> From: owner-openssl-us...@openssl.org On Behalf Of dave > Sent: Monday, August 04, 2014 15:50
> I have it that the elliptic multiply is not standard. So I have been > skip tracing though the code. > It starts with ec_key.c, with EC_KEY_generate_key. This grabs the > group or or the particular curves prime field size. It then uses this No, it uses the order of the generator or equivalently the subgroup generated by the generator and used for operations. For a curve over a prime field Zp the subgroup order is either slightly less than p or slightly less than p divided by a small integer called the cofactor (small meaning usually 2 or 4). For a curve over a "binary" (m-bit) field the order is somewhat less than 2^m, or that divided by a small cofactor. > as the range for bn_rand_range. This is in bn_rand.c. In that it > uses the first half which is bnrand. That grabs the time and shifts it > around to start the process. Since the order or range is a large number It logically adds the current time (assuming available) to the entropy pool. Adding entropy is done by mixing bits in a fashion that should depend on both/all inputs in a complicated way, but I haven't looked recently. Using *only* the current time to seed random generation would not be secure, and is a common mistake by inexperienced people. > in hex it looks like the output of the private key is also in hex. The private key is a large (integer) number. There are many ways of representing integers. Hex is a common way of representing large integers, because it can easily be broken up into, or formed from, 8-bit bytes or other power-of-2 size units that are common on modern computers. In particular when an EC private key is stored in the standard ASN.1 format defined in X9.62 and used in among others PKCS#8 and PKCS#12, the privatekey is stored as ASN.1 integer which some tools including openssl asn1parse show in hex. > After that the generate key does the point multiply to make the public. > Is there some other variable used here that I am missing? > Doesn't sound like it. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org