On 11/03/17 18:38, Ethan Rahn wrote: > size_t sharedSecretLen = 0; Set this to sizeof(sharedSecret). > > // Now derive the Shared Secret > EVP_PKEY_CTX *ctx; > > ctx = EVP_PKEY_CTX_new(pkey, NULL); > if (!ctx){ > fprintf( stderr, "Failed to make EVP_PKEY ctx\n" ); > ERR_load_crypto_strings(); This should be called once at the start of your program - *before* any calls that might generate an error. > if (EVP_PKEY_derive(ctx, sharedSecret, &sharedSecretLen) <= 0){ >From the EVP_PKEY_derive documentation: https://www.openssl.org/docs/man1.0.2/crypto/EVP_PKEY_derive.html "If key is not NULL then before the call the keylen parameter should contain the length of the key buffer, if the call is successful the shared secret is written to key and the amount of data written to keylen." Matt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users