Hi,
Based on the previous conversations, I tried to generate Elliptic Curve
public/Private key pair. I want to convert the output BIGNUM* to char* in order
to perform the rest of my task. Using BN_bn2hex is the correct api to do this?
It seems it returns a 32 byte Hex while when I generate EC keys by command, it
is much bigger. I want an output like this for public key and private key:
-----BEGIN EC PARAMETERS-----
>BggqhkjOPQMBBw==
>-----END EC PARAMETERS-----
>-----BEGIN EC PRIVATE KEY-----
>MHcCAQEEIDbJzdK8bkYoC4CsuFCBBGPHg21AC1vHh7Dg67tTZ8z9oAoGCCqGSM49
>AwEHoUQDQgAEuhRNaqvmtnVpzewv8g3zh2PDh1FwoojEQguGKGCseKffEIoLn6ua
>Vn9cpsV7OX5hvcafIyqC+gIPuJovPi0Buw==
>-----END EC PRIVATE KEY-----
and
-----BEGIN PUBLIC KEY-----
>MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuhRNaqvmtnVpzewv8g3zh2PDh1Fw
>oojEQguGKGCseKffEIoLn6uaVn9cpsV7OX5hvcafIyqC+gIPuJovPi0Buw==
>-----END PUBLIC KEY-----
Here is my code:
EC_KEY *ecKey = EC_KEY_new();
EC_GROUP *group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
EC_KEY_set_group(ecKey, group);
int iECGenKey = EC_KEY_generate_key(ecKey);
BIGNUM *pPubKey, *pPrivKey;
pPrivKey = (BIGNUM*) EC_KEY_get0_private_key(ecKey);
char* pchPrivKey = BN_bn2hex(pPrivKey);
int nBytes = BN_num_bytes(pPrivKey);
string strPrivKey;
strPrivKey.assign(pchPrivKey);
if (pPrivKey != NULL)
OPENSSL_free(pPrivKey);
pPubKey = (BIGNUM*) EC_KEY_get0_public_key(ecKey);
char* pchPubKey = BN_bn2hex(pPubKey);
string strPubKey;
strPubKey.assign(pchPubKey);
if (pPubKey != NULL)
OPENSSL_free(pPubKey);
It would be appreciated if you can help me.
Thanks
________________________________
From: Thomas Leavy <tombu...@gmail.com>
To: "openssl-users@openssl.org" <openssl-users@openssl.org>
Cc: "<openssl-users@openssl.org>" <openssl-users@openssl.org>
Sent: Wednesday, August 15, 2012 2:52 AM
Subject: Re: Elliptic Curve key generation help
Wow can't believe I already got an answer! Thanks so much guys I should be good
to go.
On Aug 14, 2012, at 6:59 PM, Jason Goldberg <jgoldb...@oneid.com> wrote:
Before you call generate_key, you need to initialize your EC_KEY with a curve:
>
>
>EC_GROUP *group = EC_GROUP_new_by_curve_name(curve);
>EC_KEY_set_group(testKey, group);
>
>
>For 'curve' you could use, for example, NIST P256 which is defined with the
>macro: NID_X9_62_prime256v1
>
>
>You can then use these primitives to get the public and private keys:
>
>
>EC_KEY_get0_private_key
>EC_KEY_get0_public_key
>
>
>Jason
>
>On Aug 14, 2012, at 5:49 PM, Tom Leavy <tombu...@gmail.com>
> wrote:
>
>I have been trying to figure out how to generate an elliptic curve public
>private key pair and can't find much information on how you properly do that.
>So far I have done the following and I'm pretty sure I am missing a step
>someplace.
>>
>>
>>void makeECCKeyPair() {
>> EC_KEY *testKey = EC_KEY_new();
>> EC_KEY_generate_key(testKey);
>>}
>
