error:0308010C:digital envelope routines::unsupported & other EVP_PKEY question

Kip Warner kip at
Tue May 31 04:33:00 UTC 2022

Hey list,

I am having difficulty trying to allocate an EVP_PKEY_CTX via
EVP_PKEY_CTX_new(3) from a public key loaded via PEN_read_PUBKEY(3).
The former fails with OpenSSL setting the following error:

   error:0308010C:digital envelope routines::unsupported

See L135:

I also have another question regarding EVP_PKEY structures since
OpenSSL 3.0. In OpenSSL 1.1.1 my RSA private and public keys were
stored separately in RSA structures. Since OpenSSL 3.0, the RSA
structure is deprecated along with all functions that accepted them as
arguments. Everything now appears to use the higher level algorithm
agnostic EVP_PKEY.

How does one access just the private or public keys within an EVP_PKEY?
The reason I ask is I would like to perform operations that verify that
the public key is valid, the private key is valid, and the two
mathematically correspond.

Any help appreciated.

Kip Warner
OpenPGP signed/encrypted mail preferred
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the openssl-users mailing list