One more hurdle passed. The code is working perfect, AFAIK.
?
Now one small question: how do I ensure that ?RAND_engine (and therefore Intel RDRAND output) is being used for the key generation in
? ?EVP_PKEY_keygen(ctx, &newkey);
Is just loading RAND_engine enough for that??
?
Sent?from?my?BlackBerry?10?smartphone?on?the Verizon?Wireless?4G?LTE?network.
? Original Message ?
From: Viktor Dukhovni?
Sent: Sunday, March 20, 2016 22:39?
To: openssl-users at openssl.org
Reply To: openssl-users at openssl.org
Subject: Re: Naive: how to generate EC public key from EC private key?
> On Mar 20, 2016, at 10:32 PM, Blumenthal, Uri - 0553 - MITLL <uri at ll.mit.edu> wrote:
>
> dup_ekey = EVP_PKEY_get1_EC_KEY(pubkey);
> group = (EC_GROUP*) EC_KEY_get0_group(dup_ekey);
Declare the group as:
const EC_GROUP *group;
Then:
group = EC_KEY_get0_group();
> nid = EC_GROUP_get_curve_name(group);
> printf("wrap: Deriving ECC keys over curve \"%s\"\n",
> EC_curve_nid2nist(nid));
?
This is fine.
> EC_GROUP_free(group);
This is very wrong. You're not supposed to free the group.
Note the "get0_group", you're not getting a copy...
--
Viktor.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4350 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160322/0fd24ce3/attachment.bin>
