On Mar 19, 2011, at 8:16 PM, Strecker, Dean A. wrote: > I'm using the Thales (nCipher) Solo integrated into a Linux platform and > using C++ to access the HSM. The HSM is used to generate (some export) > key and provided cryptographic functions (sign, verify, encrypt, > decrypt).
I work for Thales. Let's take this conversation off-list. S. > Dean > > > -----Original Message----- > From: owner-openssl-us...@openssl.org > [mailto:owner-openssl-us...@openssl.org] On Behalf Of Sander Temme > Sent: Saturday, March 19, 2011 9:32 AM > To: openssl-users@openssl.org > Subject: Re: elicptic Curve Key Generation > > > On Mar 18, 2011, at 3:57 PM, Strecker, Dean A. wrote: > >> I'm using the OpenSSL Crypto library to perform Elliptic Curve key >> generation and signature generation/verification. Actually, I don't >> have any problem creating a key (EC_KEY) and generating signatures and >> verifying signatures using pure OpenSSL. >> >> The challenge I'm having is that I'm using a Hardware Security Module >> (HSM) to generate the private key and the public key point (X, Y). I > > What model of HSM? And how are you integrating with it? > >> thought I might be able to initialize the EC_KEY->priv_key and >> EC_KEY->pub_key with the data generated by the HSM before calling >> EC_KEY_generate_key(EC_KEY). > > Are you exporting the key material once generated, or are you looking to > use it while under protection by the HSM? > > S. > >> I was hoping this would act as an "Import" key action. Wrong! >> EC_KEY_generate_key generates new private and public key point >> overriding the private and public key point passed into the >> EC_KEY_generate_key function. >> >> Since OpenSSL supports importing of keys, well from the command line >> anyhow, I can't help but think there must be a way to programmatically >> import an Elliptic Curve key (private key and public key point). >> >> I have been studying the source coding starting with the call to >> EC_KEY_generate_key function and working my way down. So far I have > not >> figured out how to create an Elliptic Curve Key from a given private > key >> and public key point. Does anybody have any idea where I could look > for >> an answer? >> >> Thank you, >> >> Dean >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-users@openssl.org >> Automated List Manager majord...@openssl.org > > > -- > san...@temme.net http://www.temme.net/sander/ > PGP FP: FC5A 6FC6 2E25 2DFD 8007 EE23 9BB8 63B0 F51B B88A > > View my availability: http://tungle.me/sctemme > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org -- san...@temme.net http://www.temme.net/sander/ PGP FP: FC5A 6FC6 2E25 2DFD 8007 EE23 9BB8 63B0 F51B B88A View my availability: http://tungle.me/sctemme ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
