[openssl.org #3465] EC command fails to parse ECPrivateKey without optional params

Sat, 19 Jul 2014 00:27:07 -0700 

According to RFC 5915 (http://tools.ietf.org/html/rfc5915):

   ECPrivateKey ::= SEQUENCE {
     version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
     privateKey     OCTET STRING,
     parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
     publicKey  [1] BIT STRING OPTIONAL
   }

Given the following key:

$ dumpasn1 ec-priv-xxx.der
  0  37: SEQUENCE {
  2   1:   INTEGER 1
  5  32:   OCTET STRING
       :     2C 14 F9 E0 30 87 7E 63 7E 4C 4F A3 10 FE 2B 6E
       :     D3 A8 F6 95 31 84 15 E6 58 DA D6 E4 DE DB 06 B9
       :   }

The 'ec' command fails to parse it:

$ openssl ec -in ec-priv-xxx.der -inform DER -text -noout
read EC key
unable to load Key
140735144063452:error:10092010:elliptic curve
routines:d2i_ECPrivateKey:EC lib:ec_asn1.c:1160:

Attempting to parse it in PEM format:

$ openssl ec -in ec-priv-xxx.pem -inform PEM -text -noout
read EC key
unable to load Key
140735144063452:error:10092010:elliptic curve
routines:d2i_ECPrivateKey:EC lib:ec_asn1.c:1160:
140735144063452:error:100DE08E:elliptic curve
routines:OLD_EC_PRIV_DECODE:decode error:ec_ameth.c:566:
140735144063452:error:0D07209B:asn1 encoding
routines:ASN1_get_object:too long:asn1_lib.c:142:
140735144063452:error:0D068066:asn1 encoding
routines:ASN1_CHECK_TLEN:bad object header:tasn_dec.c:1306:
140735144063452:error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1
error:tasn_dec.c:381:Type=PKCS8_PRIV_KEY_INFO
140735144063452:error:0907B00D:PEM
routines:PEM_READ_BIO_PRIVATEKEY:ASN1 lib:pem_pkey.c:132:

Parsing with full parameters is OK:

$ openssl ec -in ec-priv.der -inform DER -text -noout
read EC key
Private-Key: (256 bit)
priv:
    2c:14:f9:e0:30:87:7e:63:7e:4c:4f:a3:10:fe:2b:
    6e:d3:a8:f6:95:31:84:15:e6:58:da:d6:e4:de:db:
    06:b9
pub:
    04:3e:cb:d0:fb:9d:8d:30:fd:69:a0:42:d8:b6:93:
    47:8b:b2:64:2e:bd:d8:27:70:f4:80:85:24:3d:3a:
    a5:23:a8:db:05:67:da:62:66:53:ee:a1:31:f8:0c:
    7f:45:23:72:d0:89:97:c3:90:cb:d5:15:c9:1c:13:
    86:5d:a6:8d:80
ASN1 OID: secp256k1

Attachment: ec-priv-xxx.der
Description: application/x509-ca-cert

Attachment: ec-priv-xxx.pem
Description: application/x509-ca-cert

Attachment: ec-priv.pem
Description: application/x509-ca-cert

Attachment: ec-priv.der
Description: application/x509-ca-cert

Reply via email to