Re: EVP_MD_CTX_free documentation

2021-07-30 Thread Ken Goldman
Thanks. It would be good to document it (and that all the _new's return NULL on an error). On 7/30/2021 3:03 PM, Matt Caswell wrote: All our _free functions will accept NULL. We rely on this extensively *everywhere*. We perhaps could be better at documenting it, but you can rely on it. Matt

Algorithms Used for openssl- pkcs12

2021-07-30 Thread Malkin, Vlad
Hello We're unable to find documentation on the specific standards/algorithms used by the openssl -pkcs12 command for OpenSSL version 1.1.1k. Specifically, when a password is used (-password) for private key wrap key derivation, is the algorithm compliant with NIST SP 800-132? Also, when the A

Re: EVP_MD_CTX_free documentation

2021-07-30 Thread Matt Caswell
All our _free functions will accept NULL. We rely on this extensively *everywhere*. We perhaps could be better at documenting it, but you can rely on it. Matt On 30/07/2021 17:55, Ken Goldman wrote: It would be nice if the documentation would guarantee that this function is a no-op when the p

EVP_MD_CTX_free documentation

2021-07-30 Thread Ken Goldman
It would be nice if the documentation would guarantee that this function is a no-op when the parameter is NULL - like the standard free() call. This would save coding (if not NULL) all the time. Same comment for all the _free functions. I know I can look at the code, but that doesn't provide an

Re: Accessing bignums of a RSA key with OpenSSL 3.0?

2021-07-30 Thread Matt Caswell
Note that the names are also documented here: https://www.openssl.org/docs/manmaster/man7/EVP_KEYMGMT-RSA.html On 30/07/2021 14:29, Olivier Mascia via openssl-users wrote: Thanks! BIGNUM* n; BIGNUM* e; BIGNUM* d; EVP_PKEY_get_bn_param(cert.key(), OSSL_PKEY_PARAM

Re: Accessing bignums of a RSA key with OpenSSL 3.0?

2021-07-30 Thread Olivier Mascia via openssl-users
Thanks! BIGNUM* n; BIGNUM* e; BIGNUM* d; EVP_PKEY_get_bn_param(cert.key(), OSSL_PKEY_PARAM_RSA_N, &n); EVP_PKEY_get_bn_param(cert.key(), OSSL_PKEY_PARAM_RSA_E, &e); EVP_PKEY_get_bn_param(cert.key(), OSSL_PKEY_PARAM_RSA_D, &d); Now, the reverse exerc

Re: Accessing bignums of a RSA key with OpenSSL 3.0?

2021-07-30 Thread Dr Paul Dale
Try: include/openssl/core_names.h The names are "n", "e" and "d" in this case. Pauli On 30/7/21 10:57 pm, Olivier Mascia via openssl-users wrote: Dear all, Testing migration to OpenSSL 3.0. Got to update some code building a JWK (in relation to ACME LetsEncrypt protocols). Having an EVP_PK

Accessing bignums of a RSA key with OpenSSL 3.0?

2021-07-30 Thread Olivier Mascia via openssl-users
Dear all, Testing migration to OpenSSL 3.0. Got to update some code building a JWK (in relation to ACME LetsEncrypt protocols). Having an EVP_PKEY which happens to be a RSA key, I proceeded this way (1.1.1) to extract the bignums needed for inclusion into the JWK: // Access the numeric