<div dir="auto">X25519?</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Nov 14, 2022, 05:23 ORNEST Matej - Contractor via openssl-users <<a href="mailto:openssl-users@openssl.org">openssl-users@openssl.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

<div lang="en-CZ" link="#0563C1" vlink="#954F72" style="word-wrap:break-word">

<div class="m_-714572810575499963WordSection1">

<p class="MsoNormal"><span lang="EN-US">Hi all,<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-US"><u></u> <u></u></span></p>

<p class="MsoNormal"><span lang="EN-US">I need to implement support for X52219/X448 for DH key exchange (and Ed52219/Ed448 for DSA) elliptic curves in our project. I need to export public key for DH exchange in form of DER encoded chunk in form tag+X-coordinate+Y-coordinate.

 Thus I need to get EC_POINT from EVP_PKEY and encode it as needed. I understand that those key types differs from EC types in way that I need just X coordinate and a flag bit to reconstruct the key, but still, how do I get the X coordinate?<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-US">My solution works for all other EC types such as SecpX and Brainpool families, but not for X52219/X448 keys and I do not completely understand why. Specifically when I decode public key previously encoded with i2d_PUBKEY()

 to EVP_PEKY and try to get EC_KEY by calling EVP_PKEY_get0_EC_KEY(), it returns NULL and issues an error that it’s not an EC key…<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-US"><u></u> <u></u></span></p>

<p class="MsoNormal"><span lang="EN-US">I’m using following code:<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-US"><u></u> <u></u></span></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963s1">EVP_PKEY</span> *key = <span lang="EN-US">… // Decode from DER encoded public key<u></u><u></u></span></p>

<p class="m_-714572810575499963p2"><u></u> <u></u></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963apple-converted-space">    </span><span class="m_-714572810575499963s2">if</span>(key !=

<span class="m_-714572810575499963s2">nil</span>) {<u></u><u></u></p>

<p class="m_-714572810575499963p2"><u></u> <u></u></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963apple-converted-space">        </span><span class="m_-714572810575499963s1">EC_KEY</span> *ecKey =

<span class="m_-714572810575499963s3">EVP_PKEY_get0_EC_KEY</span>(key);<u></u><u></u></p>

<p class="m_-714572810575499963p2">         <span lang="EN-US">/// When X52219 or X448 key is passed, ecKey is NULL<u></u><u></u></span></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963apple-converted-space">        </span><span class="m_-714572810575499963s2">if</span>(ecKey !=

<span class="m_-714572810575499963s2">NULL</span>) {<u></u><u></u></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963apple-converted-space">            </span><span class="m_-714572810575499963s2">const</span>

<span class="m_-714572810575499963s1">EC_POINT</span> *point = <span class="m_-714572810575499963s3">EC_KEY_get0_public_key</span>(ecKey);<u></u><u></u></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963apple-converted-space">            </span><span class="m_-714572810575499963s2">const</span>

<span class="m_-714572810575499963s1">EC_GROUP</span> *group = <span class="m_-714572810575499963s3">EC_KEY_get0_group</span>(ecKey);<u></u><u></u></p>

<p class="m_-714572810575499963p2"><span class="m_-714572810575499963apple-converted-space">            </span><u></u><u></u></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963apple-converted-space">            </span><span class="m_-714572810575499963s2">if</span>(point !=

<span class="m_-714572810575499963s2">NULL</span> && group != <span class="m_-714572810575499963s2">NULL</span>) {<u></u><u></u></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963apple-converted-space">                </span><span class="m_-714572810575499963s1">BIGNUM</span> *bnX =

<span class="m_-714572810575499963s3">BN_new</span>();<u></u><u></u></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963apple-converted-space">                </span><span class="m_-714572810575499963s1">BIGNUM</span> *bnY =

<span class="m_-714572810575499963s3">BN_new</span>();<u></u><u></u></p>

<p class="m_-714572810575499963p2"><span class="m_-714572810575499963apple-converted-space">                </span><u></u><u></u></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963apple-converted-space">                </span><span class="m_-714572810575499963s2">if</span>(<span class="m_-714572810575499963s3">EC_POINT_get_affine_coordinates</span>(group, point, bnX, bnY,

<span class="m_-714572810575499963s2">NULL</span>)) {<u></u><u></u></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963apple-converted-space">                    </span><span class="m_-714572810575499963s2">char</span> *hexX =

<span class="m_-714572810575499963s3">BN_bn2hex</span>(bnX);<u></u><u></u></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963apple-converted-space">                    </span><span class="m_-714572810575499963s2">char</span> *hexY =

<span class="m_-714572810575499963s3">BN_bn2hex</span>(bnY);<u></u><u></u></p>

<p class="m_-714572810575499963p2"><u></u> <u></u></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963apple-converted-space">                    </span><span class="m_-714572810575499963s4"><span lang="EN-US">// Convert to custom data structures<u></u><u></u></span></span></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963s4"><span lang="EN-US">                      …</span></span><span lang="EN-US" style="color:#d0a8ff"><u></u><u></u></span></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963apple-converted-space">                </span>}<u></u><u></u></p>

<p class="m_-714572810575499963p2"><span class="m_-714572810575499963apple-converted-space">                </span><u></u><u></u></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963apple-converted-space">                </span><span class="m_-714572810575499963s3">BN_free</span>(bnX);<u></u><u></u></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963apple-converted-space">                </span><span class="m_-714572810575499963s3">BN_free</span>(bnY);<u></u><u></u></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963apple-converted-space">            </span>}<u></u><u></u></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963apple-converted-space">        </span>}<u></u><u></u></p>

<p class="m_-714572810575499963p1"><span class="m_-714572810575499963apple-converted-space">    </span>}<u></u><u></u></p>

<p class="MsoNormal"><span lang="EN-US"><u></u> <u></u></span></p>

<p class="MsoNormal"><span lang="EN-US"><u></u> <u></u></span></p>

<p class="MsoNormal"><span lang="EN-US">Is there any way how to export those key types in desired format?  I’m using OpenSSL version 1.1.1q.<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-US"><u></u> <u></u></span></p>

<p class="MsoNormal"><span lang="EN-US">Thank you very much for any hint<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-US">Matt<u></u><u></u></span></p>

</div>

</div>

</blockquote></div>