EVP_PKEY_get_int_param is not getting degree from EC key

Wolf wolf at wolfsden.cz
Mon Jan 3 00:51:02 UTC 2022 

Greetings,

I'm trying to port my program to openssl 3.0 and in the process I need
to replace EC_GROUP_get_degree(EC_KEY_get0_group(ec)) with something
that is not deprecated. I'm trying to use EVP_PKEY_get_int_param with
OSSL_PKEY_PARAM_EC_CHAR2_M, however it does not work. I'm assuming I'm
just doing something wrong, but have no idea what. Would there be any
kind soul willing to point me in the right direction?

I've managed to boil my issue down to this pretty simple reproduction:



#include <stdio.h>
#include <string.h>
#include <err.h>

#include <openssl/core_names.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/rand.h>
#include <openssl/rsa.h>

#define ECCTYPE NID_secp384r1

#define ERR(...) do { warnx(__VA_ARGS__); exit(1); } while(0)

int
main(void)
{
	int degree = 0;
	const char *curve_name;
	EVP_PKEY *pkey = 0;
	const OSSL_PARAM *params = 0;

	if (!(curve_name = OSSL_EC_curve_nid2name(ECCTYPE)))
		ERR("OSSL_EC_curve_nid2name");

	if (!(pkey = EVP_EC_gen(curve_name)))
		ERR("EVP_EC_gen");

	if (!(params = EVP_PKEY_gettable_params(pkey)))
		ERR("EVP_PKEY_gettable_params");

	for (; params->key; params++)
		fprintf(stderr, "Param: `%s'\n", params->key);

	if (!EVP_PKEY_get_int_param(pkey, OSSL_PKEY_PARAM_EC_CHAR2_M, &degree))
		ERR("EVP_PKEY_get_int_param");

	return 0;
}



Compiled with:

	$ gcc -L/tmp/openssl-3.0/install/lib \
		-Wl,-rpath /tmp/openssl-3.0/install/lib \
		-I/tmp/openssl-3.0/install/include /x/repro.c -lssl -lcrypto

Output is:

	$ ./a.out
	Param: `bits'
	Param: `security-bits'
	Param: `max-size'
	Param: `default-digest'
	Param: `encoded-pub-key'
	Param: `decoded-from-explicit'
	Param: `group'
	Param: `encoding'
	Param: `point-format'
	Param: `field-type'
	Param: `p'
	Param: `a'
	Param: `b'
	Param: `generator'
	Param: `order'
	Param: `cofactor'
	Param: `seed'
	Param: `m'
	Param: `basis-type'
	Param: `tp'
	Param: `k1'
	Param: `k2'
	Param: `k3'
	Param: `pub'
	Param: `qx'
	Param: `qy'
	Param: `priv'
	Param: `use-cofactor-flag'
	Param: `include-public'
	a.out: EVP_PKEY_get_int_param

I see that the `m' is present in the parameters, and I've verified that
params->data_type matches OSSL_PARAM_INTEGER, so I'm out of idea why
EVP_PKEY_get_int_param fails to retrieve the value.

Thanks for any help,

W.

-- 
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20220103/bff92c1c/attachment.sig>

More information about the openssl-users mailing list