The only good way I found was to use the defined OID's - something like
this - no guarantees this table is correct, you should check it.
const char *NIST_by_OID[] = {
"1.2.840.10045.3.1.1", /* P-192 */
"1.3.132.0.33", /* P-224 */
"1.2.840.10045.3.1.7", /* P-256 */
"1.3.132.0.34", /* P-384 */
"1.3.132.0.35", /* P-521 */
"1.3.132.0.1", /* K-163 */
"1.3.132.0.26", /* K-233 */
"1.3.132.0.16", /* K-283 */
"1.3.132.0.36", /* K-409 */
"1.3.132.0.38", /* K-571 */
"1.3.132.0.15", /* B-163 */
"1.3.132.0.27", /* B-233 */
"1.3.132.0.17", /* B-283 */
"1.3.132.0.37", /* B-409 */
"1.3.132.0.39", /* B-571 */
NULL
};
OBJ_txt2nid() will handle these as well as the names you are more familliar
with.
Peter
From: Massimiliano Pala <>
To: OpenSSL Devel <[email protected]>
Date: 22/03/2011 10:08 AM
Subject: EC curve names
Sent by: [email protected]
Hi all,
I was wondering: how do I verify if a pkey used in an ECDSA certificate is
on one specific curve ? Or, better, how to easily print out the txt
identifier
of the curve used in a certificate ? That would be a useful addition to the
output in a ECDSA certificate. Something like:
...
Curve Name: secp384r1
...
Or better, is there an easy way to know if a curve is one of the NIST
approved (SuiteB) ones ?
Cheers,
Max
--
Best Regards,
Massimiliano Pala
--o------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager] [email protected]
[email protected]
Dartmouth Computer Science Dept Home Phone: +1 (603) 369-9332
PKI/Trust Laboratory Work Phone: +1 (603) 646-8734
--o------------------------------------------------------------------------
People who think they know everything are a great annoyance to those of us
who do.
-- Isaac Asimov
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
