c - How does one access the raw ECDH public key, private key and params inside OpenSSL's EVP_PKEY structure? -


i'm using openssl's c library generate elliptic curve diffie-hellman (ecdh) key pair, following first code sample here. glosses on actual exchange of public keys line:

peerkey = get_peerkey(pkey); 

the pkey variable , return value both of type evp *. pkey contains public key, private key, , params generated earlier, , return value contains peer's public key. raises 3 questions:

  1. how get_peerkey() extract public key pkey sending peer?
  2. how code extract private key , params pkey store them later use after key exchange?
  3. how get_peerkey() generate new evp_pkey structure peer's raw public key?

i've seen openssl functions evp_pkey_print_public(), evp_pkey_print_private(), , evp_pkey_print_params() these generating human-readable output. , haven't found equivalent converting human-readable public key evp_pkey structure.

to answer own question, there's different path private key , public key.

to serialize public key:

  1. pass evp_pkey evp_pkey_get1_ec_key() ec_key.
  2. pass ec_key ec_key_get0_public_key() ec_point.
  3. pass ec_point ec_point_point2oct() octets, unsigned char *.

to deserialize public key:

  1. pass octets ec_point_oct2point() ec_point.
  2. pass ec_point ec_key_set_public_key() ec_key.
  3. pass ec_key evp_pkey_set1_ec_key evp_key.

to serialize private key:

  1. pass evp_pkey evp_pkey_get1_ec_key() ec_key.
  2. pass ec_key ec_key_get0_private_key() bignum.
  3. pass bignum bn_bn2mpi() mpi, format written unsigned char *.

to deserialize private key:

  1. pass mpi bn_mpi2bn() bignum.
  2. pass bignum ec_key_set_private_key() ec_key.
  3. pass ec_key evp_pkey_set1_ec_key evp_key.

it possible convert bignum hex, decimal, or "bin", although think mpi used fewest bytes.


Comments

Popular posts from this blog

css - Which browser returns the correct result for getBoundingClientRect of an SVG element? -

gcc - Calling fftR4() in c from assembly -

.htaccess - Matching full URL in RewriteCond -