Thank you for the answer!
On 2022-01-03 10:11:19 +0100, Tomas Mraz wrote:
> You're using the secp384r1 curve which is a prime field curve. The
> OSSL_PKEY_PARAM_EC_CHAR2_M parameter can be obtained only for binary
> field curves.
>
> If you have a group NID for the curve of the EC key, you could use:
>
> EC_GROUP *group = EC_GROUP_new_by_curve_name_ex(NULL, NULL, nid);
>
> to create the group to call EC_GROUP_get_degree() on.
>
> Of course if you can have an EC key with arbitrary explicit group
> parameters, that would not work.
That is sadly the case of me.
> But you can then use number of bits of the OSSL_PKEY_PARAM_EC_P
> parameter as the degree for prime field curves.
So, I've tried following your advice, but for some reason it is still
failing for me. I've modified my example program to be:
#include <stdio.h>
#include <string.h>
#include <err.h>
#include <openssl/core_names.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/rand.h>
#include <openssl/rsa.h>
#define ECCTYPE NID_secp384r1
#define ERR(...) do { warnx(__VA_ARGS__); exit(1); } while(0)
/* Source: https://en.wikipedia.org/wiki/Hamming_weight */
static int
popcnt(unsigned n)
{
int c;
for (c = 0; n; c++)
n &= n - 1;
return c;
}
int
main(void)
{
unsigned ec_p;
int degree = 0;
EVP_PKEY *pkey = 0;
const char *curve_name;
if (!(curve_name = OSSL_EC_curve_nid2name(ECCTYPE)))
ERR("OSSL_EC_curve_nid2name");
if (!(pkey = EVP_EC_gen(curve_name)))
ERR("EVP_EC_gen");
if (EVP_PKEY_get_int_param(pkey, OSSL_PKEY_PARAM_EC_CHAR2_M, °ree))
;
else if (EVP_PKEY_get_int_param(pkey, OSSL_PKEY_PARAM_EC_P, &ec_p))
degree = popcnt(ec_p);
else
ERR("could not get degree");
warnx("degree = %d", degree);
return 0;
}
So if the get for EC_CHAR2_M fails, I'm trying to fallback to EC_P.
However, even this program prints `a.out: could not get degree' for me.
Any ideas?
W.
--
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.
Attachment:
signature.asc
Description: PGP signature
