[openssl-users] Incompatible Object error from EC_POINT_mul

Nicola nic.tuv at gmail.com
Mon Oct 8 07:35:33 UTC 2018 

Hi,

I did not run this in the debugger, but one issue is that you are not
initializing `pub` before calling EC_POINT_mul : try adding

pub = EC_POINT_new(curve);
(and check for errors making sure pub is not null afterwards).

Hope this helps!


Best regards,

Nicola


On Mon, Oct 8, 2018, 00:31 John Hughes <john.hughes at secid.co.uk> wrote:

> I'm trying to generate a public key from a private key generated on a HSM
> (and obtained by calling PKCS#11). Everything works fine until I call
> EC_POINT_mul - at which point I get the error message:
>
>        error:100BB065:elliptic curve routines:ec_wNAF_mul:incompatible
> objects
>
> I have checked the BIGNUM conversion - and that seems to be fine. The key
> pair on the HSM is also generated using brainpoolP256r1.
>
> The basis of the code can be found at the end of the email. I'm basically
> trying to follow the example provided in:
>         https://wiki.openssl.org/index.php/Elliptic_Curve_Cryptography.
>
> I'm using openssl 1.10h
>
> Any pointers or help would be appreciated.
>
>
> John
>
> ---------------------------------------------------------------
>
>
>         BN_CTX *ctx;
>         ctx = BN_CTX_new();
>         if(!ctx) {
>                 outputInfo("unable to create openssl BN_CTX");
>                 return;
>         }
>
>         EC_GROUP *curve;
>
>         outputInfo("about to create EC_GROUP_new_by_curve_name");
>         if(NULL == (curve =
> EC_GROUP_new_by_curve_name(NID_brainpoolP256r1))) {
>                 outputERRORmess("unable to setup curve");
>         }
>
>         outputInfo("about to create EC_KEY_new_by_curve_name");
>         EC_KEY *key;
>         if(NULL == (key = EC_KEY_new_by_curve_name(NID_brainpoolP256r1))) {
>                 outputERRORmess("unable to setup EC_KEY");
>         }
>
>         // now get the private key contained in CKA_VALUE via PKCS#111 and
> place in *attrPrivate.pValue
>
>                 .......... (handle error)
>
>         EC_POINT *pub;
>
>
>         BIGNUM *prv = BN_bin2bn((unsigned char*)attrPrivate.pValue,
> attrPrivate.ulValueLen, NULL);
>         if (prv == NULL) {
>
>         ...... (handle error)
>         }
>
>         if (1 != EC_KEY_set_private_key(key, prv)) {
>
>                 ........ (handle error)
>         }
>
>         if (1 != EC_POINT_mul(curve, pub, prv, NULL, NULL, ctx)) {
>                 outputInfo("unable to calculate the public key from the
> HSM's private key using EC_POINT_mul");
>                 (handle error)
>
>         }
>
>
>
>
>
>
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20181008/bcd98715/attachment-0001.html>

More information about the openssl-users mailing list