MyWebUniversity.com Home Page
 



OpenSolaris man pages main menu 


OpenSL                                         ecparam(1openssl)



NAME
     ecparam - EC parameter manipulation and generation

SYNOPSIS
     openssl ecparam [-inform DERPEM] [-outform DERPEM] [-in
     filename] [-out filename] [-noout] [-text] [-C] [-check]
     [-name arg] [-listcurve] [-convform arg] [-paramenc arg]
     [-noseed] [-rand file(s)] [-genkey] [-engine id]

DESCRIPTION
     This command is used to manipulate or generate EC parameter
     files.

OPTIONS
     -inform DERPEM
         This specifies the input format. The DER option uses an
         ASN.1 DER encoded form compatible with RFC 3279
         EcpkParameters. The PEM form is the default format: it
         consists of the DER format base64 encoded with
         additional header and footer lines.

     -outform DERPEM
         This specifies the output format, the options have the
         same meaning as the -inform option.

     -in filename
         This specifies the input filename to read parameters
         from or standard input if this option is not specified.

     -out filename
         This specifies the output filename parameters to.
         Standard output is used if this option is not present.
         The output filename should not be the same as the input
         filename.

     -noout
         This option inhibits the output of the encoded version
         of the parameters.

     -text
         This option prints out the EC parameters in human
         readable form.

     -C  This option converts the EC parameters into C code. The
         parameters can then be loaded by calling the
         getecgroupX() function.

     -check
         Validate the elliptic curve parameters.

     -name arg
         Use the EC parameters with the specified 'short' name.



OpenSL-0.9.8       Last change: Oct 11 2005                    1






OpenSL                                         ecparam(1openssl)



         Use -listcurves to get a list of all currently
         implemented EC parameters.

     -listcurves
         If this options is specified ecparam will print out a
         list of all currently implemented EC parameters names
         and exit.

     -convform
         This specifies how the points on the elliptic curve are
         converted into octet strings. Possible values are:
         compressed (the default value), uncompressed and hybrid.
         For more information regarding the point conversion
         forms please read the X9.62 standard.  Note Due to
         patent issues the compressed option is disabled by
         default for binary curves and can be enabled by defining
         the preprocessor macro OPENSLECBINPTCOMP at compile
         time.

     -paramenc arg
         This specifies how the elliptic curve parameters are
         encoded.  Possible value are: namedcurve, i.e. the ec
         parameters are specified by a OID, or explicit where the
         ec parameters are explicitly given (see RFC 3279 for the
         definition of the EC parameters structures). The default
         value is namedcurve.  Note the implicitlyCA alternative
         ,as specified in RFC 3279, is currently not implemented
         in OpenSL.

     -noseed
         This option inhibits that the 'seed' for the parameter
         generation is included in the ECParameters structure
         (see RFC 3279).

     -genkey
         This option will generate a EC private key using the
         specified parameters.

     -rand file(s)
         a file or files containing random data used to seed the
         random number generator, or an EGD socket (see
         RANDegd(3)).  Multiple files can be specified separated
         by a OS-dependent character.  The separator is ; for
         MS-Windows, , for OpenVMS, and : for all others.

     -engine id
         specifying an engine (by it's unique id string) will
         cause req to attempt to obtain a functional reference to
         the specified engine, thus initialising it if needed.
         The engine will then be set as the default for all
         available algorithms.




OpenSL-0.9.8       Last change: Oct 11 2005                    2






OpenSL                                         ecparam(1openssl)



NOTES
     PEM format EC parameters use the header and footer lines:

      -----BEGIN EC PARAMETERS-----
      -----END EC PARAMETERS-----

     OpenSL is currently not able to generate new groups and
     therefore ecparam can only create EC parameters from known
     (named) curves.

EXAMPLES
     To create EC parameters with the group 'prime192v1':

       openssl ecparam -out ecparam.pem -name prime192v1

     To create EC parameters with explicit parameters:

       openssl ecparam -out ecparam.pem -name prime192v1 -paramenc explicit

     To validate given EC parameters:

       openssl ecparam -in ecparam.pem -check

     To create EC parameters and a private key:

       openssl ecparam -out eckey.pem -name prime192v1 -genkey

     To change the point encoding to 'compressed':

       openssl ecparam -in ecin.pem -out ecout.pem -convform compressed

     To print out the EC parameters to standard output:

       openssl ecparam -in ecparam.pem -noout -text

SEE ALSO
     ec(1), dsaparam(1)

HISTORY
     The ecparam command was first introduced in OpenSL 0.9.8.

AUTHOR
     Nils Larsch for the OpenSL project (http:/www.openssl.org)












OpenSL-0.9.8       Last change: Oct 11 2005                    3
OpenSolaris man pages main menu
Contact us      |       About us      |       Term of use      |       Copyright © 2000-2010 MyWebUniversity.com ™