*) EC_KEY_get0_group(dup_ekey);
nid = EC_GROUP_get_curve_name(group);
printf("wrap: Deriving ECC keys over curve \"%s\"\n",
EC_curve_nid2nist(nid));
EC_GROUP_free(group);
EC_KEY_free(dup_ekey);
But if I move the two XXX_free() calls to the end of the function -
everything is fine. So in my working version of the code these lines are
just before the return, after everything has been done. But I don’t
understand why it behaves that way, given the man pages here:
https://www.openssl.org/docs/man1.0.2/crypto/EVP_PKEY_set1_RSA.html
3. If in the above fragment I try
dup_ekey = EVP_PKEY_assign_EC_KEY(pubkey);
Then the entire fragment does not work.
Thanks again for your help (as I said, with your guidance the code now
works), and I’d appreciate some light on the above peculiarities.
--
Regards,
Uri Blumenthal
On 3/18/16, 21:11, "openssl-users on behalf of Dr. Stephen Henson"
<openssl-users-bounces at openssl.org on behalf of steve at openssl.org> wrote:
>On Fri, Mar 18, 2016, Viktor Dukhovni wrote:
>
>> On Fri, Mar 18, 2016 at 06:59:36PM +0000, Blumenthal, Uri - 0553 -
>>MITLL wrote:
>>
>> > Answered my own question: should use EVP_PKEY_bits(pkey) instead.
>>
>> That's not the right way to determine the curve id.
>>
>> > >How do I determine what curve the above key is on?
>>
>> For that you need to determine the EVP_PKEY algorithm type:
>>
>> int type = EVP_PKEY_base_id(pkey);
>>
>> if (type == EVP_PKEY_EC) {
>> EC_KEY *key = EVP_PKEY_get0_EC_KEY(pkey);
>> EC_GROUP *group = EC_KEY_get0_group(key);
>>
>> /* Use that group to generate more points */
>> }
>>
>> So you don't need code to specifically identify the group, but if
>> you want to constrain the supported groups:
>>
>> switch (EC_GROUP_get_curve_name(group)) {
>> case NID_undef:
>> default:
>> /* Unknown or not named group */
>>
>> case NID_X9_62_prime256v1:
>> /* P-256 */
>> ...
>>
>> case NID_secp384r1:
>> /* P-384 */
>>
>> ...
>> }
>>
>
>There is another way too. An EVP_PKEY can also be used to contain
>parameters
>and it is permissible to pass a private or public key as a set of
>parameters.
>
>In outline you call:
>
> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new(privkey, NULL);
> EVP_PKEY_keygen_init(pctx);
> EVP_PKEY_keygen(pctx, &newkey);
> EVP_PKEY_CTX_free(pctx);
>
>This works with other algorithms like DSA/DH too so you'll probably want
>to
>check the key is of the correct type first.
>
>Steve.
>--
>Dr Stephen N. Henson. OpenSSL project core developer.
>Commercial tech support now available see: http://www.openssl.org
>--
>openssl-users mailing list
>To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
More information about the openssl-users
mailing list