Hi, I'm implementing a library that requires me to generate a public key given a pre-determined private key. I'm creating an EC_KEY structure, and setting the private key.
At first, I thought I could use EC_KEY_generate_key, since it doesn't overwrite an existing private key From just glancing at the code, my expectation would be that if I passed this into EC_KEY_generate_key that it would use the existing private key and calculate the public key, since it doesn't overwrite the private_key if it's been set. However, a few lines down, I noticed that it's calling: BN_rand_range(priv_key, order), which then overwrites the priv_key with the random number from the function. This guarantees that a new private/public key pair will be generated every time EC_KEY_generate_key is called. So, my questions are: 1) Is this correct? It seems to me that the BN_rand_range should only be called if it's a new private_key. If not, then if you continuously call EC_KEY_generate_key with the same EC_KEY, you'll end up narrowing the range for the random number until priv_key == order. That doesn't seem right to me. It seems that either it should grab the random number if it's a new BN or the floor of the range should be 0. 2) Is there a different OpenSSL EC function that I should be using. I just wrote my own function which skips the BN_rand_range and just does the point calculation to get my public key. This seems to work fine. Thanks, Bobby ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
