I'm trying to generate a public key from a private key generated on a HSM
(and obtained by calling PKCS#11). Everything works fine until I call
EC_POINT_mul - at which point I get the error message:
error:100BB065:elliptic curve routines:ec_wNAF_mul:incompatible
objects
I have checked the BIGNUM conversion - and that seems to be fine. The key
pair on the HSM is also generated using brainpoolP256r1.
The basis of the code can be found at the end of the email. I'm basically
trying to follow the example provided in:
https://wiki.openssl.org/index.php/Elliptic_Curve_Cryptography.
I'm using openssl 1.10h
Any pointers or help would be appreciated.
John
---------------------------------------------------------------
BN_CTX *ctx;
ctx = BN_CTX_new();
if(!ctx) {
outputInfo("unable to create openssl BN_CTX");
return;
}
EC_GROUP *curve;
outputInfo("about to create EC_GROUP_new_by_curve_name");
if(NULL == (curve =
EC_GROUP_new_by_curve_name(NID_brainpoolP256r1))) {
outputERRORmess("unable to setup curve");
}
outputInfo("about to create EC_KEY_new_by_curve_name");
EC_KEY *key;
if(NULL == (key = EC_KEY_new_by_curve_name(NID_brainpoolP256r1))) {
outputERRORmess("unable to setup EC_KEY");
}
// now get the private key contained in CKA_VALUE via PKCS#111 and
place in *attrPrivate.pValue
.......... (handle error)
EC_POINT *pub;
BIGNUM *prv = BN_bin2bn((unsigned char*)attrPrivate.pValue,
attrPrivate.ulValueLen, NULL);
if (prv == NULL) {
...... (handle error)
}
if (1 != EC_KEY_set_private_key(key, prv)) {
........ (handle error)
}
if (1 != EC_POINT_mul(curve, pub, prv, NULL, NULL, ctx)) {
outputInfo("unable to calculate the public key from the
HSM's private key using EC_POINT_mul");
(handle error)
}
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
