EC keys interoperability issue between openSSL and GnuTLS ?

Nikos Mavrogiannopoulos n.mavrogiannopoulos at gmail.com
Sat Nov 5 12:13:28 CET 2011


On 11/05/2011 09:28 AM, Nikos Mavrogiannopoulos wrote:

> GnuTLS uses the format from RFC 5915 for ECC keys. OpenSSL seems to be
> able to read this format, but I couldn't find an option to generate keys
> using this format.

I was wrong on that. If you generate an ECC key using:
$ openssl ecparam -genkey -text -name secp224r1

it is stored using the RFC 5915 format. I don't know why your command
outputs that old format. Maybe you should report it to the openssl guys.

regards,
Nikos




More information about the Gnutls-devel mailing list