One more hurdle passed. The code is working perfect, AFAIK. Now one small question: how do I ensure that RAND_engine (and therefore Intel RDRAND output) is being used for the key generation in EVP_PKEY_keygen(ctx, &newkey);
Is just loading RAND_engine enough for that?
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
Original Message
From: Viktor Dukhovni
Sent: Sunday, March 20, 2016 22:39
To: openssl-users@openssl.org
Reply To: openssl-users@openssl.org
Subject: Re: [openssl-users] Naive: how to generate EC public key from EC
private key?
> On Mar 20, 2016, at 10:32 PM, Blumenthal, Uri - 0553 - MITLL
> <u...@ll.mit.edu> wrote:
>
> dup_ekey = EVP_PKEY_get1_EC_KEY(pubkey);
> group = (EC_GROUP*) EC_KEY_get0_group(dup_ekey);
Declare the group as:
const EC_GROUP *group;
Then:
group = EC_KEY_get0_group();
> nid = EC_GROUP_get_curve_name(group);
> printf("wrap: Deriving ECC keys over curve \"%s\"\n",
> EC_curve_nid2nist(nid));
This is fine.
> EC_GROUP_free(group);
This is very wrong. You're not supposed to free the group.
Note the "get0_group", you're not getting a copy...
--
Viktor.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
smime.p7s
Description: S/MIME cryptographic signature
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
