OpenSSL 3.0.0 APIs for creating an EVP_PKEY from a p256 private key octet string

Stephen Farrell stephen.farrell at
Mon Mar 8 02:23:36 UTC 2021


My question: how does one setup an EVP_PKEY for a NIST
curve (e.g. p256) key pair when one has the private key
in an octet string using the latest OpenSSL 3.0.0 high
level APIs?

I'm trying to get rid of deprecation warnings from my
code for HPKE [1] when dealing with NIST curves using
the new (I guess?) OSSL_PARAM_* approach. I'm failing
at the moment;-)

So, given an octet string from a set of test vectors
(e.g. [2]) what's the proper way to setup an EVP_PKEY
for that to allow one to validate the test vectors?

Happy to try produce a stand-alone example for this
in the next few days if one doesn't exist (I've not
found one so far).


-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x5AB2FAF17B172BEA.asc
Type: application/pgp-keys
Size: 10689 bytes
Desc: not available
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the openssl-users mailing list