On 10/03/17 20:58, Ethan Rahn wrote: > Hello Openssl-users, > > I'm trying to write some code that derives the shared secret for 2 > elliptic curve keys ( i.e. does ECDH ) > > I am doing the following to load up both the local and remote EC key ( > code shown for local side ): > > EC_KEY* localEC = EC_KEY_new_by_curve_name( curveName ); > EC_KEY_set_private_key( localEC, privateKeyLocal ) > EC_KEY_set_public_key_affine_coordinates( localEC, publicXCoordLocal, > publicYCoordLocal ) > > I check the return values for all of these, as well as EC_KEY_check_key > at the end. Everything returns non-zero, so I assume that it is good to > go. I then do the following to turn the EC_KEY into an EVP_PKEY for ECDH: > > pkey = EVP_PKEY_new(); > EVP_PKEY_set1_EC_KEY( *pkey, localEC ); > > The same is done for the remote EC, except that the private key is not > loaded up. > > Now this is where things get weird. > > I run code pretty similar to the example given here ( starting from > EVP_PKEY_CTX_new() since I already have the pkey and peerkey. ( > https://wiki.openssl.org/index.php/Elliptic_Curve_Diffie_Hellman ) and > it fails on the call to EVP_PKEY_derive()without an error message. I > tried running into under gdb() and it gets to ecdh_check() before it's > unable to fill in the ecdh_data structure, i.e. it returns it as NULL. > > If I use the example code to generate the local EVP_PKEY with a random > set of points on the correct curve, then run the following line, the key > derivation will work with the parameters I read in: > ( in this example, pkey is as in the example code, i.e. generated > randomly. pkey2 is the one I made via EVP_PKEY_set1_EC_KEY ) > > EVP_PKEY_set1_EC_KEY( pkey, EVP_PKEY_get1_EC_KEY( pkey2 ) ); > > It would appear that there is something that EVP_PKEY_set1_EC_KEY is not > setting, or perhaps that I need to add, but I'm unclear what that would > be. Does anyone on this list have any ideas? Which version of OpenSSL are you using? Can you provide a simple reproducer of the problem? Matt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
