Stephen, > Just to clarify that a bit. EC keys are most comonly represented by named > curves instead of explicit parameters. Unfortunately the default is to use > explicit parameters and there's nothing (yet!) at an EVP_PKEY level to > change that. > > They way you can change it is to either take the generated key or > parameters and do something like this: > > EC_KEY *ec = EVP_PKEY_get1_EC(key); > EC_KEY_set_asn1_flag(ec, OPENSSL_EC_NAMED_CURVE); EC_KEY_free(ec);
At this stage the client only require support of the NIST curves, so I do not think I will have to use this. They did however inquire on using the Brainpool curves, so maybe in future in a follow up project I will. Thanks Leon ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
