secp256r1 65 byte key size in packet capture

Wed Jun 19 11:14:39 UTC 2024

Hi Matt,

I'm trying to craft a client hello packet using a C program. I'm learning
about these keys, openssl, TLS etc.

So

openssl ecparam -name secp256r1 -genkey -out pvtkey.pem
openssl ec -in pvtkey.pem -pubout -out pubkey.pem
openssl pkey -in pubkey.pem -pubin -noout -text

will give me the 65 bytes. Understood. Thanks alot.

Now I need to explore C APIs for getting those keys as hex array.
Could you please suggest any good references for beginners.

Regards
--
Lokesh Chakka.

On Wed, Jun 19, 2024 at 4:21 PM Matt Caswell <matt at openssl.org> wrote:

>
>
> On 19/06/2024 09:15, Lokesh Chakka wrote:
> > hello,
> >
> > I'm trying to generate public/private keys with following commands:
> >
> > openssl ecparam -name secp256r1 -genkey -out pvtkey.pem
> > openssl ec -in pvtkey.pem -pubout
> >
> > I'm seeing the sizeof private key as 164 bytes and public key as 124
> bytes.
> >
> > In a wireshark capture( attached ), I'm seeing key length as 65 bytes.
>
> What you are doing is confusing. You have generated public/private key
> pair for secp256r1 - but the wireshark capture you show seems to be the
> key share from a TLSv1.3 handshake. TLSv1.3 key shares are ephemeral so
> - you'll get a different key share every time. You don't need to create
> a public/private key for this. OpenSSL does it for you.
>
> Anyway. Taking the key that you generated:
>
> -----BEGIN PUBLIC KEY-----
> MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEVSmp4UnlQbzbe6eopByeEUzkmYHP
> GgaKvSt/xdAgvDp7FXKTpST8UM9LpF8f4JETOXgDDGvNlIDqVFo+T0hdtQ==
> -----END PUBLIC KEY-----
>
> This is just a PEM encoding of the real key (base 64 encoding of DER
> structured data in PEM headers). Not sure where you get 124 bytes from,
> but you can look take a look at the actual key data like this:
>
> $ openssl pkey -in /tmp/key.pem -pubin -noout -text
> Public-Key: (256 bit)
> pub:
>      04:55:29:a9:e1:49:e5:41:bc:db:7b:a7:a8:a4:1c:
>      9e:11:4c:e4:99:81:cf:1a:06:8a:bd:2b:7f:c5:d0:
>      20:bc:3a:7b:15:72:93:a5:24:fc:50:cf:4b:a4:5f:
>      1f:e0:91:13:39:78:03:0c:6b:cd:94:80:ea:54:5a:
>      3e:4f:48:5d:b5
> ASN1 OID: prime256v1
> NIST CURVE: P-256
>
> This shows you the 65 bytes of raw public key data contained within the
> key file.
>
> This key is in "uncompressed" format (the 04 byte at the start indicates
> this). Since it is uncompressed we then get an x and a y value to
> indicate the point on the curve. Each of these are 32 bytes long (256
> bits) - so this gives you 65 bytes in total.
>
> Matt
>
>
>
> >
> > Can someone help me understand why the difference?
> >
> > Thanks & Regards
> > --
> > Lokesh Chakka.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20240619/5e0c12fe/attachment-0001.htm>