Now I became interested. ;-) Theoretically, shouldn’t EVP_PKEY_get_int_param(pkey, OSSL_PARAM_EC_ORDER, &(unsigned int)order) work? I verified that it does not seem to work, at least in the obvious context. What is the purpose of that parameter and function call, and where/how can one use it? Regards, Uri > On Jan 4, 2022, at 03:36, Tomas Mraz <tomas@xxxxxxxxxxx> wrote: > > On Tue, 2022-01-04 at 02:33 +0100, Wolf wrote: >> Thank you for the answer! >> >>> On 2022-01-03 10:11:19 +0100, Tomas Mraz wrote: >>> You're using the secp384r1 curve which is a prime field curve. The >>> OSSL_PKEY_PARAM_EC_CHAR2_M parameter can be obtained only for >>> binary >>> field curves. >>> >>> If you have a group NID for the curve of the EC key, you could use: >>> >>> EC_GROUP *group = EC_GROUP_new_by_curve_name_ex(NULL, NULL, nid); >>> >>> to create the group to call EC_GROUP_get_degree() on. >>> >>> Of course if you can have an EC key with arbitrary explicit group >>> parameters, that would not work. >> >> That is sadly the case of me. >> >>> But you can then use number of bits of the OSSL_PKEY_PARAM_EC_P >>> parameter as the degree for prime field curves. >> >> So, I've tried following your advice, but for some reason it is still >> failing for me. I've modified my example program to be: > > You need to use EVP_PKEY_get_bn_param() to get the P parameter and > BN_num_bits() to count the number of bits of the P value. > > > -- > Tomáš Mráz, OpenSSL > >
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
