secp256r1 65 byte key size in packet capture
Tomas Mraz
tomas at openssl.org
Wed Jun 19 08:58:56 UTC 2024
Hi Lokesh,
I am not sure how do you count the sizes of 164 bytes and 124 bytes for
the pem files.
If I use -outform DER (and use -noout with the ecparam to avoid
outputting the params because the private key already contains info
about the params used) I see the following sizes for the DER encoded
data:
private key: 121 bytes
public key: 91 bytes
Given both files contain information about the group used and other
ASN.1 encoding related stuff, and that the private key file contains 32
bytes of the private key but also the encoded uncompressed public key
of 65 bytes, this is fully expected.
Tomas Mraz, OpenSSL
On Wed, 2024-06-19 at 13:45 +0530, Lokesh Chakka wrote:
> hello,
>
> I'm trying to generate public/private keys with following commands:
>
> openssl ecparam -name secp256r1 -genkey -out pvtkey.pem
> openssl ec -in pvtkey.pem -pubout
>
> I'm seeing the sizeof private key as 164 bytes and public key as 124
> bytes.
>
> In a wireshark capture( attached ), I'm seeing key length as 65
> bytes.
>
> Can someone help me understand why the difference?
>
> Thanks & Regards
> --
> Lokesh Chakka.
--
Tomáš Mráz, OpenSSL
More information about the openssl-users
mailing list