Re: Generate ECC key with password protection

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 13/01/17 14:32, Ken Goldman wrote:
> Thanks, getting closer ...
> 
> On 1/12/2017 5:47 PM, Viktor Dukhovni wrote:
>>> My latest attempt is this.  It gives me a usage error.  Any hints?
>>>
>>> openssl genpkey -out cakeyecc.pem -outform pem  -pass pass:rrrr
>>> aes-256-cbc -algorithm ec pkeyopt ec_paramgen_curve:prime256v1 -text
>>
>> The "aes-256-cbc" argument is wrong.  Try "-aes256".
> 
> BTW, I got aes-256-cbc from
> 
> https://wiki.openssl.org/index.php/Command_Line_Elliptic_Curve_Operations
> 
> and > openssl list-cipher-commands
> 
>>
>> Also, take a look at test/certs/mkcert.sh:
> 
> I looked at that, but what is $bits?
> 
> I got prime256v1, the curve I want, from
> 
> openssl ecparam -list_curves
> 
> My next tries:
> 
> openssl genpkey -out cakeyecc.pem -outform pem -pass pass:rrrr -aes256
> -algorithm ec pkeyopt ec_paramgen_curve:prime256v1 -text

Try it with a "-" in front of "pkeyopt"!!!

Matt



> 
> openssl genpkey -out cakeyecc.pem -outform pem -pass pass:rrrr -aes256
> -algorithm ec pkeyopt ec_paramgen_curve:prime256v1 pkeyopt
> ec_param_enc:named_curve -text
> 
> openssl genpkey -out cakeyecc.pem -outform pem -pass pass:rrrr -aes256
> -algorithm ec pkeyopt ec_paramgen_curve:prime256v1 pkeyopt
> ec_param_enc:explicit -text
> 
> I get:
> 
> Error generating key
> 140529942484808:error:100C708B:elliptic curve routines:PKEY_EC_KEYGEN:no
> parameters set:ec_pmeth.c:294:
> 
> It's probably this LOC, but what am I missing?
> 
>     if (ctx->pkey == NULL && dctx->gen_group == NULL) {
>         ECerr(EC_F_PKEY_EC_KEYGEN, EC_R_NO_PARAMETERS_SET);
>         return 0;
>     }
> 
> 
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux