On Tue, Mar 4, 2014 at 3:26 PM, Dr. Stephen Henson <[email protected]> wrote: > On Tue, Mar 04, 2014, Jeffrey Walton wrote: > >> On Tue, Mar 4, 2014 at 2:25 PM, Dr. Stephen Henson <[email protected]> wrote: >> ... >> > >> int nid = ... >> EC_KEY* key = EC_KEY_new_by_curve_name(nid); >> int rc = EC_KEY_generate_key(key); >> >> EVP_PKEY * pkey = EVP_PKEY_new(); >> rc = EVP_PKEY_assign_EC_KEY(pkey, key); >> > > Ah, the default is unfortunately to use explicit parameters. You can change > that with: > > EC_KEY_set_asn1_flag(key, OPENSSL_EC_NAMED_CURVE); Would you happen to know if its a problem with the key, the certificate, or both?
I ask because I have my own validation routines, and I can add additional checks so the issue can be spotted early in code and logged to the appropriate place. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
