Migrating EC_KEY "deprecated low-level key parameter setters" from OpenSSL 1.1 to OpenSSL 3 #23831
Unanswered
AustinMayerhofer
asked this question in
Q&A
Replies: 1 comment
-
There are two options. Either you can use the encoded public key that you passed into o2i_ECPublicKey() with EVP_PKEY_fromdata() directly - use the |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
When following the migration guide, I'm running into difficulties finding replacements for some of the deprecated low-level key parameter setters (EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), etc.)
Take the code:
The migration guide says to use EVP_PKEY_fromdata(), does that apply in this situation? Use EVP_PKEY_KEY_PARAMETERS for the "selection" arg and "group" and "priv" for params?
Assuming the above, that begs the question about the call to o2i_ECPublicKey():
When I asked for a replacement for o2i_ECPublicKey, #23820 said to use EVP_PKEY_set1_encoded_public_key(), am I able to do that after calling EVP_PKEY_fromdata(), given the migration guide says "Keys should be immutable once they are created"?
Thanks for any help or a point in the right direction.
Beta Was this translation helpful? Give feedback.
All reactions