Nelson B wrote:
You need to specify the curve with "-q curvename"
See output of certutil -H for a list of curve names.
Unfortunately, that list is wrong. It includes many curve names that
are not implemented presently. There are only 3 available right now.
They're the same ones used by Microsoft.
I don't have the right 3 names handy. trial and error will find them.
I gleaned this from a presentation by a Microsoft employee at the
Certicom ECC Conference:
ECC Details in Vista
• Using implementation from MS Research
• NIST ECC prime curves support
– P-256, P-384, P-521
• ECDSA: Signature
• ECDH: Secret agreement
• Not Supported (out of the box)
– Point compression
– Binary curves
– ECMQV
– Koblitz curves
– Custom curves
So the answer to the curves question is the 3 NIST primes 256,384 and
512 (I think he made a typo saying 521).
Dave
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
