OpenSSL 3.0.0 APIs for creating an EVP_PKEY from a p256 private key octet string
Stephen Farrell
stephen.farrell at cs.tcd.ie
Wed Mar 10 00:53:31 UTC 2021
Hiya,
On 09/03/2021 03:09, Benjamin Kaduk wrote:
> I would have expected that the API should hide the differences
> other than the group name ... but these APIs are still pretty
> new to me, too. If you can point me at your code I might have
> more to say.
So again it's probably my fault but I'm still not seeing the
same behaviour for NIST and non-NIST curves. I made up what
I hope is a fairly simple bit of test code [1] so that might
help clarify where I'm wrong or (less likely) where a change
in the library might be useful.
As I build the test code, the p256 cases seem to work, with
or without the public key, but both 25519 cases fail. In my
(still untidy:-) HPKE code EVP_PKEY_new_raw_private_key
for the non-NIST curves works, but not for NIST curves. So I
have an ok workaround, even if the fault's not mine, which
it of course probably is:-)
Cheers,
S.
[1] https://github.com/sftcd/happykey/blob/master/test2evp.c
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x5AB2FAF17B172BEA.asc
Type: application/pgp-keys
Size: 10689 bytes
Desc: not available
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20210310/55fbcbfb/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20210310/55fbcbfb/attachment.sig>
More information about the openssl-users
mailing list