I'm extremely new to this so any help would be much appreciated. Ultimately I need to use pre-computed Public and Private EC keys to digitally sign and verify a message. I can't seem to be able to take the DER encoded keys and produce a usable EC_KEY for calling the ECDSA_sign() or ECDSA_verify() functions.
To try to simplify, I attempted the following unrelated code (error checking removed) int len; unsigned char *pptr; unsigned char buf[1024]; int ret; ECDSA_SIG *sig; EC_KEY *newkey; EC_KEY *eckey = EC_KEY_new(); // Get the EC Group eckey->group = EC_GROUP_new_by_curve_name(NID_secp192k1); // Generate a new key if (!EC_KEY_generate_key(eckey)) { printf("Error generating key!\n"); return 0; } // Get the private key in DER pptr = buf; len = i2d_ECPrivateKey(eckey, &pptr); // Convert the private key back from DER/allocate new eckey newkey = d2i_ECPrivateKey(NULL, &pptr, len); if (newkey == NULL) { printf("This always fails!!\n"); } Why does the call to d2i_ECPrivateKey(NULL, &pptr, len); always fail? (the length returned from the previous call is 222), generating the key, allocation and group by name all appears to work. I think what I am really lacking is an understanding of how the ECDSA library is meant to be used. Are there any examples of how to do this? Everything I find seems to use the above 'generate key' rather than using pre-computed keys. I would have thought that I passed my known key into the d2i_ECPrivateKey() function and used the result from that point forward. Is this not the normal use flow? Thanks in advance for any advice (or pointers on where to read more), Ryan