EVP_PKEY_pairwise_check(3) fails with error:0300009A:digital envelope routines::no key set

Tomas Mraz tomas at openssl.org
Mon May 30 06:27:19 UTC 2022

On Sat, 2022-05-28 at 19:12 -0700, Kip Warner wrote:
> Hey list,
> I am in the process of porting some RSA related code that used
> OpenSSL
> 1.1.1 to the newer 3.0 API. A lot of the functions I was using are
> now
> deprecated. I've tried to follow the migration guide as best I can.
> Right now I am having an issue generating an RSA key pair:
>    https://pastebin.com/jbLdqUdv
> Note that the call to EVP_PKEY_pairwise_check(3) fails on L66 with
> "error:0300009A:digital envelope routines::no key set". This error
> string was set by OpenSSL internally.
> I'm not sure exactly what I'm doing wrong. All I want to do is
> generate
> the RSA key pair and then verify that this was done correctly.

For the pairwise check, you need to initialize a new EVP_PKEY_CTX
context with EVP_PKEY_CTX_new_from_pkey().

You cannot reuse the key generation context.

Tomáš Mráz, OpenSSL

More information about the openssl-users mailing list