<div dir="auto">Hi,<div dir="auto"><br></div><div dir="auto">I did not run this in the debugger, but one issue is that you are not initializing `pub` before calling EC_POINT_mul : try adding</div><div dir="auto"><br></div><div dir="auto">pub = EC_POINT_new(curve);</div><div dir="auto">(and check for errors making sure pub is not null afterwards). </div><div dir="auto"><br></div><div dir="auto">Hope this helps! </div><div dir="auto"><br></div><div dir="auto"><br></div><div dir="auto">Best regards, </div><div dir="auto"><br></div><div dir="auto">Nicola</div><br><br><div class="gmail_quote" dir="auto"><div dir="ltr">On Mon, Oct 8, 2018, 00:31 John Hughes <<a href="mailto:john.hughes@secid.co.uk" target="_blank" rel="noreferrer">john.hughes@secid.co.uk</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I'm trying to generate a public key from a private key generated on a HSM<br>
(and obtained by calling PKCS#11). Everything works fine until I call<br>
EC_POINT_mul - at which point I get the error message:<br>
<br>
error:100BB065:elliptic curve routines:ec_wNAF_mul:incompatible<br>
objects<br>
<br>
I have checked the BIGNUM conversion - and that seems to be fine. The key<br>
pair on the HSM is also generated using brainpoolP256r1.<br>
<br>
The basis of the code can be found at the end of the email. I'm basically<br>
trying to follow the example provided in:<br>
<a href="https://wiki.openssl.org/index.php/Elliptic_Curve_Cryptography" rel="noreferrer noreferrer noreferrer" target="_blank">https://wiki.openssl.org/index.php/Elliptic_Curve_Cryptography</a>.<br>
<br>
I'm using openssl 1.10h<br>
<br>
Any pointers or help would be appreciated.<br>
<br>
<br>
John<br>
<br>
---------------------------------------------------------------<br>
<br>
<br>
BN_CTX *ctx;<br>
ctx = BN_CTX_new();<br>
if(!ctx) {<br>
outputInfo("unable to create openssl BN_CTX");<br>
return;<br>
}<br>
<br>
EC_GROUP *curve;<br>
<br>
outputInfo("about to create EC_GROUP_new_by_curve_name");<br>
if(NULL == (curve =<br>
EC_GROUP_new_by_curve_name(NID_brainpoolP256r1))) {<br>
outputERRORmess("unable to setup curve");<br>
}<br>
<br>
outputInfo("about to create EC_KEY_new_by_curve_name");<br>
EC_KEY *key;<br>
if(NULL == (key = EC_KEY_new_by_curve_name(NID_brainpoolP256r1))) {<br>
outputERRORmess("unable to setup EC_KEY");<br>
}<br>
<br>
// now get the private key contained in CKA_VALUE via PKCS#111 and<br>
place in *attrPrivate.pValue <br>
<br>
.......... (handle error)<br>
<br>
EC_POINT *pub;<br>
<br>
<br>
BIGNUM *prv = BN_bin2bn((unsigned char*)attrPrivate.pValue,<br>
attrPrivate.ulValueLen, NULL);<br>
if (prv == NULL) {<br>
<br>
...... (handle error)<br>
}<br>
<br>
if (1 != EC_KEY_set_private_key(key, prv)) {<br>
<br>
........ (handle error)<br>
}<br>
<br>
if (1 != EC_POINT_mul(curve, pub, prv, NULL, NULL, ctx)) {<br>
outputInfo("unable to calculate the public key from the<br>
HSM's private key using EC_POINT_mul");<br>
(handle error)<br>
<br>
}<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
-- <br>
openssl-users mailing list<br>
To unsubscribe: <a href="https://mta.openssl.org/mailman/listinfo/openssl-users" rel="noreferrer noreferrer noreferrer" target="_blank">https://mta.openssl.org/mailman/listinfo/openssl-users</a><br>
</blockquote></div>
</div>