Re: compressed ecdsa public keys

[Robert Moskowitz <rgm@xxxxxxxxxxxxxxx>]

I missed 5480.  All clear now.  Interesting of the need of a separate 
step for compression, but  I can run with this.

thanks!

On 6/5/23 09:50, Viktor Dukhovni wrote:
> On Mon, Jun 05, 2023 at 09:17:18AM -0400, Robert Moskowitz wrote:
> > is there a way in genkey to create an ECDSA P-256 in compressed format
> > (now that the patent is well expired)?
> >
> > I have been looking at openssl docs for genkey, but not seeing it and
> > how to then create the proper PEM files with the compressed value so I
> > can then use openssl ca to create the certs with the public key compressed.
>    $ openssl genpkey -algorithm ec -pkeyopt ec_paramgen_curve:prime256v1 |
>          openssl ec -conv_form compressed -out /tmp/key.pem
>    $ openssl req -x509 -new -subj / -key /tmp/key.pem -out /tmp/cert.pem
>    $ openssl x509 -in /tmp/cert.pem -text -noout
>      Certificate:
>          Data:
>              Version: 3 (0x2)
>              Serial Number:
>                  07:2e:36:b8:ce:43:2d:07:82:b9:0c:c3:d0:4a:c7:e1:4f:11:f8:10
>              Signature Algorithm: ecdsa-with-SHA256
>              Issuer:
>              Validity
>                  Not Before: Jun  5 13:44:44 2023 GMT
>                  Not After : Jul  5 13:44:44 2023 GMT
>              Subject:
>              Subject Public Key Info:
>                  Public Key Algorithm: id-ecPublicKey
>                      Public-Key: (256 bit)
>                      pub:
>                          02:ad:13:9c:0c:46:10:b6:56:84:02:dc:ba:38:da:
>                          2f:25:00:1b:67:51:6d:22:b9:e3:d9:64:92:7a:f7:
>                          da:3b:7a
>                      ASN1 OID: prime256v1
>                      NIST CURVE: P-256
>              X509v3 extensions:
>                  X509v3 Subject Key Identifier:
>                      25:6C:7C:DB:39:52:3F:02:60:B6:4F:CD:C3:48:16:36:2D:B3:EE:9A
>                  X509v3 Authority Key Identifier:
>                      keyid:25:6C:7C:DB:39:52:3F:02:60:B6:4F:CD:C3:48:16:36:2D:B3:EE:9A
>
>              X509v3 Basic Constraints: critical
>                  CA:TRUE
>      Signature Algorithm: ecdsa-with-SHA256
>           30:45:02:21:00:9b:88:e7:e5:3c:d4:77:54:54:41:fa:2d:ed:
>           2e:cb:67:57:1c:7a:13:0e:c9:cc:10:4d:a3:0e:a3:04:8d:65:
>           70:02:20:5a:7c:0f:51:d5:40:10:1d:d6:7f:88:eb:99:d8:75:
>           9c:c9:d4:9e:3d:9d:e4:3c:51:0f:7f:e2:48:46:4b:dc:bc
>
> Note that support for comressed EC keys is optional:
>
>      https://www.rfc-editor.org/rfc/rfc5480#section-2.2
>
>     Implementations of Elliptic Curve Cryptography according to this
>     document MUST support the uncompressed form and MAY support the
>     compressed form of the ECC public key.  The hybrid form of the ECC
>     public key from [X9.62] MUST NOT be used.