[openssl-users] Problems with deriving EC public key from private

Mike Blaguszewski mikeb at preveil.com
Tue Dec 18 05:59:09 UTC 2018

On Dec 17, 2018, at 11:42 PM, Billy Brumley <bbrumley at gmail.com> wrote:
> But 0.4% is suspiciously close to 1/256, so I'm willing to bet your
> problem surrounds your size assumptions in various functions. Check
> the manpage of e.g. EC_POINT_point2oct and grep for usage in the
> library, but the idea is to pass NULL first, then malloc, then pass
> that pointer. BN_bn2bin is different. Probably the size won't be fixed
> (e.g., there is a 1/256 chance you'll have one byte less, i.e. leading
> zero).

Thanks so much! That was exactly it. Switching from BN_bn2bin() to EC_KEY_priv2oct() resolves the problem. (As does BN_bn2binpad(), but using the more standard binary format seems preferable.) I will also look into pre-flighting the calls with a NULL buffer.


P.S. not sure why it crashed for you, but I’d guess some combination of different OpenSSL versions and an error return being ignored by the sample code. I appreciate you taking a look despite that.

More information about the openssl-users mailing list