i was given a small "ecsign.exe" program that takes some ECC parameters, the private key, a random number, and outputs a signature of the specified binary. i'm trying to ditch this program in favor of the openssl suite (for obvious practical reasons).
for example, the parameters file looks like (where # are comments): 163 # m: dimension of binary field 1 # a constant 1 # b constant 4000000000000000000020108A2E0CC0D99F8A5EF # Xg 2FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8 # Yg 289070FB05D38FF58321F2E800536D538CCDAA3D9 # n 7 # k3 constant 6 # k2 constant 3 # k1 constant the private key looks like (no, not a security issue, this is a demo key): 1133A74FDA4FA538C92CE543521336B038D18EB5B the random number (again, demo value): 3A852AFB339E7AE3220CED10F478E0A018AAD27EF and for its output signature on a random file, we get: 3C47B123C88549E6E375B2393AFBF604AEB9E9CE3 3069158A3B7AAA828086DAEC4875D949070885D24 it also produces this, but i believe it is a reformatting of the above: E39C9EEB4A60BFAF93235B376E9E54883C127BC403000000245D887090945D87C4AE6D0828A8AAB7A358910603000000 ive been trying to figure out exactly how to invoke openssl to get the equivalent behavior. using "-name sect163k1", it seems i do not need to set a/b/n manually as the ones used are the default. but i cant figure out where to plugin Xg/Yg/k3/k2/k1. i'm creating the parameters file with: openssl ecparam -name sect163k1 -rand <randfile> -param_enc explicit -text but this is about where i'm stuck. i guess the output of ecparam is the .pem file that i'd combine with the private key above to feed to `openssl ec` to sign the binary in question. but i'm not sure how to convert the private key to the pem format ... when i use -genkey, the resulting base64 encoded key looks to be much longer than the private key i have above ? -mike ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
