[openssl-users] Naive: how to generate EC public key from EC private key?

Blumenthal, Uri - 0553 - MITLL uri at ll.mit.edu
Tue Mar 22 22:49:49 UTC 2016


One more hurdle passed. The code is working perfect, AFAIK.
‎
Now one small question: how do I ensure that ‎RAND_engine (and therefore Intel RDRAND output) is being used for the key generation in
   EVP_PKEY_keygen(ctx, &newkey);

Is just loading RAND_engine enough for that?‎
‎
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
  Original Message  
From: Viktor Dukhovni‎
Sent: Sunday, March 20, 2016 22:39‎
To: openssl-users at openssl.org
Reply To: openssl-users at openssl.org
Subject: Re: [openssl-users] Naive: how to generate EC public key from EC	private key?


> On Mar 20, 2016, at 10:32 PM, Blumenthal, Uri - 0553 - MITLL <uri at ll.mit.edu> wrote:
> 
> dup_ekey = EVP_PKEY_get1_EC_KEY(pubkey);
> group = (EC_GROUP*) EC_KEY_get0_group(dup_ekey);

Declare the group as:

const EC_GROUP *group;

Then:

group = EC_KEY_get0_group();

> nid = EC_GROUP_get_curve_name(group);
> printf("wrap: Deriving ECC keys over curve \"%s\"\n",
> EC_curve_nid2nist(nid));
‎
This is fine.


> EC_GROUP_free(group);

This is very wrong. You're not supposed to free the group.
Note the "get0_group", you're not getting a copy...

-- 
Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4350 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160322/0fd24ce3/attachment.bin>


More information about the openssl-users mailing list