openssl 3.0.0 get ECC public key modulus from EVP_PKEY
Matt Caswell
matt at openssl.org
Wed Oct 13 16:06:21 UTC 2021
On 12/10/2021 23:37, Ken Goldman wrote:
> In pre-3.0.0, I used this, omitting the error checking, malloc, ...
>
> ecPoint = EC_KEY_get0_public_key(ecKey);
> ecGroup = EC_KEY_get0_group(ecKey);
> EC_POINT_point2oct(ecGroup, ecPoint,
> POINT_CONVERSION_UNCOMPRESSED,
> *modulusBin, *modulusBytes, NULL);
>
> In 3.0.0, I tried this, expecting to get a BIGNUM and then convert
>
> irc = EVP_PKEY_get_bn_param(eccKey, OSSL_PKEY_PARAM_PUB_KEY,
> (BIGNUM **)pub);
>
> It returns 0.
>
> What's the correct way to get the uncompressed ECC public key?
>
Refer to this man page:
https://www.openssl.org/docs/man3.0/man7/EVP_PKEY-EC.html
For an EC key, the public key parameter is:
"pub" (OSSL_PKEY_PARAM_PUB_KEY) <octet string>
The public key value in EC point format.
You will note that this is an octet string and not an integer which is
why EVP_PKEY_get_bn_param is failing.
Alternatively you could get the x and y components of the public key
separately using:
"qx" (OSSL_PKEY_PARAM_EC_PUB_X) <unsigned integer>
Used for getting the EC public key X component.
"qy" (OSSL_PKEY_PARAM_EC_PUB_Y) <unsigned integer>
Used for getting the EC public key Y component.
In this case EVP_PKEY_get_bn_param would be appropriate.
Matt
More information about the openssl-users
mailing list