On 17/11/2021 21:49, Michael Wojcik wrote:
Further on this, I'd like to know where the OP got a file with a "BEGIN EC PUBLIC
KEY" header. Various discussions elsewhere (including one from this list in 2017)
cast doubt on the existence of any such beast.
AFAIK no such for
您好,您的邮件我已收到,我会尽快阅读,谢谢!
您好,您的邮件我已收到,我会尽快阅读,谢谢!
On Wed, Nov 17, 2021 at 11:11:58AM -0500, Felipe Gasper wrote:
> Does OpenSSL intend to handle EC public keys that in PEM begin “BEGIN EC
> PUBLIC KEY”?
I doubt it, but there is:
$ openssl genpkey -algorithm ec -pkeyopt ec_paramgen_curve:prime256v1 |
openssl ec
read
On Wed, Nov 17, 2021 at 10:37:01PM -0500, Felipe Gasper wrote:
> It came from my own (very incomplete) crypto implementation.
> (https://github.com/FGasper/p5-Crypt-Perl) It looks like I just had
> the wrong idea about EC public keys back-when.
>
> Funny thing is that the “EC PUB
> On Nov 17, 2021, at 16:49, Michael Wojcik
> wrote:
>
>> From: Michael Wojcik
>> Sent: Wednesday, 17 November, 2021 14:22
>> To: openssl-users@openssl.org
>> Subject: RE: “EC PUBLIC KEY”
>>
>>> From: openssl-users On Behalf Of
>> Billy
> From: Michael Wojcik
> Sent: Wednesday, 17 November, 2021 14:22
> To: openssl-users@openssl.org
> Subject: RE: “EC PUBLIC KEY”
>
> > From: openssl-users On Behalf Of
> Billy
> > Brumley
> > Sent: Wednesday, 17 November, 2021 12:40
> > To: openssl-use
> From: openssl-users On Behalf Of Billy
> Brumley
> Sent: Wednesday, 17 November, 2021 12:40
> To: openssl-users@openssl.org
> Subject: Re: “EC PUBLIC KEY”
>
> That's an ed25519 key. Not an ECC key. They are different formats, at
> both the OID and asn1 structure level
em
>
> This uses the PEM header "BEGIN PUBLIC KEY", but it's an ECC public key in
> PEM format.
That's an ed25519 key. Not an ECC key. They are different formats, at
both the OID and asn1 structure levels.
> This version of OpenSSL doesn't recognize "BEGIN EC PUBLIC KEY
> From: openssl-users On Behalf Of
> Felipe Gasper
> Sent: Wednesday, 17 November, 2021 09:12
> To: openssl-users@openssl.org
> Subject: “EC PUBLIC KEY”
>
> Does OpenSSL intend to handle EC public keys that in PEM begin
> “BEGIN EC PUBLIC KEY”?
>
>
Hello,
Does OpenSSL intend to handle EC public keys that in PEM begin “BEGIN
EC PUBLIC KEY”?
I can’t find a way to output this format and am not sure if it’s
actually defined anywhere, but it seems like a logical analogue to the
default/legacy RSA public key format
On Dec 17, 2018, at 11:42 PM, Billy Brumley wrote:
>
> But 0.4% is suspiciously close to 1/256, so I'm willing to bet your
> problem surrounds your size assumptions in various functions. Check
> the manpage of e.g. EC_POINT_point2oct and grep for usage in the
> library, but the idea is to pass
On Tue, Dec 18, 2018 at 12:07 AM Mike Blaguszewski wrote:
>
> Some code of mine reads a NIST P256 private key from bytes and derives the
> public key from it, and this derived public key is incorrect about 0.4% of
> the time. I’ve attached a sample program that does the following.
>
> 1.
Some code of mine reads a NIST P256 private key from bytes and derives the
public key from it, and this derived public key is incorrect about 0.4% of the
time. I’ve attached a sample program that does the following.
1. Generate a key-pair of type NID_X9_62_prime256v1
2. Write the public and
N1
method decode/encode the appropriate parameters from the CMS ASN1 data
and send appropriate data to the EC public key method.
And further refinements in later commits.
--
Viktor.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
On 15/01/17 03:47, Norm Green wrote:
> Is there a way to encrypt a file using the openssl command with an
> elliptic curve public key? Here's what I get when I try using OpenSSL
> 1.1.0c :
OpenSSL only supports ECDH (for key exchange) and ECDSA (for digital
signatures) for elliptic curve keys,
Is there a way to encrypt a file using the openssl command with an
elliptic curve public key? Here's what I get when I try using OpenSSL
1.1.0c :
normg>./openssl pkeyutl -encrypt -pubin -inkey secp256k1-public-key.pem
-in a.txt -out a.txt.enc
pkeyutl: Error initializing context
Thank you - employing the pointers (no pun intended :) that you gave, the
code now is doing exactly what’s needed, and utilizes RDRAND (as required
by the specs I have, and my personal preferences as well).
> set the default RAND_method to the engine
This is what I did not do originally -
On Tue, Mar 22, 2016 at 6:54 PM, Jeffrey Walton wrote:
>> Now one small question: how do I ensure that RAND_engine (and therefore
>> Intel RDRAND output) is being used for the key generation in
>>EVP_PKEY_keygen(ctx, );
>>
>> Is just loading RAND_engine enough for that?
> Now one small question: how do I ensure that RAND_engine (and therefore
> Intel RDRAND output) is being used for the key generation in
>EVP_PKEY_keygen(ctx, );
>
> Is just loading RAND_engine enough for that?
>
To verify it, I think you need to inspect the default RAND method. Its
10 smartphone on the Verizon Wireless 4G LTE network.
Original Message
From: Viktor Dukhovni
Sent: Sunday, March 20, 2016 22:39
To: openssl-users@openssl.org
Reply To: openssl-users@openssl.org
Subject: Re: [openssl-users] Naive: how to generate EC public key from EC
private key
Viktor and Jeffrey,
Thank you! Now I understand. And it works. ;)
--
Regards,
Uri Blumenthal
On 3/20/16, 22:38, "openssl-users on behalf of Viktor Dukhovni"
wrote:
>
>> On Mar 20, 2016, at 10:32 PM, Blumenthal, Uri -
> On Mar 20, 2016, at 10:32 PM, Blumenthal, Uri - 0553 - MITLL
> wrote:
>
> dup_ekey = EVP_PKEY_get1_EC_KEY(pubkey);
> group = (EC_GROUP*) EC_KEY_get0_group(dup_ekey);
Declare the group as:
const EC_GROUP *group;
Then:
group = EC_KEY_get0_group();
> nid =
> 2. For some reason the following code does not work - subsequent requests
> that involve pub key fail:
>
> dup_ekey = EVP_PKEY_get1_EC_KEY(pubkey);
> group = (EC_GROUP*) EC_KEY_get0_group(dup_ekey);
> nid = EC_GROUP_get_curve_name(group);
> printf("wrap: Deriving ECC keys over curve
Thank you!!
Now the code works (using the outline Stephen suggested, as it is simpler
:)!
I still have a few questions/issues.
1. EVP_PKEY_get0_EC_KEY(key) is only defined for 1.1. I had to use
EVP_PKEY_get1_EC_KEY(key) with 1.0.2g. (this is not a problem - just a
remark)
2. For some reason
> On Mar 17, 2016, at 5:17 PM, Blumenthal, Uri - 0553 - MITLL
> wrote:
>
> I’ve an extremely naïve question. I am generating ephemeral EC keys for ECDH,
> following the example in
> https://wiki.openssl.org/index.php/EVP_Key_and_Parameter_Generation
>
> But it looks like
I’ve an extremely naïve question. I am generating ephemeral EC keys for
ECDH, following the example in
https://wiki.openssl.org/index.php/EVP_Key_and_Parameter_Generation
But it looks like the example ends on generation of the private key:
/* Generate the key */
if (!EVP_PKEY_keygen(kctx, )) goto
;>http://openssl.org/docs/manmaster/crypto/EC_KEY_key2buf.html
>>> to extract EC public key octets.
>>
>>That's only available in the master branch, only encodes the key value
>>and not
>>its parameters and of course it only works for EC.
>
>Got it. I’l
On Fri, Mar 18, 2016 at 06:59:36PM +, Blumenthal, Uri - 0553 - MITLL wrote:
> Answered my own question: should use EVP_PKEY_bits(pkey) instead.
That's not the right way to determine the curve id.
> >How do I determine what curve the above key is on?
For that you need to determine the
; openssl-users@openssl.org
Reply To: openssl-users@openssl.org
Subject: Re: [openssl-users] Naive: how to generate EC public key from EC
private key?
Great! Say, I want to extract the public key and make it available to another
entity or module? Possibly DER-encoded, though I'd like to learn
sk.
>
> Well you can work with
> http://openssl.org/docs/manmaster/crypto/EC_KEY_key2buf.html
> to extract EC public key octets.
That's only available in the master branch, only encodes the key value and not
its parameters and of course it only works for EC.
> If you want an ASN.1 e
network.
Original Message
From: Viktor Dukhovni
Sent: Thursday, March 17, 2016 17:57
To: openssl-users@openssl.org
Reply To: openssl-users@openssl.org
Subject: Re: [openssl-users] Naive: how to generate EC public key from EC
private key?
> On Mar 17, 2016, at 5:17 PM, Blumenthal,
>http://openssl.org/docs/manmaster/crypto/EC_KEY_key2buf.html
>> to extract EC public key octets.
>
>That's only available in the master branch, only encodes the key value
>and not
>its parameters and of course it only works for EC.
Got it. I’ll not use it, as it’s too speci
uf.html
to extract EC public key octets. If you want an ASN.1 encoded "SPKI" object
(i.e. an
X509_PUBKEY in OpenSSL) then you can use
X509_PUBKEY *pk = NULL;
unsigned char *buf = NULL;
EVP_PKEY *key;
key = ... ; /* Get a keypair */
On Fri, Mar 18, 2016, Viktor Dukhovni wrote:
> On Fri, Mar 18, 2016 at 06:59:36PM +, Blumenthal, Uri - 0553 - MITLL
> wrote:
>
> > Answered my own question: should use EVP_PKEY_bits(pkey) instead.
>
> That's not the right way to determine the curve id.
>
> > >How do I determine what curve
Hi all,
As the subject says I'm grabbing a public key from a PEMK encoded X509
cert and I compute the SHA-1 hash over this to create a signer id. This
is done by using PEM_read_X509 to read the PEM cert into an x509 struct,
using X509_get_pubkey to obtain the public key as an EVP_PKEY from
On Wed, Mar 11, 2009 at 12:10:47PM -0700, Larson, John wrote:
As the subject says I'm grabbing a public key from a PEMK encoded X509
cert and I compute the SHA-1 hash over this to create a signer id. This
is done by using PEM_read_X509 to read the PEM cert into an x509 struct,
using
Identifier as hoped, thanks!
-John Larson
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Victor Duchovni
Sent: Wednesday, March 11, 2009 12:21 PM
To: openssl-users@openssl.org
Subject: Re: Obtaining EC Public Key from X509 PEM
Hi John:
On March 11, 2009 03:10:47 pm Larson, John wrote:
Hi all,
As the subject says I'm grabbing a public key from a PEMK encoded X509
cert and I compute the SHA-1 hash over this to create a signer id. This
is done by using PEM_read_X509 to read the PEM cert into an x509 struct,
using
EC Public Key:
pub:
04:00:71:b0:b1:69:5c:a2:db:26:fa:ef:96:d7:83:
a3:1c:a6:44:4b:1b:5f:e7:a7:6f:dd:08:53:32:1e:
b3:fc:73:87:a2:e3:90:fa:04:77:da:18:4f:58:49:
fa:cd:78:1f:e6:3f:c4:70:a9:5a
this message in context:
http://www.nabble.com/What-meams-first-byte-%2704%27-in-EC-public-key--tf4532762.html#a12935481
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project
Hello,
I created EC keypair via JAVA with secp160r2 template. When I looked at text
form of public key, I saw there this:
04666d59b1fb53c1c998c12c71731d3a36a37cd995cadeee96c156c8d7c7852b39b5fefd1fa3ce18c7
I know that last 40 bytes present x and y number of ec point but I don't
know what
Hello,
I create ec key pair with secp160r2 curve and I need to achieve information
from public key in der format as:
EC Public Key:
pub:
04:66:6d:59:b1:fb:53:c1:c9:98:c1:2c:71:73:1d:
3a:36:a3:7c:d9:95:ca:de:ee:96:c1:56:c8:d7:c7
Hello everybody
I have some questions.
I create ec key pair with secp160r2 curve and I need to achieve information
from public key in der format as:
EC Public Key:
pub:
04:66:6d:59:b1:fb:53:c1:c9:98:c1:2c:71:73:1d:
3a:36:a3:7c:d9:95
Hello,
My question is: how many bytes does public key(EC or RSA) takes in X509
certificate ? 64B for EC and 162B for RSA. Does X509 contain whole RSA
public key structure(162) in itself or only 1024bit modulus and 4 bytes for
exponent ? Does
Public key for RSA in X509 contains ASN.1 SEQUENCE
45 matches
Mail list logo