hi, please check the following :
========================================================================================== $ openssl ecparam -name secp256r1 -genkey -out pvtkey.pem using curve name prime256v1 instead of secp256r1 $ cat pvtkey.pem -----BEGIN EC PARAMETERS----- BggqhkjOPQMBBw== -----END EC PARAMETERS----- -----BEGIN EC PRIVATE KEY----- MHcCAQEEIAXXAWUj/cUQT8pDLKp5r269mw58aTzr/hYAEXQZVQqUoAoGCCqGSM49 AwEHoUQDQgAEVSmp4UnlQbzbe6eopByeEUzkmYHPGgaKvSt/xdAgvDp7FXKTpST8 UM9LpF8f4JETOXgDDGvNlIDqVFo+T0hdtQ== -----END EC PRIVATE KEY----- $ openssl ec -in pvtkey.pem -pubout read EC key writing EC key -----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEVSmp4UnlQbzbe6eopByeEUzkmYHP GgaKvSt/xdAgvDp7FXKTpST8UM9LpF8f4JETOXgDDGvNlIDqVFo+T0hdtQ== -----END PUBLIC KEY----- ========================================================================================== sizeof private key is 164 bytes and the public key is 124 bytes. Thanks & Regards -- Lokesh Chakka. On Wed, Jun 19, 2024 at 2:28 PM Tomas Mraz <to...@openssl.org> wrote: > Hi Lokesh, > > I am not sure how do you count the sizes of 164 bytes and 124 bytes for > the pem files. > > If I use -outform DER (and use -noout with the ecparam to avoid > outputting the params because the private key already contains info > about the params used) I see the following sizes for the DER encoded > data: > > private key: 121 bytes > public key: 91 bytes > > Given both files contain information about the group used and other > ASN.1 encoding related stuff, and that the private key file contains 32 > bytes of the private key but also the encoded uncompressed public key > of 65 bytes, this is fully expected. > > Tomas Mraz, OpenSSL > > On Wed, 2024-06-19 at 13:45 +0530, Lokesh Chakka wrote: > > hello, > > > > I'm trying to generate public/private keys with following commands: > > > > openssl ecparam -name secp256r1 -genkey -out pvtkey.pem > > openssl ec -in pvtkey.pem -pubout > > > > I'm seeing the sizeof private key as 164 bytes and public key as 124 > > bytes. > > > > In a wireshark capture( attached ), I'm seeing key length as 65 > > bytes. > > > > Can someone help me understand why the difference? > > > > Thanks & Regards > > -- > > Lokesh Chakka. > > -- > Tomáš Mráz, OpenSSL > >
