> From: owner-openssl-us...@openssl.org On Behalf Of Jeffrey Walton > Sent: Thursday, 13 December, 2012 16:31
> On Thu, Dec 13, 2012 at 12:34 AM, jeetendra gangele > <gangele...@gmail.com> wrote: <snip> > I have not really been following this thread, so please forgive my > dumb questions. > > Are you using a NIST curve? If I recall correctly, OpenSSL only > supports some (all?) NIST curves. If you are trying to use Bernstein's > Curve-25519 (or an arbitrary curve), I don't believe it will work. > OP's code in some places uses secp224r1 and in some places sect163k1. It's not clear which (if either?) is correct. IIRC both of these are in the NIST subset, but just SECG is enough to be standard. libcrypto EC_*, and thus EVP_*, supports both named/standard curves and "explicit" ones. I believe that includes cert verification as relevant to SSL/TLS, but haven't tested. libssl *for key exchange* only supports named curves. > How did you generate the private key (the exponent) and public key > (point on the curve)? > OP apparently didn't generate any key, he's trying to use key values he got from someplace that appear bogus. Nit: the primitive operation in ECC is called addition and the iterated form multiplication, so the privatekey value is called a multiplicand. Unlike RSA and DH, where multiplication in Z_n is iterated to give exponentiation. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
