On Fri, Feb 21, 2014 at 03:38:19PM +1100, Cagri Emer wrote:
> When I create a EC key with ecparam, and bind that to a certificate as
> shown in steps 1 to 3, that certificate works fine with Apache.
>
> If I try to achieve the same result with genpkey as shown in steps
> 4-7, then the certificate does not work with Apache.
>
> genpkey does not append the curve parameters to the key. Even if I
> concatenate the parameters and key by hand, resulting certificate does
> not work. Is this the expected behaviour of genpkey or is it a bug?
Perhaps a documentation misfeature. With OpenSSL 1.0.1f (and bash
in-line file handles), this correctly yields a key on a named curve
usable with TLS:
$ openssl genpkey -paramfile <(openssl ecparam -name prime256v1) |
openssl pkey -text -noout
Private-Key: (256 bit)
priv:
00:af:e9:46:b6:d3:77:09:88:26:c5:d8:24:0d:e9:
ca:a9:a2:5e:8c:48:2b:8d:ac:c9:8a:3b:3f:9a:a8:
d9:5a:fd
pub:
04:10:5e:ed:62:0d:ba:da:94:b2:25:2b:ff:4d:2d:
f5:7e:bd:8b:ba:0e:8e:69:d6:3e:9a:c5:35:e9:09:
40:53:32:f7:2a:6d:22:b1:75:e2:29:05:5b:c6:7e:
06:24:ba:1d:7b:f5:db:8e:3d:32:94:89:d3:52:76:
df:1b:e7:da:b5
ASN1 OID: prime256v1
while your approach fails, because you get explicit parameters rather than a
named curve.
$ openssl genpkey -paramfile <(openssl genpkey -genparam \
-algorithm EC -pkeyopt ec_paramgen_curve:prime256v1) |
openssl pkey -text -noout
Private-Key: (256 bit)
priv:
0a:42:97:87:7a:3d:60:f6:fd:60:07:9b:d8:4c:ae:
e2:e7:2a:3f:df:73:d2:f4:26:f4:44:20:c9:bb:ba:
db:f8
pub:
04:15:d9:71:73:3d:96:89:f1:52:11:95:cf:c0:8c:
5e:03:8e:bc:19:11:9d:20:f8:10:88:19:15:40:a4:
95:36:12:48:35:87:39:29:c0:40:ba:ab:97:73:34:
99:60:64:82:70:44:b7:43:5b:b0:b6:4d:5f:a5:60:
30:71:c8:d3:1a
Field Type: prime-field
Prime:
00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
ff:ff:ff
A:
00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
ff:ff:fc
B:
5a:c6:35:d8:aa:3a:93:e7:b3:eb:bd:55:76:98:86:
bc:65:1d:06:b0:cc:53:b0:f6:3b:ce:3c:3e:27:d2:
60:4b
Generator (uncompressed):
04:6b:17:d1:f2:e1:2c:42:47:f8:bc:e6:e5:63:a4:
40:f2:77:03:7d:81:2d:eb:33:a0:f4:a1:39:45:d8:
98:c2:96:4f:e3:42:e2:fe:1a:7f:9b:8e:e7:eb:4a:
7c:0f:9e:16:2b:ce:33:57:6b:31:5e:ce:cb:b6:40:
68:37:bf:51:f5
Order:
00:ff:ff:ff:ff:00:00:00:00:ff:ff:ff:ff:ff:ff:
ff:ff:bc:e6:fa:ad:a7:17:9e:84:f3:b9:ca:c2:fc:
63:25:51
Cofactor: 1 (0x1)
Seed:
c4:9d:36:08:86:e7:04:93:6a:66:78:e1:13:9d:26:
b7:81:9f:7e:90
The difference is due to the parameter format. Your version:
$ openssl genpkey -genparam \
-algorithm EC -pkeyopt ec_paramgen_curve:prime256v1 |
openssl ecparam -text -noout
Field Type: prime-field
Prime:
00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
ff:ff:ff
A:
00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
ff:ff:fc
B:
5a:c6:35:d8:aa:3a:93:e7:b3:eb:bd:55:76:98:86:
bc:65:1d:06:b0:cc:53:b0:f6:3b:ce:3c:3e:27:d2:
60:4b
Generator (uncompressed):
04:6b:17:d1:f2:e1:2c:42:47:f8:bc:e6:e5:63:a4:
40:f2:77:03:7d:81:2d:eb:33:a0:f4:a1:39:45:d8:
98:c2:96:4f:e3:42:e2:fe:1a:7f:9b:8e:e7:eb:4a:
7c:0f:9e:16:2b:ce:33:57:6b:31:5e:ce:cb:b6:40:
68:37:bf:51:f5
Order:
00:ff:ff:ff:ff:00:00:00:00:ff:ff:ff:ff:ff:ff:
ff:ff:bc:e6:fa:ad:a7:17:9e:84:f3:b9:ca:c2:fc:
63:25:51
Cofactor: 1 (0x1)
Seed:
c4:9d:36:08:86:e7:04:93:6a:66:78:e1:13:9d:26:
b7:81:9f:7e:90
generates voluminous explicit parameters, while:
$ openssl ecparam -name prime256v1 -text -noout
ASN1 OID: prime256v1
"generates" the oid of a named curve.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
