Hi Stephen :) The API you'll want to use is EVP_PKEY_fromdata(); there's a stubbed out example of using it to make an EVP_PKEY with EC group parameters at https://github.com/openssl/openssl/issues/14258#issuecomment-783351031 but the translation to also specify OSSL_PKEY_PARAM_PRIV_KEY (and possibly OSSL_PKEY_PARAM_PUB_KEY; I forget if you need to pass both) should be fairly straightforward. Let us know if you run into trouble with that route. -Ben On Mon, Mar 08, 2021 at 02:23:36AM +0000, Stephen Farrell wrote: > > Hiya, > > My question: how does one setup an EVP_PKEY for a NIST > curve (e.g. p256) key pair when one has the private key > in an octet string using the latest OpenSSL 3.0.0 high > level APIs? > > I'm trying to get rid of deprecation warnings from my > code for HPKE [1] when dealing with NIST curves using > the new (I guess?) OSSL_PARAM_* approach. I'm failing > at the moment;-) > > So, given an octet string from a set of test vectors > (e.g. [2]) what's the proper way to setup an EVP_PKEY > for that to allow one to validate the test vectors? > > Happy to try produce a stand-alone example for this > in the next few days if one doesn't exist (I've not > found one so far). > > Thanks, > Stephen. > > [1] https://github.com/sftcd/happykey/blob/7d52d34c516ab58ca1433004ff82b2a6a82eea4c/hpke.c#L1263 > [2] https://github.com/cfrg/draft-irtf-cfrg-hpke pub RSA 4096/7B172BEA 2017-12-22 Stephen Farrell (2017) <stephen.farrell@xxxxxxxxx> > sub RSA 4096/36CB8BB6 2017-12-22 >
