Question about migrating from d2i_ECPrivateKey() to d2i_PrivateKey(EVP_PKEY_EC, ...)
Nico Williams
nico at cryptonector.com
Fri Nov 18 22:53:44 UTC 2022
I've some source code using deprecated EC_KEY APIs that does this:
group = EC_GROUP_new_by_curve_name(groupnid);
EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
key = EC_KEY_new();
EC_KEY_set_group(key, group);
pkey = &key;
/* `p' has the private key of length `len' */
result = d2i_ECPrivateKey(pkey, &p, len);
I need to update it to use EVP_PKEY APIs. That should be easy enough, I
thought, but I'm lost on how to replace the EC_KEY_set_group() call.
I can't use d2i_PrivateKey() because that requires an existing
EVP_PKEY * that has the group already set.
So use d2i_PrivateKey_ex()? But I don't see how it gets the group
either. Is it via the propq parameter? How?
If this is described in the docs, I've missed it.
Thanks,
Nico
--
More information about the openssl-users
mailing list