Hines, Philip D. wrote:
Using the C API. I am working on a plugin for GAIM which uses ECDH for
establishing encrypted sessions. I think I figured out most of
it...right now I can make it work locally, but the public and private
keys are in structures with many pointers and I am having trouble
getting the serialization functions working. I am trying to use:
/* de- and encoding functions for SEC1 ECPrivateKey */
EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len);
int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out);
/* de- and encoding functions for EC parameters */
EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len);
int i2d_ECParameters(EC_KEY *a, unsigned char **out);
/* de- and encoding functions for EC public key
* (octet string, not DER -- hence 'o2i' and 'i2o') */
EC_KEY *o2i_ECPublicKey(EC_KEY **a, const unsigned char **in, long len);
int i2o_ECPublicKey(EC_KEY *a, unsigned char **out);
Part of the problem is that I am just guessing at the usage since there
aren't very descriptive comments. I assume that once each side has
their keys generated they can serialize them using i2o_ECPublicKey and
then send them across. Then I assume that the other side can use
o2i_ECPublicKey to recreate the key object and use it in ECDH. Is that
right?
this only works if the other side already has a EC_KEY key object
with the correct ec parameters in it (the ec parameters are not
included in encoded public key o2i_ECPublicKey creates but are
required for decoding).
You might use d2i|i2d_PUBKEY instead as these functions create an
encoded x509 algorithm id object which already includes the necessary
parameters.
Cheers,
Nils
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]