[ << ] | [ < ] | [ Up ] | [ > ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
6.2.3 ECC key parameters
An ECC private key is described by this S-expression:
(private-key (ecc (p p-mpi) (a a-mpi) (b b-mpi) (g g-point) (n n-mpi) (q q-point) (d d-mpi)))
- p-mpi
Prime specifying the field GF(p).
- a-mpi
- b-mpi
The two coefficients of the Weierstrass equation y^2 = x^3 + ax + b
- g-point
Base point g.
- n-mpi
Order of g
- q-point
The point representing the public key Q = dG.
- d-mpi
The private key d
All point values are encoded in standard format; Libgcrypt does in
general only support uncompressed points, thus the first byte needs to
be 0x04
. However “EdDSA” describes its own compression
scheme which is used by default.
The public key is similar with "private-key" replaced by "public-key" and no d-mpi.
If the domain parameters are well-known, the name of this curve may be used. For example
(private-key (ecc (curve "NIST P-192") (q q-point) (d d-mpi)))
Note that q-point is optional for a private key. The
curve
parameter may be given in any case and is used to replace
missing parameters.
Currently implemented curves are:
NIST P-192
1.2.840.10045.3.1.1
prime192v1
secp192r1
The NIST 192 bit curve, its OID, X9.62 and SECP aliases.
NIST P-224
secp224r1
The NIST 224 bit curve and its SECP alias.
NIST P-256
1.2.840.10045.3.1.7
prime256v1
secp256r1
The NIST 256 bit curve, its OID, X9.62 and SECP aliases.
NIST P-384
secp384r1
The NIST 384 bit curve and its SECP alias.
NIST P-521
secp521r1
The NIST 521 bit curve and its SECP alias.
As usual the OIDs may optionally be prefixed with the string OID.
or oid.
.
[ << ] | [ < ] | [ Up ] | [ > ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
This document was generated on February 9, 2014 using texi2html 5.0.