EVP_PKEY_get_raw_public_key fails with OpenSSL 3.0
Matt Caswell
matt at openssl.org
Fri Nov 11 09:42:06 UTC 2022
On 11/11/2022 00:49, James Muir wrote:
> On 2022-11-10 18:35, fus at plutonium24.de wrote:
>> I have been using EVP_PKEY_get_raw_public_key with OpenSSL 1.1.1
>> without any problems to extract a raw public key (secp521r1, NIST
>> curve P-521). With OpenSSL 3.0 this fails. I'm using this call to get
>> the raw public key and to compare it with a reference value I have and
>> I also check that the group name is "secp521r1".
>
> That doesn't work in 3.0.
>
> Quoting from
> https://www.openssl.org/docs/manmaster/man3/EVP_PKEY_new.html :
>
> <quote>
> EVP_PKEY_get_raw_public_key() fills the buffer provided by pub with raw
> public key data. The size of the pub buffer should be in *len on entry
> to the function, and on exit *len is updated with the number of bytes
> actually written. If the buffer pub is NULL then *len is populated with
> the number of bytes required to hold the key. The calling application is
> responsible for ensuring that the buffer is large enough to receive the
> public key data. This function only works for algorithms that support
> raw public keys. Currently this is: EVP_PKEY_X25519, EVP_PKEY_ED25519,
> EVP_PKEY_X448 or EVP_PKEY_ED448.
> </quote>
>
That text exists even in the 1.1.1 version of the man page:
https://www.openssl.org/docs/man1.1.1/man3/EVP_PKEY_get_raw_public_key.html
I am surprised that this was working in 1.1.1....from code inspection I
can't see how it would since EC keys seem to lack the necessary support.
I threw together some test code to check this using 1.1.1:
#include <openssl/ec.h>
#include <openssl/evp.h>
#include <openssl/bio.h>
#include <openssl/err.h>
#include <stdio.h>
#include <stdlib.h>
int main(void)
{
EC_KEY *key = EC_KEY_new_by_curve_name(NID_secp521r1);
EVP_PKEY *pkey = EVP_PKEY_new();
unsigned char rawkey[1024];
size_t keylen = sizeof(rawkey);
if (key == NULL || pkey == NULL) {
printf("Failed to allocate keys\n");
goto err;
}
if (!EC_KEY_generate_key(key)) {
printf("Failed to generate key\n");
goto err;
}
if (!EVP_PKEY_assign_EC_KEY(pkey, key)) {
printf("Failed to assign EC_KEY\n");
goto err;
}
if (!EVP_PKEY_get_raw_public_key(pkey, rawkey, &keylen)) {
printf("Failed to get raw public key\n");
goto err;
}
printf("Raw key is:\n");
BIO_dump_fp(stdout, rawkey, keylen);
printf("\n");
return EXIT_SUCCESS;
err:
ERR_print_errors_fp(stdout);
return EXIT_FAILURE;
}
Running this I get:
$ openssl version
OpenSSL 1.1.1t-dev xx XXX xxxx
$ ./eckeygen
Failed to get raw public key
140164760770368:error:060CB096:digital envelope
routines:EVP_PKEY_get_raw_public_key:operation not supported for this
keytype:crypto/evp/p_lib.c:309:
So, I don't understand how this ever worked for you. There must be
something slightly strange about your key/setup??
Matt
> You were reading the P521 public-key previously (with 1.1.1), but in
> what format was it sent you? Do you want just the bytes of the public
> EC point?
>
> -James M
>
More information about the openssl-users
mailing list