On Tue, 2022-01-04 at 19:25 +0000, Blumenthal, Uri - 0553 - MITLL wrote: > > > But, considering that the man pages describe C API, wouldn't it > > be > > > nice to mention (even though it may be obvious that a number of > > order > > > 2^384 might not fit into 32 or even 64 bits) that the actual > > type is > > > BIGNUM? > > > > No, the type is not a BIGNUM. Please read "man OSSL_PARAM" it > > contains > > the information on what types OSSL_PARAM support. > > I did that before playing with and modifying the OP's code. > Obviously, either I'm too dense to understand it, or it's too dense. > > > > Also, what should arguments to that C call > > EVP_PKEY_get_int_param() > > > look like to succeed? Do I need to pass a pointer to BN there??? > > > > Please read "man EVP_PKEY_get_int_param". > > See above. Some verbiage, very little clues - especially for somebody > who doesn't already know how it works. > > int EVP_PKEY_get_int_param(const EVP_PKEY *pkey, const char > *key_name, > int *out); > EVP_PKEY_get_int_param() retrieves a key pkey integer value *out > associated with a name of key_name. > > Overall, VERY confusing. > > How does one know (without going through > EVP_PKEY_gettable_params(EVP_PKEY *pkey) and > EVP_PKEY_get_params(const EVP_PKEY *pkey, OSSL_PARAM params[])) what > method to use to retrieve what parameter? So you're basically asking to put something like - "The parameter most probably won't fit into unsigned int." - to every such parameter documented for PKEYs? -- Tomáš Mráz, OpenSSL
