List, I've continued so long to use the NIST prime curves to implement sign/verify using EVP. I am basically using the same code as for RSA and DSA. This mechanism is so transparent (nice!) that I just want to verify that it is using ECDSA at the backend? Do you have any reference to this fact, which I can add to my code for when the client audits the code?
Regards, Leon Brits > -----Original Message----- > From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] > On Behalf Of Leon Brits > Sent: 20 March 2013 09:27 AM > To: openssl-dev@openssl.org > Subject: RE: EVP and Elliptic curve > > Hi Matt, > > > Can you send me an offending PEM file? > > I've replied with this information attached to your second message > > > They are different formats. If it has BEGIN PRIVATE KEY it is in PKCS > > 8 format. See: > > https://www.openssl.org/docs/apps/pkcs8.html > > > > If it says BEGIN EC PRIVATE KEY then its as per RFC 5915 > > My requirement is too support PKCS8 for private keys, so I will do so for > elliptic curve key pairs as well. > > > The "sec" ones are named the same as per this document: > > http://www.secg.org/collateral/sec2_final.pdf > > > > The k indicates its a Kolbitz curve, whilst an "r" indicates that the > > parameters have been generated verifiably at random. The number is > > just to distinguish different curves with the similar characteristics > e.g. > > sect193r1 and sect193r2. X9_62 refers to the ANSI standard X9.62 > > Thanks for that explanation - so, just to understand the history, why is > there no secp256_r1 as well as the ANSI standard curve. In other words, > why does the ANSI curve replace it instead of being an additional curve? > > Again my gratitude to the you and the list Leon Brits > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List openssl-dev@openssl.org > Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
