Oh, and I'd much prefer to stay at the EVP level, rather than invoke BIO primitives for this task. Sent?from?my?BlackBerry?10?smartphone?on?the Verizon?Wireless?4G?LTE?network. ? Original Message ? From: Blumenthal, Uri - 0553 - MITLL Sent: Thursday, March 17, 2016 18:09 To: Viktor Dukhovni; openssl-users at openssl.org Reply To: openssl-users at openssl.org Subject: Re: Naive: how to generate EC public key from EC private key? Great! Say, I want to extract the public key and make it available to another entity or module? Possibly DER-encoded, though I'd like to learn how to do both: extract ?ASN.1-encoded and raw (assuming it is possible).? Thanks! Sent?from?my?BlackBerry?10?smartphone?on?the Verizon?Wireless?4G?LTE?network. ? Original Message ? From: Viktor Dukhovni Sent: Thursday, March 17, 2016 17:57 To: openssl-users at openssl.org Reply To: openssl-users at openssl.org Subject: Re: Naive: how to generate EC public key from EC private key? > On Mar 17, 2016, at 5:17 PM, Blumenthal, Uri - 0553 - MITLL <uri at ll.mit.edu> wrote: > > I?ve an extremely na?ve question. I am generating ephemeral EC keys for ECDH, following the example in https://wiki.openssl.org/index.php/EVP_Key_and_Parameter_Generation > > But it looks like the example ends on generation of the private key: > /* Generate the key */ > if (!EVP_PKEY_keygen(kctx, &key)) goto err; > > > The next step must be obvious, but somehow I can?t figure it out. So my question is: from having EVP_PKEY *privateECKey how do I get EVP_PKEY *publicECKey? The public key is always there. You either have both the public and private keys or just the public key. So the same EVP_PKEY object holds both. What you do next depends on what you want to do with the public key... -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 4350 bytes Desc: not available URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160317/ab58e573/attachment.bin>
