Closed Ephenodrom closed 2 years ago
The ECPoint Q was calculated in the wrong way while converting the ECPrivateKey to PEM. OpenSSL just took over the ECPoint instead of calculating it while generating the CSR. After fixing the converting to PEM, everything looks fine.
Phew! I am glad it is sorted out.
I generated a set of ACVP test vectors for ECDSA signing, just for the NIST P curves for both verification and signing. Within the scope covered by those vectors the implementation passed.
I'll push them up next week I want to add a few more vector sets.
MW
@mwcw I also tried out a complete workflow of creating a ec private key dart, creating a csr in openssl, ordering some SMIME from DigiCert and packaging everything into a PKCS12 with OpenSSL und them using it within Thunderbird.
Everything worked as intended.
Hello,
I am facing a problem where the generated ec private keys are not accepted by LibreSSL 2.8.3
I created the private key using this library and created a PEM file out of it following the RFC 5915. After that I used the private key in the open ssl / libre ssl command to generate a CSR.
After that I try to verify the signature of the CSR.
I am currently stuck at finding out whats wrong. Is the key generation buggy or the convertion to PEM.
The ASN1 strukture looks good and is the same as if the key was generated using openssl/libressl.