ecparam error on openssl 102r
Nicola
nic.tuv at gmail.com
Wed Mar 20 18:21:36 UTC 2019
TL;DR It's not a bug, it's a feature!
Hi,
you can generate explicit parameters for that curve by:
`openssl ecparam -name Oakley-EC2N-3 -param_enc explicit`
the command in your case was failing because by default it tries to
generate a named_curve ASN1 encoding, which fails because there is no
OID associated with Oakley-EC2N-3.
You can have a look at https://github.com/openssl/openssl/issues/5723
and https://github.com/openssl/openssl/pull/5725 that fixes it.
This change has been included in the 1.0.2 branch since 1.0.2p; in
1.0.2o your command will silently fail as the generated PEM file would
be invalid.
Best regards,
Nicola Tuveri
On Wed, 20 Mar 2019 at 19:29, shiva kumar <shivakumar2696 at gmail.com> wrote:
>
> Hi,
> When I run openssl ecparam on elliptic curve Oakley-EC2N-3,
> Oakley-EC2N-4 on openssl 1.0.2r version,
> I am getting the following error, can anyone please help me why i am getting this error.
>
> # openssl ecparam -out Oakley-EC2N-3_102r.pem -name Oakley-EC2N-3
> unable to write elliptic curve parameters
> 2063867464:error:100BF079:elliptic curve routines:i2d_ECPKParameters:i2d ecpkparameters failure:ec_asn1.c:1011:
> 2063867464:error:100BF079:elliptic curve routines:i2d_ECPKParameters:i2d ecpkparameters failure:ec_asn1.c:1011:
>
> unable to write elliptic curve parameters
> 2063867464:error:100BF079:elliptic curve routines:i2d_ECPKParameters:i2d ecpkparameters failure:ec_asn1.c:1011:
> 2063867464:error:100BF079:elliptic curve routines:i2d_ECPKParameters:i2d ecpkparameters failure:ec_asn1.c:1011:
>
> Thanks and Regards
> shivakumar
More information about the openssl-users
mailing list