I'm using OpenSSL's c library to generate an elliptic curve Diffie-Hellman (ECDH) key pair, following the first code sample here. It glosses over the actual exchange of public keys with this line:
peerkey = get_peerkey(pkey);
The pkey
variable and the return value are both of type EVP *
. pkey
contains the public key, private key, and params generated earlier, and the return value only contains the peer's public key. So this raises three questions:
get_peerkey()
actually extract just the public key from pkey
for sending to the peer?pKey
to store them for later use after the key exchange?get_peerkey()
generate a new EVP_PKEY
structure from the peer's raw public key?I've seen the OpenSSL functions EVP_PKEY_print_public()
, EVP_PKEY_print_private()
, and EVP_PKEY_print_params()
but these are for generating human-readable output. And I haven't found any equivalent for converting a human-readable public key back into an EVP_PKEY
structure.
To answer my own question, there's a different path for the private key and the public key.
To serialize the public key:
To deserialize the public key:
To serialize the private key:
To deserialize the private key:
It is also possible to convert the BIGNUM to hex, decimal, or "bin", although I think that mpi used the fewest bytes.
The implementation above seems too complicated. openssl/evp.h
has functions i2d_PublicKey()
and d2i_PublicKey()
to respectively convert to and from a binary representation of the public key (and there are equivalent functions for the private key - see: https://www.openssl.org/docs/manmaster/man3/d2i_PublicKey.html)
A small code example:
vector<unsigned char> ecdhPubkeyData(EVP_PKEY *key) { int len = i2d_PublicKey(key, 0); // with 0 as second arg it gives length vector<unsigned char> ret(len); unsigned char *ptr = ret.data(); len = i2d_PublicKey(key, &ptr); return ret; } // Make sure you free the returned pointer when you are done with it EVP_PKEY *ecdhPubkeyFromData(vector <unsigned char> const &pubkeyData) { // You do need to put in in an existing EVP_PKEY that is assigned // an EC_KEY, because it needs to know what curve you use EC_KEY *ec_key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); EVP_PKEY *ret = EVP_PKEY_new(); EVP_PKEY_assign_EC_KEY(ret, ec_key); unsigned char const *ptr = pubkeyData.data(); d2i_PublicKey(EVP_PKEY_EC, &ret, &ptr, pubkeyData.size()); return ret; } // PS: In a real example you want to check if any of these functions // return NULL or some error code
I am using C++ vectors to contain the binary data, but of course you could just use C-style arrays too :-)
I am absolutely not an OpenSSL expert, so let me know if I am doing something horribly wrong in this implementation :-p
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With