Setting a group to an existing EVP_PKEY in OpenSSL 3
amartin at xtec.com
amartin at xtec.com
Mon Oct 24 23:35:15 UTC 2022
Kory,
Thanks for your response. I want to preserve the rest of the EC public key params. I did this. I haven’t test yet.
OSSL_PARAM* extracted_params = NULL;
char curve_name[64];
OSSL_PARAM* param_ecgroup = NULL;
// sigkey is the EVP_PKEY ECDSA public key
if (EVP_PKEY_todata(sigkey, EVP_PKEY_PUBLIC_KEY, &extracted_params) == 0)
{
// error
}
curve_name = OSSL_EC_curve_nid2name(nid));
if (curve_name == NULL)
{
// error
}
if ((param_ecgroup = OSSL_PARAM_locate(params, "group")) != NULL)
{
OSSL_PARAM_set_utf8_string(param_ecgroup, curve_name);
}
else
{
// error
}
Martin
From: Kory Hamzeh <kory at avatarci.com>
Sent: Monday, October 24, 2022 7:22 PM
To: amartin at xtec.com
Cc: openssl-users at openssl.org
Subject: Re: Setting a group to an existing EVP_PKEY in OpenSSL 3
I haven’t done exactly what you are trying, but something similar.
See EVP_PKEY_set_params:
https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_set_params.html
The specific parm to set the group could be set like this:
OSSL_PARAM_BLD_push_utf8_string(param_bld, "group",
curve, 0;
Please note that that I have not tested the above code as my code uses key-from-data. But I think it should work.
On Oct 24, 2022, at 2:31 PM, Martin via openssl-users <openssl-users at openssl.org <mailto:openssl-users at openssl.org> > wrote:
Hi,
How can I set a GROUP to an existing EC type EVP_PKEY in OpenSSL 3?
In 1.0.2 I was using this code having the EC_KEY:
EC_KEY_set_group(eckey, EC_GROUP_new_by_curve_name(nid));
In OpenSSL 3 still EC_GROUP_new_by_curve_name(nid) can be used, but I don’t know how to go from that to set it on the existing key.
Thanks,
Martin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20221024/00f72e0a/attachment.htm>
More information about the openssl-users
mailing list