[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
EC keys interoperability issue between openSSL and GnuTLS ?
From: |
Fabrice Gautier |
Subject: |
EC keys interoperability issue between openSSL and GnuTLS ? |
Date: |
Fri, 4 Nov 2011 16:46:29 -0700 |
Hi,
I generated some EC keys and cert using openssl, and when I try to use
them with gnutls_serv, it seems that gnutls_serv will just crash.
It also seems that I can properly read them using gnutls certtool.
This is how I generated ServerKey.ecc.pem with openSSL:
$ openssl ecparam -name secp256r1 -out ecparam.pem
$ openssl req -new -nodes -days 365 -subj '/CN=SecurityTests Server
Cert (ECC)' -newkey ec:ecparam.pem -keyout ServerKey.ecc.pem -out
ServerReq.ecc.pem
Using certtool I get:
$ /usr/local/bin/certtool -k --infile test-certs/ServerKey.ecc.pem
Public Key Info:
Public Key Algorithm: ECC
Key Security Level: Unknown
Error in key ECC data export: The request is invalid.
Error in key id calculation: ASN1 parser: Generic parsing error.
/usr/local/bin/certtool: export error: ASN1 parser: Element was not found.
When using that key with gnutls_serv, it seems that it just crashes
without any warning message (when I try to connect using an EC cipher
suite)
Note that if I generated the keys using certtool then it seems to be fine.
-- Fabrice
- EC keys interoperability issue between openSSL and GnuTLS ?,
Fabrice Gautier <=