/usr/share/doc/libgcrypt20-doc/html/ECC-key-parameters.html is in libgcrypt20-doc 1.6.5-2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<!-- This manual is for Libgcrypt
(version 1.6.5, 9 February 2016),
which is GNU's library of cryptographic building blocks.
Copyright (C) 2000, 2002, 2003, 2004, 2006, 2007, 2008, 2009, 2011, 2012 Free Software Foundation, Inc.
Copyright (C) 2012, 2013 g10 Code GmbH
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU General Public License as published by the
Free Software Foundation; either version 2 of the License, or (at your
option) any later version. The text of the license can be found in the
section entitled "GNU General Public License". -->
<!-- Created by GNU Texinfo 6.0, http://www.gnu.org/software/texinfo/ -->
<head>
<title>The Libgcrypt Reference Manual: ECC key parameters</title>
<meta name="description" content="The Libgcrypt Reference Manual: ECC key parameters">
<meta name="keywords" content="The Libgcrypt Reference Manual: ECC key parameters">
<meta name="resource-type" content="document">
<meta name="distribution" content="global">
<meta name="Generator" content="makeinfo">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link href="index.html#Top" rel="start" title="Top">
<link href="Concept-Index.html#Concept-Index" rel="index" title="Concept Index">
<link href="index.html#SEC_Contents" rel="contents" title="Table of Contents">
<link href="Used-S_002dexpressions.html#Used-S_002dexpressions" rel="up" title="Used S-expressions">
<link href="Cryptographic-Functions.html#Cryptographic-Functions" rel="next" title="Cryptographic Functions">
<link href="DSA-key-parameters.html#DSA-key-parameters" rel="prev" title="DSA key parameters">
<style type="text/css">
<!--
a.summary-letter {text-decoration: none}
blockquote.indentedblock {margin-right: 0em}
blockquote.smallindentedblock {margin-right: 0em; font-size: smaller}
blockquote.smallquotation {font-size: smaller}
div.display {margin-left: 3.2em}
div.example {margin-left: 3.2em}
div.lisp {margin-left: 3.2em}
div.smalldisplay {margin-left: 3.2em}
div.smallexample {margin-left: 3.2em}
div.smalllisp {margin-left: 3.2em}
kbd {font-style: oblique}
pre.display {font-family: inherit}
pre.format {font-family: inherit}
pre.menu-comment {font-family: serif}
pre.menu-preformatted {font-family: serif}
pre.smalldisplay {font-family: inherit; font-size: smaller}
pre.smallexample {font-size: smaller}
pre.smallformat {font-family: inherit; font-size: smaller}
pre.smalllisp {font-size: smaller}
span.nocodebreak {white-space: nowrap}
span.nolinebreak {white-space: nowrap}
span.roman {font-family: serif; font-weight: normal}
span.sansserif {font-family: sans-serif; font-weight: normal}
ul.no-bullet {list-style: none}
-->
</style>
</head>
<body lang="en">
<a name="ECC-key-parameters"></a>
<div class="header">
<p>
Previous: <a href="DSA-key-parameters.html#DSA-key-parameters" accesskey="p" rel="prev">DSA key parameters</a>, Up: <a href="Used-S_002dexpressions.html#Used-S_002dexpressions" accesskey="u" rel="up">Used S-expressions</a> [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="Concept-Index.html#Concept-Index" title="Index" rel="index">Index</a>]</p>
</div>
<hr>
<a name="ECC-key-parameters-1"></a>
<h4 class="subsection">6.2.3 ECC key parameters</h4>
<a name="ecc_005fkeyparam"></a><p>An ECC private key is described by this S-expression:
</p>
<div class="example">
<pre class="example">(private-key
(ecc
(p <var>p-mpi</var>)
(a <var>a-mpi</var>)
(b <var>b-mpi</var>)
(g <var>g-point</var>)
(n <var>n-mpi</var>)
(q <var>q-point</var>)
(d <var>d-mpi</var>)))
</pre></div>
<dl compact="compact">
<dt><var>p-mpi</var></dt>
<dd><p>Prime specifying the field <em>GF(p)</em>.
</p></dd>
<dt><var>a-mpi</var></dt>
<dt><var>b-mpi</var></dt>
<dd><p>The two coefficients of the Weierstrass equation <em>y^2 = x^3 + ax + b</em>
</p></dd>
<dt><var>g-point</var></dt>
<dd><p>Base point <em>g</em>.
</p></dd>
<dt><var>n-mpi</var></dt>
<dd><p>Order of <em>g</em>
</p></dd>
<dt><var>q-point</var></dt>
<dd><p>The point representing the public key <em>Q = dG</em>.
</p></dd>
<dt><var>d-mpi</var></dt>
<dd><p>The private key <em>d</em>
</p></dd>
</dl>
<p>All point values are encoded in standard format; Libgcrypt does in
general only support uncompressed points, thus the first byte needs to
be <code>0x04</code>. However “EdDSA” describes its own compression
scheme which is used by default; the non-standard first byte
<code>0x40</code> may optionally be used to explicit flag the use of the
algorithmâs native compression method.
</p>
<p>The public key is similar with "private-key" replaced by "public-key"
and no <var>d-mpi</var>.
</p>
<p>If the domain parameters are well-known, the name of this curve may be
used. For example
</p>
<div class="example">
<pre class="example">(private-key
(ecc
(curve "NIST P-192")
(q <var>q-point</var>)
(d <var>d-mpi</var>)))
</pre></div>
<p>Note that <var>q-point</var> is optional for a private key. The
<code>curve</code> parameter may be given in any case and is used to replace
missing parameters.
</p>
<p>Currently implemented curves are:
</p><dl compact="compact">
<dt><code>NIST P-192</code></dt>
<dt><code>1.2.840.10045.3.1.1</code></dt>
<dt><code>prime192v1</code></dt>
<dt><code>secp192r1</code></dt>
<dd><p>The NIST 192 bit curve, its OID, X9.62 and SECP aliases.
</p>
</dd>
<dt><code>NIST P-224</code></dt>
<dt><code>secp224r1</code></dt>
<dd><p>The NIST 224 bit curve and its SECP alias.
</p>
</dd>
<dt><code>NIST P-256</code></dt>
<dt><code>1.2.840.10045.3.1.7</code></dt>
<dt><code>prime256v1</code></dt>
<dt><code>secp256r1</code></dt>
<dd><p>The NIST 256 bit curve, its OID, X9.62 and SECP aliases.
</p>
</dd>
<dt><code>NIST P-384</code></dt>
<dt><code>secp384r1</code></dt>
<dd><p>The NIST 384 bit curve and its SECP alias.
</p>
</dd>
<dt><code>NIST P-521</code></dt>
<dt><code>secp521r1</code></dt>
<dd><p>The NIST 521 bit curve and its SECP alias.
</p>
</dd>
</dl>
<p>As usual the OIDs may optionally be prefixed with the string <code>OID.</code>
or <code>oid.</code>.
</p>
<hr>
<div class="header">
<p>
Previous: <a href="DSA-key-parameters.html#DSA-key-parameters" accesskey="p" rel="prev">DSA key parameters</a>, Up: <a href="Used-S_002dexpressions.html#Used-S_002dexpressions" accesskey="u" rel="up">Used S-expressions</a> [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="Concept-Index.html#Concept-Index" title="Index" rel="index">Index</a>]</p>
</div>
</body>
</html>
|