Re: [openssl-users] EVP_PKEY_set1_EC_KEY seems to not set something that EVP_PKEY_derive needs

Matt Caswell Sat, 11 Mar 2017 12:29:12 -0800


On 11/03/17 18:38, Ethan Rahn wrote:
>    size_t sharedSecretLen = 0;


Set this to sizeof(sharedSecret).

> 
>    // Now derive the Shared Secret
>    EVP_PKEY_CTX *ctx;
> 
>    ctx = EVP_PKEY_CTX_new(pkey, NULL);
>    if (!ctx){
>       fprintf( stderr, "Failed to make EVP_PKEY ctx\n" );
>       ERR_load_crypto_strings();

This should be called once at the start of your program - *before* any
calls that might generate an error.

>    if (EVP_PKEY_derive(ctx, sharedSecret, &sharedSecretLen) <= 0){

>From the EVP_PKEY_derive documentation:

https://www.openssl.org/docs/man1.0.2/crypto/EVP_PKEY_derive.html

"If key is not NULL then before the call the keylen parameter should
contain the length of the key buffer, if the call is successful the
shared secret is written to key and the amount of data written to keylen."

Matt

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] EVP_PKEY_set1_EC_KEY seems to not set something that EVP_PKEY_derive needs

Reply via email to