Question about migrating from d2i_ECPrivateKey() to d2i_PrivateKey(EVP_PKEY_EC, ...)
Viktor Dukhovni
openssl-users at dukhovni.org
Tue Nov 22 23:57:02 UTC 2022
On Tue, Nov 22, 2022 at 11:09:07AM -0600, Nico Williams wrote:
> > Not exactly, PKCS#8-based typing is used in d2i_PKCS8_PRIV_KEY_INFO()
> > (for unencrypted PKCS#8 blobs, so no password callback). The
> > d2i_PrivateKey() function takes an explicit pkey_type instead.
>
> Hmmm, well, d2i_PrivateKey() takes an explicit pkey_type, yes, but it's
> not sufficiently informative for ECDH, being just EVP_PKEY_EC. Or are
> there more informative type values I've not discovered yet? When I call
> d2i_PrivateKey(EVP_PKEY_EC, ...) it wants a PKCS#8 encoded private key.
Do you mean ECDH or ECDSA? These are not exactly the same use case.
What are you actually doing? Are you really doing static ECDH key
agreement?
--
VFiktor.
More information about the openssl-users
mailing list