Here is an example of the C# export for a key, I have added line breaks
<ECDSAKeyValue xmlns="http://www.w3.org/2001/04/xmldsig-more#">
<DomainParameters>
<NamedCurve URN="urn:oid:1.3.132.0.34" />
</DomainParameters>
<PublicKey>
<X Value="1902202729747667972037907690858726927598735515
9453131739849441348197140389889215510822928340340114265083966753527920"
xsi:type="PrimeFieldElemType" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" />
<Y Value="2166460856334825178504234528741952408073634514
9497343748736063144545323191375900071111148263795957487183518893659845"
xsi:type="PrimeFieldElemType" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" />
</PublicKey>
</ECDSAKeyValue>
So one can see the very long co-ordinate pair, X & Y but also what matters is the curve name/id. In the above export from (C#) it says Named Curve "urn:oid:1.3.132.0.34" and this tallies to secp384r1 because IBM say so here. Here is a fuller list
- NIST recommended curves
- secp192r1 – {1.2.840.10045.3.1.1}
- secp224r1 – {1.3.132.0.33}
- secp256r1 – {1.2.840.10045.3.1.7}
- secp384r1 – {1.3.132.0.34}
- secp521r1 – {1.3.132.0.35}
This matters because OpenSSL lists its curves using the text name and not the oid. Like so ...
C:\OpenSSL-Win64\bin>openssl ecparam -list_curves
secp112r1 : SECG/WTLS curve over a 112 bit prime field
secp112r2 : SECG curve over a 112 bit prime field
secp128r1 : SECG curve over a 128 bit prime field
secp128r2 : SECG curve over a 128 bit prime field
secp160k1 : SECG curve over a 160 bit prime field
secp160r1 : SECG curve over a 160 bit prime field
secp160r2 : SECG/WTLS curve over a 160 bit prime field
secp192k1 : SECG curve over a 192 bit prime field
secp224k1 : SECG curve over a 224 bit prime field
secp224r1 : NIST/SECG curve over a 224 bit prime field
secp256k1 : SECG curve over a 256 bit prime field
secp384r1 : NIST/SECG curve over a 384 bit prime field
No comments:
Post a Comment