Raw EC key to EVP_PKEY to certificate

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



My overall goal is to create an X509 certificate for an ECC public key. I am starting with the X and Y points. The curve is NIST_P256.

Here's the basic code.  Am I close?

- EC_KEY ecKey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)
- convert x and y from bin to bignum
- EC_KEY_set_public_key_affine_coordinates(ecKey, x, y)
- EVP_PUBKEY evpPubkey = EVP_PKEY_new()
- EVP_PKEY_set1_EC_KEY(evpPubkey, ecKey);
- X509_set_pubkey(x509Certificate, evpPubkey);

I'm getting far more information that I suspect I need. See the two dumps below.

My result looks like this:

           Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:e7:de:55:b0:09:2f:0a:83:0a:c9:fc:f0:82:d7:
                    97:e0:4e:02:7d:75:08:44:74:3e:5f:b6:b3:29:3d:
                    ad:69:b3:f4:c5:3d:65:ed:94:23:89:37:5c:d5:e5:
                    4c:0b:77:d4:55:f6:3c:83:24:27:fb:cb:21:dc:66:
                    df:11:5d:ac:65
                Field Type: prime-field
                Prime:
                    00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
                    00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
                    ff:ff:ff
                A:
                    00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
                    00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
                    ff:ff:fc
                B:
                    5a:c6:35:d8:aa:3a:93:e7:b3:eb:bd:55:76:98:86:
                    bc:65:1d:06:b0:cc:53:b0:f6:3b:ce:3c:3e:27:d2:
                    60:4b
                Generator (uncompressed):
                    04:6b:17:d1:f2:e1:2c:42:47:f8:bc:e6:e5:63:a4:
                    40:f2:77:03:7d:81:2d:eb:33:a0:f4:a1:39:45:d8:
                    98:c2:96:4f:e3:42:e2:fe:1a:7f:9b:8e:e7:eb:4a:
                    7c:0f:9e:16:2b:ce:33:57:6b:31:5e:ce:cb:b6:40:
                    68:37:bf:51:f5
                Order:
                    00:ff:ff:ff:ff:00:00:00:00:ff:ff:ff:ff:ff:ff:
                    ff:ff:bc:e6:fa:ad:a7:17:9e:84:f3:b9:ca:c2:fc:
                    63:25:51
                Cofactor:  1 (0x1)
                Seed:
                    c4:9d:36:08:86:e7:04:93:6a:66:78:e1:13:9d:26:
                    b7:81:9f:7e:90

while other certificates I see look like this:

            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:b2:72:2e:90:17:f8:19:2e:20:bb:cd:ee:fd:0a:
                    c5:f8:79:9f:33:e2:e3:04:f5:54:2c:39:7d:bb:b7:
                    7d:d5:b4:51:38:02:df:f1:14:44:81:9f:1e:1d:e1:
                    df:0e:4d:94:c8:15:26:5d:2a:96:9f:c2:dc:f0:c1:
                    3c:78:c1:1d:eb
                ASN1 OID: prime256v1
                NIST CURVE: P-256


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux