DH_compute_key () - replacement in 3.0

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

DH_compute_key () - replacement in 3.0

Narayana, Sunil Kumar

Hi ,

While migrating from 1.0.2 to 3.0, we found that DH_compute_key () has be deprecated.

In the current  we are using the compute API as below

 

    dh->priv_key = BN_bin2bn(privateKey, octet_len, NULL);

    bn_publicKey = BN_bin2bn(publicKey, octet_len, NULL);

    rv = DH_compute_key(sharedSecret, bn_publicKey, dh);

 

to exactly replace this we are generating “pubparam_key/priparam_key”  using   bn_publicKey/dh->priv_key  as below

 

OSSL_PARAM_BLD *pubparamsbld = NULL, priparamsbld = NULL;

OSSL_PARAM *pubparams = NULL, priparams = NULL;

EVP_PKEY *pubparam_key = NULL, *priparam_key = NULL;

EVP_PKEY_CTX *pubctx = NULL, *prictx = NULL;

 

 

pubparamsbld = OSSL_PARAM_BLD_new()

priparamsbld = OSSL_PARAM_BLD_new()

               

OSSL_PARAM_BLD_push_BN(pubparamsbld, OSSL_PKEY_PARAM_PUB_KEY, bn_publicKey)

OSSL_PARAM_BLD_push_BN(priparamsbld, OSSL_PKEY_PARAM_PRIV_KEY,bn_privateKey)

  

//build context

pubctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL);

prictx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL);

 

EVP_PKEY_key_fromdata_init(pubctx)

EVP_PKEY_key_fromdata_init(prictx)

 

pubparams = OSSL_PARAM_BLD_to_param(pubparamsbld);

EVP_PKEY_fromdata(pubctx, &pubparam_key, pubparams))

 

priparams = OSSL_PARAM_BLD_to_param(priparamsbld);

EVP_PKEY_fromdata(prictx, &priparam_key, priparams))

 

From there, we are planning to use EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, and EVP_PKEY_derive to get shared secret

 

Please suggest if any step is invalid or not necessary

 

Regards,

Sunil




Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
Reply | Threaded
Open this post in threaded view
|

RE: DH_compute_key () - replacement in 3.0

OpenSSL - User mailing list

to exactly replace this we are generating “pubparam_key/priparam_key”  using   bn_publicKey/dh->priv_key  as below

 

OSSL_PARAM_BLD *pubparamsbld = NULL, priparamsbld = NULL;

OSSL_PARAM *pubparams = NULL, priparams = NULL;

EVP_PKEY *pubparam_key = NULL, *priparam_key = NULL;

EVP_PKEY_CTX *pubctx = NULL, *prictx = NULL;

 

 

pubparamsbld = OSSL_PARAM_BLD_new()

priparamsbld = OSSL_PARAM_BLD_new()

               

OSSL_PARAM_BLD_push_BN(pubparamsbld, OSSL_PKEY_PARAM_PUB_KEY, bn_publicKey)

OSSL_PARAM_BLD_push_BN(priparamsbld, OSSL_PKEY_PARAM_PRIV_KEY,bn_privateKey)

  

//build context

pubctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL);

prictx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL);

 

EVP_PKEY_key_fromdata_init(pubctx)

EVP_PKEY_key_fromdata_init(prictx)

 

pubparams = OSSL_PARAM_BLD_to_param(pubparamsbld);

EVP_PKEY_fromdata(pubctx, &pubparam_key, pubparams))

 

priparams = OSSL_PARAM_BLD_to_param(priparamsbld);

EVP_PKEY_fromdata(prictx, &priparam_key, priparams))

 

From there, we are planning to use EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, and EVP_PKEY_derive to get shared secret

 

 

 

 

Didn’t you generate the private keys using the EVP_PKEY_gen as was suggested to your previous email inquiry?  If so, you shouldn’t have to rebuild it in such a way, since you already have a usable PKEY that has the generated keypair.  If you created a private keypair called privkey, the public key data can be sent to your peer with i2d_PUBKEY_bio(peer_bio, privkey) and received on the peer’s side with d2i_PUBKEY_bio(peer_bio, &peerkey);

Now you just need to build a new context around your private EVP_PKEY using derive_ctx = EVP_PKEY_CTX_new(privkey, NULL); and then do the EVP_PKEY_derive series of calls.

 

Your example code does not seem to set the P or G parameters of your keypair, so if you must do it that way, you will need to add them too.

Reply | Threaded
Open this post in threaded view
|

RE: DH_compute_key () - replacement in 3.0

Narayana, Sunil Kumar

Hi Daniel ,

We do have generated the key using EVP_PKEY_gen as suggested in earlier emails, but since this was a non-ephemeral and we wanted to store the key in "raw" octet bytes, so we did extracted the whole DH priv/pub key pair out from the key generated via  EVP_PKEY_gen  ( using as suggested… EVP_PKEY_get_raw_public_key (pkey, pub, &len)  )

 

Now, at a later stage in application we have to compute the Secret key using the stored key’s (in above step).

As of now,  these keys are in uchar format, but are converted to BIGNUM and given to DH_compute_key as below.

 

   BIGNUM      *bn_publicKey;

    dh->priv_key = BN_bin2bn(privateKey, octet_len, NULL);

    bn_publicKey = BN_bin2bn(publicKey, octet_len, NULL);

    rv = DH_compute_key(sharedSecret, bn_publicKey, dh);

 

So in order to keep the existing frame work in place and just replace the DH_compute_key, we should be using the  dh->priv_key/ bn_publicKey  to compute shared secret key.

So we require to convert the BIGNUM key types to EVP_KEY types to use in EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, and EVP_PKEY_derive to get shared secret

Please suggest…

 

 

Regards,

Sunil

 

From: Sands, Daniel <[hidden email]>
Sent: 15 December 2020 05:16
To: Narayana, Sunil Kumar <[hidden email]>; [hidden email]
Subject: RE: DH_compute_key () - replacement in 3.0

 


NOTICE: This email was received from an EXTERNAL sender


 

to exactly replace this we are generating “pubparam_key/priparam_key”  using   bn_publicKey/dh->priv_key  as below

 

OSSL_PARAM_BLD *pubparamsbld = NULL, priparamsbld = NULL;

OSSL_PARAM *pubparams = NULL, priparams = NULL;

EVP_PKEY *pubparam_key = NULL, *priparam_key = NULL;

EVP_PKEY_CTX *pubctx = NULL, *prictx = NULL;

 

 

pubparamsbld = OSSL_PARAM_BLD_new()

priparamsbld = OSSL_PARAM_BLD_new()

               

OSSL_PARAM_BLD_push_BN(pubparamsbld, OSSL_PKEY_PARAM_PUB_KEY, bn_publicKey)

OSSL_PARAM_BLD_push_BN(priparamsbld, OSSL_PKEY_PARAM_PRIV_KEY,bn_privateKey)

  

//build context

pubctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL);

prictx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL);

 

EVP_PKEY_key_fromdata_init(pubctx)

EVP_PKEY_key_fromdata_init(prictx)

 

pubparams = OSSL_PARAM_BLD_to_param(pubparamsbld);

EVP_PKEY_fromdata(pubctx, &pubparam_key, pubparams))

 

priparams = OSSL_PARAM_BLD_to_param(priparamsbld);

EVP_PKEY_fromdata(prictx, &priparam_key, priparams))

 

From there, we are planning to use EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, and EVP_PKEY_derive to get shared secret

 

 

 

 

Didn’t you generate the private keys using the EVP_PKEY_gen as was suggested to your previous email inquiry?  If so, you shouldn’t have to rebuild it in such a way, since you already have a usable PKEY that has the generated keypair.  If you created a private keypair called privkey, the public key data can be sent to your peer with i2d_PUBKEY_bio(peer_bio, privkey) and received on the peer’s side with d2i_PUBKEY_bio(peer_bio, &peerkey);

Now you just need to build a new context around your private EVP_PKEY using derive_ctx = EVP_PKEY_CTX_new(privkey, NULL); and then do the EVP_PKEY_derive series of calls.

 

Your example code does not seem to set the P or G parameters of your keypair, so if you must do it that way, you will need to add them too.




Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
Reply | Threaded
Open this post in threaded view
|

RE: [EXTERNAL] RE: DH_compute_key () - replacement in 3.0

OpenSSL - User mailing list

We do have generated the key using EVP_PKEY_gen as suggested in earlier emails, but since this was a non-ephemeral and we wanted to store the key in "raw" octet bytes, so we did extracted the whole DH priv/pub key pair out from the key generated via  EVP_PKEY_gen  ( using as suggested… EVP_PKEY_get_raw_public_key (pkey, pub, &len)  )

 

Now, at a later stage in application we have to compute the Secret key using the stored key’s (in above step).

As of now,  these keys are in uchar format, but are converted to BIGNUM and given to DH_compute_key as below.

 

   BIGNUM      *bn_publicKey;

    dh->priv_key = BN_bin2bn(privateKey, octet_len, NULL);

    bn_publicKey = BN_bin2bn(publicKey, octet_len, NULL);

    rv = DH_compute_key(sharedSecret, bn_publicKey, dh);

 

So in order to keep the existing frame work in place and just replace the DH_compute_key, we should be using the  dh->priv_key/ bn_publicKey  to compute shared secret key.

So we require to convert the BIGNUM key types to EVP_KEY types to use in EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, and EVP_PKEY_derive to get shared secret

Please suggest…

Is it possible to change the format of your raw blob?  If so, you can use i2d_PrivateKey or friends to output the entire private key to your raw data blob, and use d2i_PrivateKey et al to read it back into a working EVP_PKEY in a single call.

 

Otherwise, one shortcut you can do to avoid all the params work is to create a static array since you should already know how many params you need.  But you need the public key, the private key, the generator (g), and the prime modulus (p).  The following (untested) code ought to work.

 

OSSL_PARAM params[5];

 

params[0] = OSSL_PARAM_construct_BN(OSSL_PKEY_PARAM_FFC_P, <prime modulus>, <prime modulus bytes size>);

params[1] = OSSL_PARAM_construct_uint(OSSL_PKEY_PARAM_FFC_G, <generator>);

params[2] = OSSL_PARAM_construct_BN(OSSL_PKEY_PARAM_PUB_KEY, <public key>, <public key bytes size>);

params[3] = OSSL_PARAM_construct_BN(OSSL_PKEY_PARAM_PRIV_KEY, <private key>, <private key bytes size>);

params[4] = OSSL_PARAM_construct_end();

 

my_key_ctx = EVP_PKEY_CTX_new_from_name(NULL, “DH”, NULL);

EVP_PKEY_derive_init(my_key_ctx);

EVP_PKEY_CTX_set_params(my_key_ctx, params);

 

Reply | Threaded
Open this post in threaded view
|

RE: [EXTERNAL] RE: DH_compute_key () - replacement in 3.0

Narayana, Sunil Kumar

Hi Daniel,

                Thanks we will try it out.

One more doubt regarding  DH_generate_key, as per earlier suggestion we tried following changes to replicate the generate key, but we observe that the out put key is not matching with the one that is obtained by DH_generate_key() of older version. Note that the inputs are same in both scenario.

 

Inputs to both EVP version & DH_generate_key are same as below

BIGNUM P input:  FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A4

BIGNUM G input: 2

 

(Code suggested to replace DH_generate_key ) …………….

EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL);
OSSL_PARAM_BLD *tmpl = NULL;
OSSL_PARAM *params = NULL;
EVP_PKEY *param_key = NULL;

if (pctx == NULL || !EVP_PKEY_key_fromdata_init(pctx))
goto err;

if ((tmpl = OSSL_PARAM_BLD_new()) == NULL
|| !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_P, p)
|| !OSSL_PARAM_BLD_push_uint(tmpl, OSSL_PKEY_PARAM_FFC_G, 2))
goto err;

params = OSSL_PARAM_BLD_to_param(tmpl);
if (params == NULL || !EVP_PKEY_fromdata(pctx, &param_key, params))

EVP_PKEY *key = NULL;
EVP_PKEY_CTX *gctx = EVP_PKEY_CTX_new_from_pkey(NULL, param_key, NULL);
EVP_PKEY_keygen_init(gctx);
EVP_PKEY_gen(gctx, &key);

 

Post this we obtained DH from the key and printed dh->p, dh->g, dh->priv, dh->pub using below API

dh = EVP_PKEY_get0_DH(pkey);
DH_get0_key(dh, &dh_pubkey,&dh_privkey);
DH_get0_pqg(dh, &dhp, &dhq, &dhg);

BN_print_fp(dhfp, dh_pubkey);.. etc

 

Note : post fetching DH from pkey, the input params (P,G) are matching properly. But pub/priv keys are not matching with the DH_generate_key output.

Please suggest.

 

Regards,

Sunil

From: Sands, Daniel <[hidden email]>
Sent: 16 December 2020 05:00
To: Narayana, Sunil Kumar <[hidden email]>; [hidden email]
Subject: RE: [EXTERNAL] RE: DH_compute_key () - replacement in 3.0

 


NOTICE: This email was received from an EXTERNAL sender


 

We do have generated the key using EVP_PKEY_gen as suggested in earlier emails, but since this was a non-ephemeral and we wanted to store the key in "raw" octet bytes, so we did extracted the whole DH priv/pub key pair out from the key generated via  EVP_PKEY_gen  ( using as suggested… EVP_PKEY_get_raw_public_key (pkey, pub, &len)  )

 

Now, at a later stage in application we have to compute the Secret key using the stored key’s (in above step).

As of now,  these keys are in uchar format, but are converted to BIGNUM and given to DH_compute_key as below.

 

   BIGNUM      *bn_publicKey;

    dh->priv_key = BN_bin2bn(privateKey, octet_len, NULL);

    bn_publicKey = BN_bin2bn(publicKey, octet_len, NULL);

    rv = DH_compute_key(sharedSecret, bn_publicKey, dh);

 

So in order to keep the existing frame work in place and just replace the DH_compute_key, we should be using the  dh->priv_key/ bn_publicKey  to compute shared secret key.

So we require to convert the BIGNUM key types to EVP_KEY types to use in EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, and EVP_PKEY_derive to get shared secret

Please suggest…


Is it possible to change the format of your raw blob?  If so, you can use i2d_PrivateKey or friends to output the entire private key to your raw data blob, and use d2i_PrivateKey et al to read it back into a working EVP_PKEY in a single call.

 

Otherwise, one shortcut you can do to avoid all the params work is to create a static array since you should already know how many params you need.  But you need the public key, the private key, the generator (g), and the prime modulus (p).  The following (untested) code ought to work.

 

OSSL_PARAM params[5];

 

params[0] = OSSL_PARAM_construct_BN(OSSL_PKEY_PARAM_FFC_P, <prime modulus>, <prime modulus bytes size>);

params[1] = OSSL_PARAM_construct_uint(OSSL_PKEY_PARAM_FFC_G, <generator>);

params[2] = OSSL_PARAM_construct_BN(OSSL_PKEY_PARAM_PUB_KEY, <public key>, <public key bytes size>);

params[3] = OSSL_PARAM_construct_BN(OSSL_PKEY_PARAM_PRIV_KEY, <private key>, <private key bytes size>);

params[4] = OSSL_PARAM_construct_end();

 

my_key_ctx = EVP_PKEY_CTX_new_from_name(NULL, “DH”, NULL);

EVP_PKEY_derive_init(my_key_ctx);

EVP_PKEY_CTX_set_params(my_key_ctx, params);

 




Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
Reply | Threaded
Open this post in threaded view
|

RE: [EXTERNAL] RE: DH_compute_key () - replacement in 3.0

OpenSSL - User mailing list

Hi Daniel,

                Thanks we will try it out.

One more doubt regarding  DH_generate_key, as per earlier suggestion we tried following changes to replicate the generate key, but we observe that the out put key is not matching with the one that is obtained by DH_generate_key() of older version. Note that the inputs are same in both scenario.

 

 

 

 

The generated key should be random.  So unless you seed your PRNG with a constant value, you should always generate a different public/private keypair.  Between OpenSSL versions, the PRNG may have changed, so I would not depend on them to output the same value even with the same PRNG seed.

Reply | Threaded
Open this post in threaded view
|

RE: DH_compute_key () - replacement in 3.0

Narayana, Sunil Kumar
In reply to this post by Narayana, Sunil Kumar

Hi,

                For the equivalent replacement of DH_compute_key in 3.0, we tried to perform the steps suggested in earlier mail below

Our steps are as follows, but we see EVP_PKEY_derive  fails to perform.  please suggest if any steps are wrong or missing here.

 

//input - BIGNUM - pubkey, privkey, p ,

//output - sharedsecret

 

Evp_compute_key(unsigned char* sharedSecret, unsigned int len, BIGNUM *pubkey, BIGNUM *privkey, BIGNUM* dh_p)

{

OSSL_PARAM params[5];

unsigned char*  p_str = BN_bn2dec (dh_p);

unsigned char* pub_str = BN_bn2dec (pubkey);

unsigned char* priv_str = BN_bn2dec (privkey);

 

params[0] = OSSL_PARAM_construct_BN(OSSL_PKEY_PARAM_FFC_P, p_str, strlen(p_str));

params[1] = OSSL_PARAM_construct_uint(OSSL_PKEY_PARAM_FFC_G, &g);

params[2] = OSSL_PARAM_construct_BN(OSSL_PKEY_PARAM_PUB_KEY, pub_str, strlen(pub_str));

params[3] = OSSL_PARAM_construct_BN(OSSL_PKEY_PARAM_PRIV_KEY, priv_str, strlen(priv_str));

params[4] = OSSL_PARAM_construct_end();

 

gctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL);

EVP_PKEY_derive_init(gctx)

EVP_PKEY_CTX_set_params(gctx, params)

 

/* Determine buffer length */

EVP_PKEY_derive(gctx, NULL, &skeylen)

EVP_PKEY_derive(gctx, sharedSecret, &skeylen)

}

 

Note - EVP_PKEY_derive -- call fails what is wrong in the steps can you please g

 

From: Sands, Daniel <[hidden email]>
Sent: 16 December 2020 05:00
To: Narayana, Sunil Kumar <[hidden email]>; [hidden email]
Subject: RE: [EXTERNAL] RE: DH_compute_key () - replacement in 3.0

 


NOTICE: This email was received from an EXTERNAL sender


 

We do have generated the key using EVP_PKEY_gen as suggested in earlier emails, but since this was a non-ephemeral and we wanted to store the key in "raw" octet bytes, so we did extracted the whole DH priv/pub key pair out from the key generated via  EVP_PKEY_gen  ( using as suggested… EVP_PKEY_get_raw_public_key (pkey, pub, &len)  )

 

Now, at a later stage in application we have to compute the Secret key using the stored key’s (in above step).

As of now,  these keys are in uchar format, but are converted to BIGNUM and given to DH_compute_key as below.

 

   BIGNUM      *bn_publicKey;

    dh->priv_key = BN_bin2bn(privateKey, octet_len, NULL);

    bn_publicKey = BN_bin2bn(publicKey, octet_len, NULL);

    rv = DH_compute_key(sharedSecret, bn_publicKey, dh);

 

So in order to keep the existing frame work in place and just replace the DH_compute_key, we should be using the  dh->priv_key/ bn_publicKey  to compute shared secret key.

So we require to convert the BIGNUM key types to EVP_KEY types to use in EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, and EVP_PKEY_derive to get shared secret

Please suggest…


Is it possible to change the format of your raw blob?  If so, you can use i2d_PrivateKey or friends to output the entire private key to your raw data blob, and use d2i_PrivateKey et al to read it back into a working EVP_PKEY in a single call.

 

Otherwise, one shortcut you can do to avoid all the params work is to create a static array since you should already know how many params you need.  But you need the public key, the private key, the generator (g), and the prime modulus (p).  The following (untested) code ought to work.

 

OSSL_PARAM params[5];

 

params[0] = OSSL_PARAM_construct_BN(OSSL_PKEY_PARAM_FFC_P, <prime modulus>, <prime modulus bytes size>);

params[1] = OSSL_PARAM_construct_uint(OSSL_PKEY_PARAM_FFC_G, <generator>);

params[2] = OSSL_PARAM_construct_BN(OSSL_PKEY_PARAM_PUB_KEY, <public key>, <public key bytes size>);

params[3] = OSSL_PARAM_construct_BN(OSSL_PKEY_PARAM_PRIV_KEY, <private key>, <private key bytes size>);

params[4] = OSSL_PARAM_construct_end();

 

my_key_ctx = EVP_PKEY_CTX_new_from_name(NULL, “DH”, NULL);

EVP_PKEY_derive_init(my_key_ctx);

EVP_PKEY_CTX_set_params(my_key_ctx, params);

 




Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
Reply | Threaded
Open this post in threaded view
|

RE: [EXTERNAL] RE: DH_compute_key () - replacement in 3.0

OpenSSL - User mailing list

 

 

From: Narayana, Sunil Kumar <[hidden email]>
Sent: Thursday, December 17, 2020 8:17 AM
To: Sands, Daniel <[hidden email]>; [hidden email]
Subject: [EXTERNAL] RE: DH_compute_key () - replacement in 3.0

 

Hi,

                For the equivalent replacement of DH_compute_key in 3.0, we tried to perform the steps suggested in earlier mail below

Our steps are as follows, but we see EVP_PKEY_derive  fails to perform.  please suggest if any steps are wrong or missing here.

 

//input - BIGNUM - pubkey, privkey, p ,

//output - sharedsecret

 

Evp_compute_key(unsigned char* sharedSecret, unsigned int len, BIGNUM *pubkey, BIGNUM *privkey, BIGNUM* dh_p)

{

OSSL_PARAM params[5];

unsigned char*  p_str = BN_bn2dec (dh_p);

unsigned char* pub_str = BN_bn2dec (pubkey);

unsigned char* priv_str = BN_bn2dec (privkey);

 

params[0] = OSSL_PARAM_construct_BN(OSSL_PKEY_PARAM_FFC_P, p_str, strlen(p_str));

params[1] = OSSL_PARAM_construct_uint(OSSL_PKEY_PARAM_FFC_G, &g);

params[2] = OSSL_PARAM_construct_BN(OSSL_PKEY_PARAM_PUB_KEY, pub_str, strlen(pub_str));

params[3] = OSSL_PARAM_construct_BN(OSSL_PKEY_PARAM_PRIV_KEY, priv_str, strlen(priv_str));

params[4] = OSSL_PARAM_construct_end();

 

gctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL);

EVP_PKEY_derive_init(gctx)

EVP_PKEY_CTX_set_params(gctx, params)

 

/* Determine buffer length */

EVP_PKEY_derive(gctx, NULL, &skeylen)

EVP_PKEY_derive(gctx, sharedSecret, &skeylen)

}

 

Note - EVP_PKEY_derive -- call fails what is wrong in the steps can you please g

 

 

 

 

To derive a shared secret, you also need your peer’s public key.  It will also be presented as an EVP_PKEY structure.