Re: EVP_PKEY_set1_EC_KEY seems to not set something that EVP_PKEY_derive needs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 10/03/17 20:58, Ethan Rahn wrote:
> Hello Openssl-users,
> 
> I'm trying to write some code that derives the shared secret for 2
> elliptic curve keys ( i.e. does ECDH )
> 
> I am doing the following to load up both the local and remote EC key (
> code shown for local side ):
> 
> EC_KEY* localEC = EC_KEY_new_by_curve_name( curveName );
> EC_KEY_set_private_key( localEC, privateKeyLocal )
> EC_KEY_set_public_key_affine_coordinates( localEC, publicXCoordLocal,
> publicYCoordLocal ) 
> 
> I check the return values for all of these, as well as EC_KEY_check_key
> at the end. Everything returns non-zero, so I assume that it is good to
> go. I then do the following to turn the EC_KEY into an EVP_PKEY for ECDH:
> 
> pkey = EVP_PKEY_new();
> EVP_PKEY_set1_EC_KEY( *pkey, localEC );
> 
> The same is done for the remote EC, except that the private key is not
> loaded up.
> 
> Now this is where things get weird.
> 
> I run code pretty similar to the example given here ( starting from
> EVP_PKEY_CTX_new() since I already have the pkey and peerkey. (
> https://wiki.openssl.org/index.php/Elliptic_Curve_Diffie_Hellman ) and
> it fails on the call to EVP_PKEY_derive()without an error message. I
> tried running into under gdb() and it gets to ecdh_check() before it's
> unable to fill in the ecdh_data structure, i.e. it returns it as NULL.
> 
> If I use the example code to generate the local EVP_PKEY with a random
> set of points on the correct curve, then run the following line, the key
> derivation will work with the parameters I read in:
> ( in this example, pkey is as in the example code, i.e. generated
> randomly. pkey2 is the one I made via EVP_PKEY_set1_EC_KEY )
> 
> EVP_PKEY_set1_EC_KEY( pkey, EVP_PKEY_get1_EC_KEY( pkey2 ) );
> 
> It would appear that there is something that EVP_PKEY_set1_EC_KEY is not
> setting, or perhaps that I need to add, but I'm unclear what that would
> be. Does anyone on this list have any ideas?

Which version of OpenSSL are you using?

Can you provide a simple reproducer of the problem?

Matt

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux