<div dir="auto"><div>The reason has to do with the type of curve representation. X25519 is typically represented in (I believe, but I'm not an expert and I haven't looked at the primary sources recently so take this with a grain of salt) Montgomery form. Its digital signature counterpart Ed25519 uses the same curve represented in Edwards form.<div dir="auto"><br></div><div dir="auto">Conversely, the NIST curves are in Weierstrass form. The EC_KEY interface deals solely with Weierstrass form.</div><div dir="auto"><br></div><div dir="auto">To my understanding, you can convert any curve to any representation. However, different forms can be acted on with different values at different levels of efficiency, which is why the different forms exist.</div><div dir="auto"><br></div><div dir="auto">I hope this helps!</div><div dir="auto"><br></div><div dir="auto">-Kyle H</div><br><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Nov 18, 2022, 11:47 ORNEST Matej - Contractor via openssl-users <<a href="mailto:openssl-users@openssl.org">openssl-users@openssl.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="auto">
Yeah, of course, sorry for the typo. I’ve already found a solution that seems to be working by using EVP_PKEY_get_raw_public_key() for these types of curves. I was confused why it’s not working with EC_KEY interfaces though it’s type of elliptic curve. Then
I found somewhere that it’s implemented outside the context of EC. It’s not clear to me why but I believe there’s a good reason for it.
<div>Anyway, thanks for your answer!<br>
<br>
<div dir="ltr">Regards</div>
<div dir="ltr">Matt</div>
<div dir="ltr"><br>
<blockquote type="cite">On 18. 11. 2022, at 17:13, Kyle Hamilton <<a href="mailto:aerowolf@gmail.com" target="_blank" rel="noreferrer">aerowolf@gmail.com</a>> wrote:<br>
<br>
</blockquote>
</div>
<blockquote type="cite">
<div dir="ltr">
<div dir="auto">X25519?</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Mon, Nov 14, 2022, 05:23 ORNEST Matej - Contractor via openssl-users <<a href="mailto:openssl-users@openssl.org" target="_blank" rel="noreferrer">openssl-users@openssl.org</a>> wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div lang="en-CZ" link="#0563C1" vlink="#954F72" style="word-wrap:break-word">
<div>
<p class="MsoNormal"><span lang="EN-US">Hi all,<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-US">I need to implement support for X52219/X448 for DH key exchange (and Ed52219/Ed448 for DSA) elliptic curves in our project. I need to export public key for DH exchange in form of DER encoded chunk in form tag+X-coordinate+Y-coordinate.
Thus I need to get EC_POINT from EVP_PKEY and encode it as needed. I understand that those key types differs from EC types in way that I need just X coordinate and a flag bit to reconstruct the key, but still, how do I get the X coordinate?<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US">My solution works for all other EC types such as SecpX and Brainpool families, but not for X52219/X448 keys and I do not completely understand why. Specifically when I decode public key previously encoded with i2d_PUBKEY()
to EVP_PEKY and try to get EC_KEY by calling EVP_PKEY_get0_EC_KEY(), it returns NULL and issues an error that it’s not an EC key…<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-US">I’m using following code:<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US"><u></u> <u></u></span></p>
<p><span>EVP_PKEY</span> *key =
<span lang="EN-US">… // Decode from DER encoded public key<u></u><u></u></span></p>
<p><u></u> <u></u></p>
<p><span>
</span><span>if</span>(key != <span>
nil</span>) {<u></u><u></u></p>
<p><u></u> <u></u></p>
<p><span>
</span><span>EC_KEY</span> *ecKey = <span>
EVP_PKEY_get0_EC_KEY</span>(key);<u></u><u></u></p>
<p> <span lang="EN-US">/// When X52219 or X448 key is passed, ecKey is NULL<u></u><u></u></span></p>
<p><span>
</span><span>if</span>(ecKey != <span>
NULL</span>) {<u></u><u></u></p>
<p><span>
</span><span>const</span> <span>
EC_POINT</span> *point = <span>EC_KEY_get0_public_key</span>(ecKey);<u></u><u></u></p>
<p><span>
</span><span>const</span> <span>
EC_GROUP</span> *group = <span>EC_KEY_get0_group</span>(ecKey);<u></u><u></u></p>
<p><span> </span><u></u><u></u></p>
<p><span>
</span><span>if</span>(point != <span>
NULL</span> && group != <span>NULL</span>) {<u></u><u></u></p>
<p><span>
</span><span>BIGNUM</span> *bnX = <span>
BN_new</span>();<u></u><u></u></p>
<p><span>
</span><span>BIGNUM</span> *bnY = <span>
BN_new</span>();<u></u><u></u></p>
<p><span> </span><u></u><u></u></p>
<p><span>
</span><span>if</span>(<span>EC_POINT_get_affine_coordinates</span>(group, point, bnX, bnY,
<span>NULL</span>)) {<u></u><u></u></p>
<p><span>
</span><span>char</span> *hexX = <span>
BN_bn2hex</span>(bnX);<u></u><u></u></p>
<p><span>
</span><span>char</span> *hexY = <span>
BN_bn2hex</span>(bnY);<u></u><u></u></p>
<p><u></u> <u></u></p>
<p><span>
</span><span><span lang="EN-US">// Convert to custom data structures<u></u><u></u></span></span></p>
<p><span><span lang="EN-US"> …</span></span><span lang="EN-US" style="color:#d0a8ff"><u></u><u></u></span></p>
<p><span>
</span>}<u></u><u></u></p>
<p><span> </span><u></u><u></u></p>
<p><span>
</span><span>BN_free</span>(bnX);<u></u><u></u></p>
<p><span>
</span><span>BN_free</span>(bnY);<u></u><u></u></p>
<p><span>
</span>}<u></u><u></u></p>
<p><span>
</span>}<u></u><u></u></p>
<p><span>
</span>}<u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-US"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-US"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-US">Is there any way how to export those key types in desired format? I’m using OpenSSL version 1.1.1q.<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-US">Thank you very much for any hint<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US">Matt<u></u><u></u></span></p>
</div>
</div>
</blockquote>
</div>
</div>
</blockquote>
</div>
</div>
</blockquote></div></div></div>