web-dev-qa-db-ja.com

genpkeyで秘密鍵を生成するときに、CSRに明示的な曲線が含まれるのはなぜですか?

Ecparamを使用してSSLキーを生成すると、名前付きカーブを含むCSRを取得しました。

$ openssl ecparam -genkey -out ecparam.key -name prime256v1
$ openssl req -new -sha256 -key ecparam.key -out ecparam.csr -subj "/CN=Test"
$ openssl req -text -in ecparam.csr 
Certificate Request:
    Data:
        Version: 0 (0x0)
        Subject: CN=Test
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub: 
                    04:c0:10:c0:d2:8a:5d:f3:05:84:94:a5:23:1b:59:
                    35:20:b8:5f:e9:b1:f2:6b:83:15:59:3f:75:93:6b:
                    b6:a5:ce:16:19:04:9d:18:0d:8d:bb:db:2a:2c:e2:
                    05:c1:58:46:42:18:19:7a:c5:71:48:ec:54:a2:2d:
                    4d:6a:e3:14:23
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        Attributes:
            a0:00
    Signature Algorithm: ecdsa-with-SHA256
         30:46:02:21:00:93:1a:fe:90:c7:29:07:d2:b4:c7:c3:b2:fe:
         dc:6a:bf:62:4b:88:4a:98:3f:30:e7:b0:62:55:62:6c:d9:b3:
         bc:02:21:00:a0:3c:2f:1d:c8:28:72:bf:9c:8d:51:87:80:a4:
         a0:17:7c:e8:17:60:63:8f:ea:21:ce:53:af:65:ee:80:25:d0
-----BEGIN CERTIFICATE REQUEST-----
MIHKMHECAQAwDzENMAsGA1UEAwwEVGVzdDBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABMAQwNKKXfMFhJSlIxtZNSC4X+mx8muDFVk/dZNrtqXOFhkEnRgNjbvbKizi
BcFYRkIYGXrFcUjsVKItTWrjFCOgADAKBggqhkjOPQQDAgNJADBGAiEAkxr+kMcp
B9K0x8Oy/txqv2JLiEqYPzDnsGJVYmzZs7wCIQCgPC8dyChyv5yNUYeApKAXfOgX
YGOP6iHOU69l7oAl0A==
-----END CERTIFICATE REQUEST-----

ただし、genpkey(またはreq)を使用してキーを生成した場合、私のCSRは代わりに明示的な曲線を持ちます。

$ openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:prime256v1 -out genpkey.key
$ openssl req -new -sha256 -key genpkey.key -out genpkey.csr -subj "/CN=Test"
$ openssl req -text -in genpkey.csr 
Certificate Request:
    Data:
        Version: 0 (0x0)
        Subject: CN=Test
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub: 
                    04:86:e1:af:90:3d:76:d9:2f:9d:bc:ca:5a:80:0a:
                    fc:6f:a7:75:29:26:5b:60:65:fd:3f:74:b4:5b:09:
                    27:0f:da:45:48:21:46:b4:16:a4:52:0e:c1:97:b4:
                    71:3a:5b:dc:6d:6e:aa:33:81:7b:cb:bd:78:18:6a:
                    62:fa:bf:8f:d3
                Field Type: prime-field
                Prime:
                    00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
                    00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
                    ff:ff:ff
                A:   
                    00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
                    00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
                    ff:ff:fc
                B:   
                    5a:c6:35:d8:aa:3a:93:e7:b3:eb:bd:55:76:98:86:
                    bc:65:1d:06:b0:cc:53:b0:f6:3b:ce:3c:3e:27:d2:
                    60:4b
                Generator (uncompressed):
                    04:6b:17:d1:f2:e1:2c:42:47:f8:bc:e6:e5:63:a4:
                    40:f2:77:03:7d:81:2d:eb:33:a0:f4:a1:39:45:d8:
                    98:c2:96:4f:e3:42:e2:fe:1a:7f:9b:8e:e7:eb:4a:
                    7c:0f:9e:16:2b:ce:33:57:6b:31:5e:ce:cb:b6:40:
                    68:37:bf:51:f5
                Order: 
                    00:ff:ff:ff:ff:00:00:00:00:ff:ff:ff:ff:ff:ff:
                    ff:ff:bc:e6:fa:ad:a7:17:9e:84:f3:b9:ca:c2:fc:
                    63:25:51
                Cofactor:  1 (0x1)
                Seed:
                    c4:9d:36:08:86:e7:04:93:6a:66:78:e1:13:9d:26:
                    b7:81:9f:7e:90
        Attributes:
            a0:00
    Signature Algorithm: ecdsa-with-SHA256
         30:46:02:21:00:99:a4:3c:85:cb:f0:b0:f5:10:6e:ff:9a:2b:
         9b:81:3a:35:d2:5d:eb:cc:da:26:16:bb:95:ff:bc:b9:3a:06:
         dc:02:21:00:ea:71:91:fb:87:de:49:87:be:8e:84:da:0f:3f:
         33:bf:e4:48:d6:eb:09:99:81:07:e3:39:f3:83:7c:96:b1:e6
-----BEGIN CERTIFICATE REQUEST-----
MIIBwDCCAWUCAQAwDzENMAsGA1UEAwwEVGVzdDCCAUswggEDBgcqhkjOPQIBMIH3
AgEBMCwGByqGSM49AQECIQD/////AAAAAQAAAAAAAAAAAAAAAP//////////////
/zBbBCD/////AAAAAQAAAAAAAAAAAAAAAP///////////////AQgWsY12Ko6k+ez
671VdpiGvGUdBrDMU7D2O848PifSYEsDFQDEnTYIhucEk2pmeOETnSa3gZ9+kARB
BGsX0fLhLEJH+Lzm5WOkQPJ3A32BLeszoPShOUXYmMKWT+NC4v4af5uO5+tKfA+e
FivOM1drMV7Oy7ZAaDe/UfUCIQD/////AAAAAP//////////vOb6racXnoTzucrC
/GMlUQIBAQNCAASG4a+QPXbZL528ylqACvxvp3UpJltgZf0/dLRbCScP2kVIIUa0
FqRSDsGXtHE6W9xtbqozgXvLvXgYamL6v4/ToAAwCgYIKoZIzj0EAwIDSQAwRgIh
AJmkPIXL8LD1EG7/miubgTo10l3rzNomFruV/7y5OgbcAiEA6nGR+4feSYe+joTa
Dz8zv+RI1usJmYEH4znzg3yWseY=
-----END CERTIFICATE REQUEST-----
  1. ここで何が欠けていますか? genpkey/reqを使用するときにOpenSSLが名前付き曲線でCSRを作成しないのはなぜですか?
  2. 名前付きまたは明示的な曲線を使用してCSRを生成する必要がある理由はありますか?なぜ?
3
Lie Ryan

一貫性のないデフォルト

再2。

再2:Dunno。しかし、名前付き曲線を明示的に指定して、もう一方の端を理解させるのは間違っているようですねえ!これは実際に私がサポートする名前付き曲線の1つです

OpenSSL Wikiはこう言っています :(改行して私のものです)

必要に応じて、カーブの名前だけでなく、完全な明示的パラメータを含めるようにパラメータとキーファイルを生成できます。

これは、たとえば、すべてのターゲットシステムが名前付き曲線の詳細を認識していない場合に重要になることがあります。 OpenSSLバージョン1.0.2では、brainpool512t1などの新しい名前付きカーブが追加されました。この曲線で1.0.2より前のバージョンのOpenSSLでパラメーターファイルまたはキーファイルを使用しようとすると、エラーが発生します:[...]

再1。

再1:これはCSRとは関係ありません。それはすでに鍵の中にあります。 「ecparam」のデフォルトは「named_curve」です。また、「genpkey」のデフォルトは「explicit」です。彼らがなぜそのようにそれをプログラムしたのか私は知りません。

以下の例。

-pkeyopt ec_param_enc:explicitオプション付き:

$ openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:prime256v1 -pkeyopt ec_param_enc:explicit  -text
-----BEGIN PRIVATE KEY-----
MIIBeQIBADCCAQMGByqGSM49AgEwgfcCAQEwLAYHKoZIzj0BAQIhAP////8AAAAB
AAAAAAAAAAAAAAAA////////////////MFsEIP////8AAAABAAAAAAAAAAAAAAAA
///////////////8BCBaxjXYqjqT57PrvVV2mIa8ZR0GsMxTsPY7zjw+J9JgSwMV
AMSdNgiG5wSTamZ44ROdJreBn36QBEEEaxfR8uEsQkf4vOblY6RA8ncDfYEt6zOg
9KE5RdiYwpZP40Li/hp/m47n60p8D54WK84zV2sxXs7LtkBoN79R9QIhAP////8A
AAAA//////////+85vqtpxeehPO5ysL8YyVRAgEBBG0wawIBAQQg1Hq9Di0uUkZe
J3CTZQzbO8hK+MsJDYFmimsQ9azcCYOhRANCAATrVc+UPOnoZBzs16PiscXKLZzI
Muu342nf1iRBgZbHrsrFptxEnQBpTQV/Vj4EWYHwtzpt6pJmuvaDpcZg3MYE
-----END PRIVATE KEY-----
Private-Key: (256 bit)
priv:
    00:d4:7a:bd:0e:2d:2e:52:46:5e:27:70:93:65:0c:
    db:3b:c8:4a:f8:cb:09:0d:81:66:8a:6b:10:f5:ac:
    dc:09:83
pub:
    04:eb:55:cf:94:3c:e9:e8:64:1c:ec:d7:a3:e2:b1:
    c5:ca:2d:9c:c8:32:eb:b7:e3:69:df:d6:24:41:81:
    96:c7:ae:ca:c5:a6:dc:44:9d:00:69:4d:05:7f:56:
    3e:04:59:81:f0:b7:3a:6d:ea:92:66:ba:f6:83:a5:
    c6:60:dc:c6:04
Field Type: prime-field
Prime:
    00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
    00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
    ff:ff:ff
A:
    00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
    00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
    ff:ff:fc
B:
    5a:c6:35:d8:aa:3a:93:e7:b3:eb:bd:55:76:98:86:
    bc:65:1d:06:b0:cc:53:b0:f6:3b:ce:3c:3e:27:d2:
    60:4b
Generator (uncompressed):
    04:6b:17:d1:f2:e1:2c:42:47:f8:bc:e6:e5:63:a4:
    40:f2:77:03:7d:81:2d:eb:33:a0:f4:a1:39:45:d8:
    98:c2:96:4f:e3:42:e2:fe:1a:7f:9b:8e:e7:eb:4a:
    7c:0f:9e:16:2b:ce:33:57:6b:31:5e:ce:cb:b6:40:
    68:37:bf:51:f5
Order:
    00:ff:ff:ff:ff:00:00:00:00:ff:ff:ff:ff:ff:ff:
    ff:ff:bc:e6:fa:ad:a7:17:9e:84:f3:b9:ca:c2:fc:
    63:25:51
Cofactor:  1 (0x1)
Seed:
    c4:9d:36:08:86:e7:04:93:6a:66:78:e1:13:9d:26:
    b7:81:9f:7e:90

-pkeyopt ec_param_enc:named_curveオプション付き:

$ openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:prime256v1 -pkeyopt ec_param_enc:named_curve  -text
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQglWEHQsiU1JdAQx09
r7JE/al6b0ldLUjTrBA6vbfH62WhRANCAASSoDWvKLeEbfuye3qJXxV1bcGwgVGz
FkCn3PE77MDiHukhX1SOI3nbtOISC2kvEEVa7l4MiN1u25y/S5avjLow
-----END PRIVATE KEY-----
Private-Key: (256 bit)
priv:
    00:95:61:07:42:c8:94:d4:97:40:43:1d:3d:af:b2:
    44:fd:a9:7a:6f:49:5d:2d:48:d3:ac:10:3a:bd:b7:
    c7:eb:65
pub:
    04:92:a0:35:af:28:b7:84:6d:fb:b2:7b:7a:89:5f:
    15:75:6d:c1:b0:81:51:b3:16:40:a7:dc:f1:3b:ec:
    c0:e2:1e:e9:21:5f:54:8e:23:79:db:b4:e2:12:0b:
    69:2f:10:45:5a:ee:5e:0c:88:dd:6e:db:9c:bf:4b:
    96:af:8c:ba:30
ASN1 OID: prime256v1
NIST CURVE: P-256

このようなオプションがない場合、デフォルトではexplicitが使用されます。

$ openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:prime256v1 -text                             -----BEGIN PRIVATE KEY-----
MIIBeQIBADCCAQMGByqGSM49AgEwgfcCAQEwLAYHKoZIzj0BAQIhAP////8AAAAB
AAAAAAAAAAAAAAAA////////////////MFsEIP////8AAAABAAAAAAAAAAAAAAAA
///////////////8BCBaxjXYqjqT57PrvVV2mIa8ZR0GsMxTsPY7zjw+J9JgSwMV
AMSdNgiG5wSTamZ44ROdJreBn36QBEEEaxfR8uEsQkf4vOblY6RA8ncDfYEt6zOg
9KE5RdiYwpZP40Li/hp/m47n60p8D54WK84zV2sxXs7LtkBoN79R9QIhAP////8A
AAAA//////////+85vqtpxeehPO5ysL8YyVRAgEBBG0wawIBAQQg8APlrpjwkK1j
7u8dLFxoZIREseEI6oxigSevcQ5dND2hRANCAARCCQFa8DqsxGDUt4LDgEfms7mK
zhuogqc21G2hPFHBckIIQ7T1lT6w2WNBSsw/UT4LdW09Ch2GAGjUabMB3sqE
-----END PRIVATE KEY-----
Private-Key: (256 bit)
priv:
    00:f0:03:e5:ae:98:f0:90:ad:63:ee:ef:1d:2c:5c:
    68:64:84:44:b1:e1:08:ea:8c:62:81:27:af:71:0e:
    5d:34:3d
pub:
    04:42:09:01:5a:f0:3a:ac:c4:60:d4:b7:82:c3:80:
    47:e6:b3:b9:8a:ce:1b:a8:82:a7:36:d4:6d:a1:3c:
    51:c1:72:42:08:43:b4:f5:95:3e:b0:d9:63:41:4a:
    cc:3f:51:3e:0b:75:6d:3d:0a:1d:86:00:68:d4:69:
    b3:01:de:ca:84
Field Type: prime-field
Prime:
    00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
    00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
    ff:ff:ff
A:
    00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
    00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
    ff:ff:fc
B:
    5a:c6:35:d8:aa:3a:93:e7:b3:eb:bd:55:76:98:86:
    bc:65:1d:06:b0:cc:53:b0:f6:3b:ce:3c:3e:27:d2:
    60:4b
Generator (uncompressed):
    04:6b:17:d1:f2:e1:2c:42:47:f8:bc:e6:e5:63:a4:
    40:f2:77:03:7d:81:2d:eb:33:a0:f4:a1:39:45:d8:
    98:c2:96:4f:e3:42:e2:fe:1a:7f:9b:8e:e7:eb:4a:
    7c:0f:9e:16:2b:ce:33:57:6b:31:5e:ce:cb:b6:40:
    68:37:bf:51:f5
Order:
    00:ff:ff:ff:ff:00:00:00:00:ff:ff:ff:ff:ff:ff:
    ff:ff:bc:e6:fa:ad:a7:17:9e:84:f3:b9:ca:c2:fc:
    63:25:51
Cofactor:  1 (0x1)
Seed:
    c4:9d:36:08:86:e7:04:93:6a:66:78:e1:13:9d:26:
    b7:81:9f:7e:90

Ecparamを使用すると、デフォルトが逆になります。

オプション-param_enc explicitを使用:

$ openssl ecparam -genkey -name prime256v1 -param_enc explicit -text
Field Type: prime-field
Prime:
    00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
    00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
    ff:ff:ff
A:
    00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
    00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
    ff:ff:fc
B:
    5a:c6:35:d8:aa:3a:93:e7:b3:eb:bd:55:76:98:86:
    bc:65:1d:06:b0:cc:53:b0:f6:3b:ce:3c:3e:27:d2:
    60:4b
Generator (uncompressed):
    04:6b:17:d1:f2:e1:2c:42:47:f8:bc:e6:e5:63:a4:
    40:f2:77:03:7d:81:2d:eb:33:a0:f4:a1:39:45:d8:
    98:c2:96:4f:e3:42:e2:fe:1a:7f:9b:8e:e7:eb:4a:
    7c:0f:9e:16:2b:ce:33:57:6b:31:5e:ce:cb:b6:40:
    68:37:bf:51:f5
Order:
    00:ff:ff:ff:ff:00:00:00:00:ff:ff:ff:ff:ff:ff:
    ff:ff:bc:e6:fa:ad:a7:17:9e:84:f3:b9:ca:c2:fc:
    63:25:51
Cofactor:  1 (0x1)
Seed:
    c4:9d:36:08:86:e7:04:93:6a:66:78:e1:13:9d:26:
    b7:81:9f:7e:90
-----BEGIN EC PARAMETERS-----
MIH3AgEBMCwGByqGSM49AQECIQD/////AAAAAQAAAAAAAAAAAAAAAP//////////
/////zBbBCD/////AAAAAQAAAAAAAAAAAAAAAP///////////////AQgWsY12Ko6
k+ez671VdpiGvGUdBrDMU7D2O848PifSYEsDFQDEnTYIhucEk2pmeOETnSa3gZ9+
kARBBGsX0fLhLEJH+Lzm5WOkQPJ3A32BLeszoPShOUXYmMKWT+NC4v4af5uO5+tK
fA+eFivOM1drMV7Oy7ZAaDe/UfUCIQD/////AAAAAP//////////vOb6racXnoTz
ucrC/GMlUQIBAQ==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MIIBaAIBAQQghke2GCVyix7oDwB/56PI42fOHb+Jg+i2qM8RkkJsAF+ggfowgfcC
AQEwLAYHKoZIzj0BAQIhAP////8AAAABAAAAAAAAAAAAAAAA////////////////
MFsEIP////8AAAABAAAAAAAAAAAAAAAA///////////////8BCBaxjXYqjqT57Pr
vVV2mIa8ZR0GsMxTsPY7zjw+J9JgSwMVAMSdNgiG5wSTamZ44ROdJreBn36QBEEE
axfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpZP40Li/hp/m47n60p8D54W
K84zV2sxXs7LtkBoN79R9QIhAP////8AAAAA//////////+85vqtpxeehPO5ysL8
YyVRAgEBoUQDQgAE6B6QrWh0k+CsBnkrfePLKiD0FblNRlwN+pWWoZ4AVH3/9Px5
C63q9fJ3CZdeo9UlUoGkXqrRqVm1EtUWEHajvg==
-----END EC PRIVATE KEY-----

オプション-param_enc named_curveを使用:

$ openssl ecparam -genkey -name prime256v1 -param_enc named_curve -text
ASN1 OID: prime256v1
NIST CURVE: P-256
-----BEGIN EC PARAMETERS-----
BggqhkjOPQMBBw==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEICAk+gW8qz7TbJ1oIp4BGrvGeX2a/gBM6c8A7LjGTg0poAoGCCqGSM49
AwEHoUQDQgAEIIkICva0uhtISmjyosAa1CJnGhoM3fBaYXNTTH5aPwhLKLTWDDAu
V9W0HKMTtBRh4XonaTE/zDesKwRr2ZQYmw==
-----END EC PRIVATE KEY-----

オプションがない場合、デフォルトではnamed_curveが使用されます。

$ openssl ecparam -genkey -name prime256v1 -text
ASN1 OID: prime256v1
NIST CURVE: P-256
-----BEGIN EC PARAMETERS-----
BggqhkjOPQMBBw==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIH+E5y6cMaUjbnH4kJLOWDtkQ89vG12Jg7oBmdLvmunNoAoGCCqGSM49
AwEHoUQDQgAEBJE0zr7FZyDoFyUgMmYvsViEYAuVz7uCSzEjVVJs2RRbvFQKa3Gt
RX8wAcgfhK0zeAd4xjLfKJq5YTQm2vZ3vQ==
-----END EC PRIVATE KEY-----
3
StackzOfZtuff