[botan-devel] import openssl pkcs8 ecdsa key with Botan 1.10.1

ToBeKi at gmx.de ToBeKi at gmx.de
Tue Jul 10 09:39:50 EDT 2012

Ok, for testing I changed this as you have already mentioned:

         .decode_and_check<size_t>(1, "Unknown version code for ECC key")

Now the key import and creating the ECDSA signer object are working.
But creating the public key point with OS2ECP for the ECDSA verifier does now fail with Illegal_Point Exception in point_gfp.cpp
It seems it is a consequence of leaving away the optional curve parameters by creating the private key?


// load key file
AutoSeeded_RNG rng;
DataSource_Stream prvKeySource(cszKeyFile);      
std::auto_ptr<PKCS8_PrivateKey> apEcPrivateKey(PKCS8::load_key(prvKeySource, rng, cszCredential));

// create ECDSA private key      
std::auto_ptr<ECDSA_PrivateKey> apEcdsaPrivateKey;

// create ECDSA signer
m_spSigner.reset(new PK_Signer(*m_spEcdsaPrivateKey, "EMSA1(SHA-160)", Botan::IEEE_1363));

const PointGFp pointGfp = m_spEcdsaPrivateKey->public_point();   
SecureVector<Botan::byte> svPublicKey = EC2OSP(pointGfp, Botan::PointGFp::UNCOMPRESSED);

// create ECDSA verifier
boost::shared_ptr<EC_Domain_Params> spDomainParams;      
spDomainParams.reset(new EC_Domain_Params(OID("1.2.840.10045.3.1.1")));
const PointGFp pointGFp = OS2ECP(svPublicKey, svPublicKey.size(), spDomainParams->get_curve());


ECDSA sign context

ECDSA verify context

Call to OS2ECP failed in point_gfp.cpp

      throw Illegal_Point("OS2ECP: Decoded point was not on the curve");

-------- Original-Nachricht --------
> Datum: Mon, 9 Jul 2012 15:25:49 -0400
> Von: Jack Lloyd <lloyd at randombit.net>
> An: Botan development list <botan-devel at randombit.net>
> Betreff: Re: [botan-devel] import openssl pkcs8 ecdsa key with Botan 1.10.1

> On Mon, Jul 09, 2012 at 09:08:41PM +0200, tobeki at gmx.de wrote:
> > Thank's Jack,
> > 
> > >However that is not the case for the 5915 extensions,
> > >they are for data we already have or can easily rederive, so they can
> > >be safely ignored.
> > 
> > parameters [0] ECParameters {{ NamedCurve }} OPTIONAL
> > publicKey  [1] BIT STRING OPTIONAL
> > 
> > so this optional parameters in 5915 are just needed for performance
> reasons?
> The publicKey is purely an optimization which is useful in cases where
> only the private key is conveyed but the public key is also needed.
> In cases where it is not there and one needs the public key as well a
> point multiplication is required to rederive it.
> Having the ECParameters available would be potentially useful in some
> cases, for instance if someone was literally passing around an
> ECPrivateKey. It is certainly important to know the precise curve that
> the private key is associated with and not use it with multiple
> curves, in which case having the curve included would be important.
> However ordinarily a ECPrivateKey would not be passed around as is but
> be packed into a PKCS #8 structure (or PKCS #12 or something). And at
> least for PKCS #8 the paramters are already available at an outer
> layer of the encoding, so including the parameters again would be
> redundant (which is probably why OpenSSL includes the public key,
> which is a SHOULD include per RFC 5915, but not the parameter set,
> which is a MUST include).
> -Jack
> _______________________________________________
> botan-devel mailing list
> botan-devel at randombit.net
> http://lists.randombit.net/mailman/listinfo/botan-devel

More information about the botan-devel mailing list