On Sat Jul 19 09:14:36 2014, noloa...@gmail.com wrote: > According to RFC 5915 (http://tools.ietf.org/html/rfc5915): > > ECPrivateKey ::= SEQUENCE { > version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1), > privateKey OCTET STRING, > parameters [0] ECParameters {{ NamedCurve }} OPTIONAL, > publicKey [1] BIT STRING OPTIONAL > } > > Given the following key: > > $ dumpasn1 ec-priv-xxx.der > 0 37: SEQUENCE { > 2 1: INTEGER 1 > 5 32: OCTET STRING > : 2C 14 F9 E0 30 87 7E 63 7E 4C 4F A3 10 FE 2B 6E > : D3 A8 F6 95 31 84 15 E6 58 DA D6 E4 DE DB 06 B9 > : } > > The 'ec' command fails to parse it: > > $ openssl ec -in ec-priv-xxx.der -inform DER -text -noout > read EC key > unable to load Key > 140735144063452:error:10092010:elliptic curve > routines:d2i_ECPrivateKey:EC lib:ec_asn1.c:1160: >
The EC code assumes that parameters are present in several places and can't be adjusted to cover absent parameters AFAICS without some major changes. A private key without parameters is unusable anyway. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
