According to the SEC1 document, the EC Private key representation is as follows:
ECPrivateKey{CURVES:IOSet} ::= SEQUENCE {
version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
privateKey OCTET STRING,
parameters [0] Parameters{{IOSet}} OPTIONAL,
publicKey [1] BIT STRING OPTIONAL
}
From page 82 of the same document one can read:
The component privateKey is the private key defined to be the octet string of length ceil[ log2 n / 8 ] (where n is the order of the curve) obtained from the unsigned integer via the encoding of Section 2.3.7.
This means that the length of the private key is fixed (given a fixed curve with a given order).
When you generate an EC Private key, the length of the private key integer is not extended according to this rule and, thus, the length of the privateKey field (OCTET STRING) is not always fixed (for a given curve).
Is there a reason for this to be done or OpenSSL just don't follow SEC1 recommendation? May I be wrong?
Regards,
Julio Diez / Daniel Alvarez
