Answered my own question: should use EVP_PKEY_bits(pkey) instead. -- Regards, Uri Blumenthal On 3/18/16, 14:57 , "openssl-users on behalf of Blumenthal, Uri - 0553 - MITLL" <openssl-users-bounces at openssl.org on behalf of uri at ll.mit.edu> wrote: >First, Stephen and Viktor - thank you! > >On 3/17/16, 19:45 , "openssl-users on behalf of Dr. Stephen Henson" ><openssl-users-bounces at openssl.org on behalf of steve at openssl.org> wrote: > >>On Thu, Mar 17, 2016, Viktor Dukhovni wrote: >>> >>>Well you can work with >>>http://openssl.org/docs/manmaster/crypto/EC_KEY_key2buf.html >>> to extract EC public key octets. >> >>That's only available in the master branch, only encodes the key value >>and not >>its parameters and of course it only works for EC. > >Got it. I?ll not use it, as it?s too specific. > >>>If you want an ASN.1 encoded "SPKI" object (i.e. an >>> X509_PUBKEY in OpenSSL) then you can use... > >Yes, that?s PRECISELY what I want, thank you! > >>>A shorter version of the above is possible via i2d_PUBKEY() which >>> handles the creation, encoding and destruction of the intermediate >>> X509_PUBKEY: . . . >>That's the preferred route as it uses the standard SubjectPublicKeyInfo >>format and works with any supported public key type. > >Thank you! The main disadvantage of the shorter version is that it does >not provide me with the length of the buffer it created. So for now I?ll >use the longer one - unless I?m missing something very obvious, and >there?s a trivial way to correctly tell the size of the returned buffer. > >Along the same line - I am trying to generate ECDH key pair that would be >on the same curve that the keys on my hardware token. The tokens I?m >dealing with can have keys on either P-256 or P-384 curve. > >My problem: I seem unable to figure out what curve the token keys belong >to. Here?s how the public key gets loaded: > > pubkey = ENGINE_load_public_key(*e, "id_03", NULL, NULL); > if (pubkey == NULL) { > fprintf(stderr, "wrap: failed to retrieve pubkey id_03\n"); > ERR_print_errors_fp(stderr); > goto end; > } > > *bitsize = EVP_PKEY_size(pubkey); > printf("wrap: ECC pubkey size is %1lu\n", *bitsize); > > >The problem with the above code is that it (apparently) gives me the size >of the EVP_PKEY object, while I mean to ask a different question. > >How do I determine what curve the above key is on? > >Thanks! -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4324 bytes Desc: not available URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160318/142de8eb/attachment-0001.bin>
