odd error for ECDSA key in REQ.
Dirk-Willem van Gulik
dirkx at webweaving.org
Fri Aug 7 17:07:29 UTC 2020
Below CSR gives me an odd error with the standard openssl REQ command:
openssl req -inform DER -noout -pubkey
Error getting public key
140673482679616:error:10067066:elliptic curve routines:ec_GFp_simple_oct2point:invalid encoding:../crypto/ec/ecp_oct.c:312:
140673482679616:error:10098010:elliptic curve routines:o2i_ECPublicKey:EC lib:../crypto/ec/ec_asn1.c:1175:
140673482679616:error:100D708E:elliptic curve routines:eckey_pub_decode:decode error:../crypto/ec/ec_ameth.c:157:
140673482679616:error:0B09407D:x509 certificate routines:x509_pubkey_decode:public key decode error:../crypto/x509/x_pubkey.c:125:
Even though the ASN1 of the public key looks correct to me:
SEQUENCE (2 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 1.2.840.10045.2.1 ecPublicKey (ANSI X9.62 public key type)
OBJECT IDENTIFIER 1.2.840.10045.3.1.7 prime256v1 (ANSI X9.62 named elliptic curve)
BIT STRING (536 bit) 0000010001000001000001000011100100110011100111000110100010100101101000…
OCTET STRING (65 byte) 0439339C68A5A333143592C0A36D053F31D3AF6ED18FB54F4747B9DFC6DB6ABC715561…
What would be a good way to further debug this ?
With kind regards,
Dw
-----BEGIN CERTIFICATE REQUEST-----
MIIBPzCB5QIBADCBgDELMAkGA1UEAxMCQ04xCjAIBgNVBAUTATExCjAIBgNVBAYT
AUMxCjAIBgNVBAcTAUwxCjAIBgNVBAgTAVMxCjAIBgNVBAoTAU8xCzAJBgNVBAsT
Ak9VMQowCAYDVQQMEwFUMQowCAYDVQQNEwFEMRAwDgYJKoZIhvcNAQkBEwFFMFsw
EwYHKoZIzj0CAQYIKoZIzj0DAQcDRAAEQQQ5M5xopaMzFDWSwKNtBT8x069u0Y+1
T0dHud/G22q8cVVh8sVcpLUortLxxesEXCddpx/EeuxP+MN/RymHTMrjoAAwCgYI
KoZIzj0EAwIDSQAwRgIhAO+K+TFCdYxQg7aT+B3wIVa6CCYxM/mL4/WHSrwXujJy
AiEA7UsbQT/YRKaFDPn/U9jdrJaUmKsqKJvGwN7YVaMGdeo=
-----END CERTIFICATE REQUEST-----
More information about the openssl-users
mailing list