EVP_PKEY_get_int_param is not getting degree from EC key
Blumenthal, Uri - 0553 - MITLL
uri at ll.mit.edu
Tue Jan 4 14:17:00 UTC 2022
Now I became interested. ;-)
Theoretically, shouldn’t
EVP_PKEY_get_int_param(pkey, OSSL_PARAM_EC_ORDER, &(unsigned int)order)
work? I verified that it does not seem to work, at least in the obvious context.
What is the purpose of that parameter and function call, and where/how can one use it?
Regards,
Uri
> On Jan 4, 2022, at 03:36, Tomas Mraz <tomas at openssl.org> wrote:
>
> On Tue, 2022-01-04 at 02:33 +0100, Wolf wrote:
>> Thank you for the answer!
>>
>>> On 2022-01-03 10:11:19 +0100, Tomas Mraz wrote:
>>> You're using the secp384r1 curve which is a prime field curve. The
>>> OSSL_PKEY_PARAM_EC_CHAR2_M parameter can be obtained only for
>>> binary
>>> field curves.
>>>
>>> If you have a group NID for the curve of the EC key, you could use:
>>>
>>> EC_GROUP *group = EC_GROUP_new_by_curve_name_ex(NULL, NULL, nid);
>>>
>>> to create the group to call EC_GROUP_get_degree() on.
>>>
>>> Of course if you can have an EC key with arbitrary explicit group
>>> parameters, that would not work.
>>
>> That is sadly the case of me.
>>
>>> But you can then use number of bits of the OSSL_PKEY_PARAM_EC_P
>>> parameter as the degree for prime field curves.
>>
>> So, I've tried following your advice, but for some reason it is still
>> failing for me. I've modified my example program to be:
>
> You need to use EVP_PKEY_get_bn_param() to get the P parameter and
> BN_num_bits() to count the number of bits of the P value.
>
>
> --
> Tomáš Mráz, OpenSSL
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5819 bytes
Desc: not available
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20220104/357b08f9/attachment.bin>
More information about the openssl-users
mailing list