[openssl-users] EVP_PKEY_set1_EC_KEY seems to not set something that EVP_PKEY_derive needs
Ethan Rahn
ethan.rahn at gmail.com
Sat Mar 11 20:47:58 UTC 2017
Wow,
That was quite the oversight of mine. That fixed the issue. Thanks so much,
I appreciate your patience in dealing with my confusion over the APIs!
Cheers,
Ethan
On Sat, Mar 11, 2017 at 12:28 PM, Matt Caswell <matt at openssl.org> wrote:
>
>
> On 11/03/17 18:38, Ethan Rahn wrote:
> > size_t sharedSecretLen = 0;
>
> Set this to sizeof(sharedSecret).
>
> >
> > // Now derive the Shared Secret
> > EVP_PKEY_CTX *ctx;
> >
> > ctx = EVP_PKEY_CTX_new(pkey, NULL);
> > if (!ctx){
> > fprintf( stderr, "Failed to make EVP_PKEY ctx\n" );
> > ERR_load_crypto_strings();
>
> This should be called once at the start of your program - *before* any
> calls that might generate an error.
>
> > if (EVP_PKEY_derive(ctx, sharedSecret, &sharedSecretLen) <= 0){
>
> From the EVP_PKEY_derive documentation:
>
> https://www.openssl.org/docs/man1.0.2/crypto/EVP_PKEY_derive.html
>
> "If key is not NULL then before the call the keylen parameter should
> contain the length of the key buffer, if the call is successful the
> shared secret is written to key and the amount of data written to keylen."
>
> Matt
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170311/0550748f/attachment-0001.html>
More information about the openssl-users
mailing list