openssl3.2 - exp - 选择最好的内建椭圆曲线

文章目录

    • openssl3.2 - exp - 选择最好的内建椭圆曲线
    • 概述
    • 笔记
    • 将 openssl ecparam -list_curves 实现迁移到自己的demo工程
    • 备注
    • END

openssl3.2 - exp - 选择最好的内建椭圆曲线

概述

在openssl中使用椭圆曲线, 只允许选择椭圆曲线的名字, 无法给定椭圆曲线的位数.
估计每种椭圆曲线都有固定的位数(bit prime field)
openssl.exe有命令可以列出全部的椭圆曲线列表

openssl ecparam -list_curves


D:\my_tmp>openssl ecparam -list_curves
  secp112r1 : SECG/WTLS curve over a 112 bit prime field
  secp112r2 : SECG curve over a 112 bit prime field
  secp128r1 : SECG curve over a 128 bit prime field
  secp128r2 : SECG curve over a 128 bit prime field
  secp160k1 : SECG curve over a 160 bit prime field
  secp160r1 : SECG curve over a 160 bit prime field
  secp160r2 : SECG/WTLS curve over a 160 bit prime field
  secp192k1 : SECG curve over a 192 bit prime field
  secp224k1 : SECG curve over a 224 bit prime field
  secp224r1 : NIST/SECG curve over a 224 bit prime field
  secp256k1 : SECG curve over a 256 bit prime field
  secp384r1 : NIST/SECG curve over a 384 bit prime field
  secp521r1 : NIST/SECG curve over a 521 bit prime field
  prime192v1: NIST/X9.62/SECG curve over a 192 bit prime field
  prime192v2: X9.62 curve over a 192 bit prime field
  prime192v3: X9.62 curve over a 192 bit prime field
  prime239v1: X9.62 curve over a 239 bit prime field
  prime239v2: X9.62 curve over a 239 bit prime field
  prime239v3: X9.62 curve over a 239 bit prime field
  prime256v1: X9.62/SECG curve over a 256 bit prime field
  sect113r1 : SECG curve over a 113 bit binary field
  sect113r2 : SECG curve over a 113 bit binary field
  sect131r1 : SECG/WTLS curve over a 131 bit binary field
  sect131r2 : SECG curve over a 131 bit binary field
  sect163k1 : NIST/SECG/WTLS curve over a 163 bit binary field
  sect163r1 : SECG curve over a 163 bit binary field
  sect163r2 : NIST/SECG curve over a 163 bit binary field
  sect193r1 : SECG curve over a 193 bit binary field
  sect193r2 : SECG curve over a 193 bit binary field
  sect233k1 : NIST/SECG/WTLS curve over a 233 bit binary field
  sect233r1 : NIST/SECG/WTLS curve over a 233 bit binary field
  sect239k1 : SECG curve over a 239 bit binary field
  sect283k1 : NIST/SECG curve over a 283 bit binary field
  sect283r1 : NIST/SECG curve over a 283 bit binary field
  sect409k1 : NIST/SECG curve over a 409 bit binary field
  sect409r1 : NIST/SECG curve over a 409 bit binary field
  sect571k1 : NIST/SECG curve over a 571 bit binary field
  sect571r1 : NIST/SECG curve over a 571 bit binary field
  c2pnb163v1: X9.62 curve over a 163 bit binary field
  c2pnb163v2: X9.62 curve over a 163 bit binary field
  c2pnb163v3: X9.62 curve over a 163 bit binary field
  c2pnb176v1: X9.62 curve over a 176 bit binary field
  c2tnb191v1: X9.62 curve over a 191 bit binary field
  c2tnb191v2: X9.62 curve over a 191 bit binary field
  c2tnb191v3: X9.62 curve over a 191 bit binary field
  c2pnb208w1: X9.62 curve over a 208 bit binary field
  c2tnb239v1: X9.62 curve over a 239 bit binary field
  c2tnb239v2: X9.62 curve over a 239 bit binary field
  c2tnb239v3: X9.62 curve over a 239 bit binary field
  c2pnb272w1: X9.62 curve over a 272 bit binary field
  c2pnb304w1: X9.62 curve over a 304 bit binary field
  c2tnb359v1: X9.62 curve over a 359 bit binary field
  c2pnb368w1: X9.62 curve over a 368 bit binary field
  c2tnb431r1: X9.62 curve over a 431 bit binary field
  wap-wsg-idm-ecid-wtls1: WTLS curve over a 113 bit binary field
  wap-wsg-idm-ecid-wtls3: NIST/SECG/WTLS curve over a 163 bit binary field
  wap-wsg-idm-ecid-wtls4: SECG curve over a 113 bit binary field
  wap-wsg-idm-ecid-wtls5: X9.62 curve over a 163 bit binary field
  wap-wsg-idm-ecid-wtls6: SECG/WTLS curve over a 112 bit prime field
  wap-wsg-idm-ecid-wtls7: SECG/WTLS curve over a 160 bit prime field
  wap-wsg-idm-ecid-wtls8: WTLS curve over a 112 bit prime field
  wap-wsg-idm-ecid-wtls9: WTLS curve over a 160 bit prime field
  wap-wsg-idm-ecid-wtls10: NIST/SECG/WTLS curve over a 233 bit binary field
  wap-wsg-idm-ecid-wtls11: NIST/SECG/WTLS curve over a 233 bit binary field
  wap-wsg-idm-ecid-wtls12: WTLS curve over a 224 bit prime field
  Oakley-EC2N-3:
        IPSec/IKE/Oakley curve #3 over a 155 bit binary field.
        Not suitable for ECDSA.
        Questionable extension field!
  Oakley-EC2N-4:
        IPSec/IKE/Oakley curve #4 over a 185 bit binary field.
        Not suitable for ECDSA.
        Questionable extension field!
  brainpoolP160r1: RFC 5639 curve over a 160 bit prime field
  brainpoolP160t1: RFC 5639 curve over a 160 bit prime field
  brainpoolP192r1: RFC 5639 curve over a 192 bit prime field
  brainpoolP192t1: RFC 5639 curve over a 192 bit prime field
  brainpoolP224r1: RFC 5639 curve over a 224 bit prime field
  brainpoolP224t1: RFC 5639 curve over a 224 bit prime field
  brainpoolP256r1: RFC 5639 curve over a 256 bit prime field
  brainpoolP256t1: RFC 5639 curve over a 256 bit prime field
  brainpoolP320r1: RFC 5639 curve over a 320 bit prime field
  brainpoolP320t1: RFC 5639 curve over a 320 bit prime field
  brainpoolP384r1: RFC 5639 curve over a 384 bit prime field
  brainpoolP384t1: RFC 5639 curve over a 384 bit prime field
  brainpoolP512r1: RFC 5639 curve over a 512 bit prime field
  brainpoolP512t1: RFC 5639 curve over a 512 bit prime field
  SM2       : SM2 curve over a 256 bit prime field

比较每种椭圆曲线的质数域位数, 挑出最大的那个.

sect571k1 : NIST/SECG curve over a 571 bit binary field
sect571r1 : NIST/SECG curve over a 571 bit binary field

可知, 质数域位数最大的椭圆曲线有2个 : sect571k1 或者 sect571r1, 位数都是571位.

笔记

将 openssl ecparam -list_curves 实现迁移到自己的demo工程

想看看官方怎么实现的这个命令.

/*!
* \file exp017_ecparam_list_curves.cpp
* \note 看看openssl如何实现命令 openssl ecparam -list_curves
*/

#include "my_openSSL_lib.h"
#include <openssl/crypto.h>
#include <openssl/bio.h>
#include <openssl/ec.h>
#include <openssl/objects.h>

#include <stdlib.h>
#include <stdio.h>
#include <assert.h>

#include "CMemHookRec.h"

void my_openssl_app();
int list_builtin_curves(BIO* out);

int main(int argc, char** argv)
{
	setvbuf(stdout, NULL, _IONBF, 0); // 清掉stdout缓存, 防止调用printf时阻塞
	mem_hook();

	my_openssl_app();

	mem_unhook();

    /*! run result
    list_builtin_curves, cnt = 82
    --------------------
    secp112r1           : -20SECG/WTLS curve over a 112 bit prime field
    secp112r2           : -20SECG curve over a 112 bit prime field
    secp128r1           : -20SECG curve over a 128 bit prime field
    secp128r2           : -20SECG curve over a 128 bit prime field
    secp160k1           : -20SECG curve over a 160 bit prime field
    secp160r1           : -20SECG curve over a 160 bit prime field
    secp160r2           : -20SECG/WTLS curve over a 160 bit prime field
    secp192k1           : -20SECG curve over a 192 bit prime field
    secp224k1           : -20SECG curve over a 224 bit prime field
    secp224r1           : -20NIST/SECG curve over a 224 bit prime field
    secp256k1           : -20SECG curve over a 256 bit prime field
    secp384r1           : -20NIST/SECG curve over a 384 bit prime field
    secp521r1           : -20NIST/SECG curve over a 521 bit prime field
    prime192v1          : -20NIST/X9.62/SECG curve over a 192 bit prime field
    prime192v2          : -20X9.62 curve over a 192 bit prime field
    prime192v3          : -20X9.62 curve over a 192 bit prime field
    prime239v1          : -20X9.62 curve over a 239 bit prime field
    prime239v2          : -20X9.62 curve over a 239 bit prime field
    prime239v3          : -20X9.62 curve over a 239 bit prime field
    prime256v1          : -20X9.62/SECG curve over a 256 bit prime field
    sect113r1           : -20SECG curve over a 113 bit binary field
    sect113r2           : -20SECG curve over a 113 bit binary field
    sect131r1           : -20SECG/WTLS curve over a 131 bit binary field
    sect131r2           : -20SECG curve over a 131 bit binary field
    sect163k1           : -20NIST/SECG/WTLS curve over a 163 bit binary field
    sect163r1           : -20SECG curve over a 163 bit binary field
    sect163r2           : -20NIST/SECG curve over a 163 bit binary field
    sect193r1           : -20SECG curve over a 193 bit binary field
    sect193r2           : -20SECG curve over a 193 bit binary field
    sect233k1           : -20NIST/SECG/WTLS curve over a 233 bit binary field
    sect233r1           : -20NIST/SECG/WTLS curve over a 233 bit binary field
    sect239k1           : -20SECG curve over a 239 bit binary field
    sect283k1           : -20NIST/SECG curve over a 283 bit binary field
    sect283r1           : -20NIST/SECG curve over a 283 bit binary field
    sect409k1           : -20NIST/SECG curve over a 409 bit binary field
    sect409r1           : -20NIST/SECG curve over a 409 bit binary field
    sect571k1           : -20NIST/SECG curve over a 571 bit binary field // !!! best one 
    sect571r1           : -20NIST/SECG curve over a 571 bit binary field // !!! best one
    c2pnb163v1          : -20X9.62 curve over a 163 bit binary field
    c2pnb163v2          : -20X9.62 curve over a 163 bit binary field
    c2pnb163v3          : -20X9.62 curve over a 163 bit binary field
    c2pnb176v1          : -20X9.62 curve over a 176 bit binary field
    c2tnb191v1          : -20X9.62 curve over a 191 bit binary field
    c2tnb191v2          : -20X9.62 curve over a 191 bit binary field
    c2tnb191v3          : -20X9.62 curve over a 191 bit binary field
    c2pnb208w1          : -20X9.62 curve over a 208 bit binary field
    c2tnb239v1          : -20X9.62 curve over a 239 bit binary field
    c2tnb239v2          : -20X9.62 curve over a 239 bit binary field
    c2tnb239v3          : -20X9.62 curve over a 239 bit binary field
    c2pnb272w1          : -20X9.62 curve over a 272 bit binary field
    c2pnb304w1          : -20X9.62 curve over a 304 bit binary field
    c2tnb359v1          : -20X9.62 curve over a 359 bit binary field
    c2pnb368w1          : -20X9.62 curve over a 368 bit binary field
    c2tnb431r1          : -20X9.62 curve over a 431 bit binary field
    wap-wsg-idm-ecid-wtls1: -20WTLS curve over a 113 bit binary field
    wap-wsg-idm-ecid-wtls3: -20NIST/SECG/WTLS curve over a 163 bit binary field
    wap-wsg-idm-ecid-wtls4: -20SECG curve over a 113 bit binary field
    wap-wsg-idm-ecid-wtls5: -20X9.62 curve over a 163 bit binary field
    wap-wsg-idm-ecid-wtls6: -20SECG/WTLS curve over a 112 bit prime field
    wap-wsg-idm-ecid-wtls7: -20SECG/WTLS curve over a 160 bit prime field
    wap-wsg-idm-ecid-wtls8: -20WTLS curve over a 112 bit prime field
    wap-wsg-idm-ecid-wtls9: -20WTLS curve over a 160 bit prime field
    wap-wsg-idm-ecid-wtls10: -20NIST/SECG/WTLS curve over a 233 bit binary field
    wap-wsg-idm-ecid-wtls11: -20NIST/SECG/WTLS curve over a 233 bit binary field
    wap-wsg-idm-ecid-wtls12: -20WTLS curve over a 224 bit prime field
    Oakley-EC2N-3       : -20
        IPSec/IKE/Oakley curve #3 over a 155 bit binary field.
        Not suitable for ECDSA.
        Questionable extension field!
    Oakley-EC2N-4       : -20
        IPSec/IKE/Oakley curve #4 over a 185 bit binary field.
        Not suitable for ECDSA.
        Questionable extension field!
    brainpoolP160r1     : -20RFC 5639 curve over a 160 bit prime field
    brainpoolP160t1     : -20RFC 5639 curve over a 160 bit prime field
    brainpoolP192r1     : -20RFC 5639 curve over a 192 bit prime field
    brainpoolP192t1     : -20RFC 5639 curve over a 192 bit prime field
    brainpoolP224r1     : -20RFC 5639 curve over a 224 bit prime field
    brainpoolP224t1     : -20RFC 5639 curve over a 224 bit prime field
    brainpoolP256r1     : -20RFC 5639 curve over a 256 bit prime field
    brainpoolP256t1     : -20RFC 5639 curve over a 256 bit prime field
    brainpoolP320r1     : -20RFC 5639 curve over a 320 bit prime field
    brainpoolP320t1     : -20RFC 5639 curve over a 320 bit prime field
    brainpoolP384r1     : -20RFC 5639 curve over a 384 bit prime field
    brainpoolP384t1     : -20RFC 5639 curve over a 384 bit prime field
    brainpoolP512r1     : -20RFC 5639 curve over a 512 bit prime field
    brainpoolP512t1     : -20RFC 5639 curve over a 512 bit prime field
    SM2                 : -20SM2 curve over a 256 bit prime field
    --------------------
    free map, g_mem_hook_map.size() = 0
    */

	return 0;
}

void my_openssl_app()
{
    BIO* bio_out = NULL;

    do {
        bio_out = BIO_new_fp(stdout, 0);
        if (NULL == bio_out)
        {
            break;
        }

        list_builtin_curves(bio_out);

    } while (false);

    if (NULL != bio_out)
    {
        BIO_free(bio_out);
        bio_out = NULL;
    }
}

int list_builtin_curves(BIO* out)
{
    int ret = 0;
    EC_builtin_curve* curves = NULL;
    size_t n, crv_len = EC_get_builtin_curves(NULL, 0);

    BIO_printf(out, "list_builtin_curves, cnt = %d\n", crv_len);

    curves = (EC_builtin_curve*)OPENSSL_malloc(sizeof(*curves) * crv_len);
    if (!EC_get_builtin_curves(curves, crv_len))
    {
        BIO_printf(out, "err\n");
        goto end;
    }
        
    
    BIO_printf(out, "--------------------\n");

    for (n = 0; n < crv_len; n++) {
        const char* comment = curves[n].comment;
        const char* sname = OBJ_nid2sn(curves[n].nid);

        if (comment == NULL)
            comment = "CURVE DESCRIPTION NOT AVAILABLE";
        if (sname == NULL)
            sname = "";

        BIO_printf(out, "  %-20s: -20%s\n", sname, comment);
    }

    BIO_printf(out, "--------------------\n");

    ret = 1;
end:
    OPENSSL_free(curves);
    return ret;
}

备注

在这里插入图片描述
从查到的资料看, ECC521就比普通的RSA位数强多了.
现在主流网站用的RSA证书位数都是4096(e.g. MS主站)
sect571k1, sect571r1的位数是571位, 强度应该更高吧.

END

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:/a/446070.html

如若内容造成侵权/违法违规/事实不符,请联系我们进行投诉反馈qq邮箱809451989@qq.com,一经查实,立即删除!

相关文章

扩展学习|系统理解数字经济

文献来源&#xff1a;[1]肖静华,胡杨颂,吴瑶.成长品&#xff1a;数据驱动的企业与用户互动创新案例研究[J].管理世界,2020,36(03):183-205.DOI:10.19744/j.cnki.11-1235/f.2020.0041. [2]陈晓红,李杨扬,宋丽洁等.数字经济理论体系与研究展望[J].管理世界,2022,38(02):208-22413…

浅谈JUC的理解(含JUC知识体系图)

浅谈JUC的理解 一、前言感悟二、并发知识三、一年前回答四、补充体系回答五、补充层次回答六、碎碎念 本文除了说技术&#xff0c;更多的是在一个两年多开发经验的程序员视角下&#xff0c;记录下自己探索到的世界。 如有不妥之处&#xff0c;还请指正。共勉。 一、前言感悟 当…

力扣hot100:239.滑动窗口最大值(优先队列/单调队列)

本题是一个经典的单调队列题。不过用优先队列也能解决。 一、优先队列 在使用优先队列时&#xff0c;我们会遇到这样的问题&#xff1a;如何将一个目标数从优先队列中弹出&#xff1f;如果使用stl这是办不到的&#xff0c;虽然可以自行实现这样的功能。但是我们可以这样思考&am…

什么是GoogLeNet,亮点是什么,为什么是这个结构?

GooLeNet 亮点 最明显的亮点就是引入了Inception&#xff0c;初衷是多卷积核增加特征的多样性&#xff0c;提高泛化能力 &#xff0c;比如&#xff0c;最下边是一个输入层&#xff0c;然后这个输入分别传递给1*1&#xff0c;3 * 3 &#xff0c;5 * 5和一个最大池化层&#xff…

IP数据报格式

每一行都由32位比特&#xff0c;即4个字节组成&#xff0c;每个格子称为字段或者域。IP数据报由20字节的固定部分和最大40字节的可变部分组成。 总长度 总长度为16个比特&#xff0c;该字段的取值以字节为单位&#xff0c;用来表示IPv4数据报的长度(首部长度数据载荷长度)最大…

Long-term Correlation Tracking LCT 目标跟踪算法源码运行

资源 LCT-tracker项目地址VLFeat官网OpenCV下载地址OTB50数据集百度网盘资源 参考博客 一步一步教你跑lct-tracker&#xff08;Win10Matlab 2016bVisual Studio 2015&#xff09;LCT代码跑起来先文章思路总结 正文 1. 环境配置 我的环境&#xff1a;Win11、Visual Studio…

python+realsense

单目相机(RGB影像):分辨率&#xff1a;320180,320240,424240,640360,640480,848480,960540,1280720,19201080&#xff1b;帧率&#xff1a;6,15,30,60 按照博文Python实战之Realsense_realsense python-CSDN博客的代码显示如下&#xff08;我更改了分辨率和帧率&#xff0c;大…

设计模式:观察者模式 ⑧

一、思想 观察者模式是一种常见的设计模式&#xff0c;也称作发布-订阅模式。它主要解决了对象之间的通知依赖关系问题。在这种模式中&#xff0c;一个对象&#xff08;称作Subject&#xff09;维护着一个对象列表&#xff0c;这些对象&#xff08;称作Observers&#xff09;都…

css3中nth-child属性作用及用法剖析

hello宝子们...我们是艾斯视觉擅长ui设计和前端开发10年经验!希望我的分享能帮助到您!如需帮助可以评论关注私信我们一起探讨!致敬感谢感恩! 标题&#xff1a;CSS3中nth-child属性作用及用法剖析 摘要&#xff1a;CSS3中的nth-child选择器允许我们根据元素位置来定位特定的元素…

Vue3中Vue Router的使用区别

在 Vue 3 中&#xff0c;useRouter 和 useRoute 是两个用于 Vue Router 的 Composition API 函数&#xff0c;它们的用途和返回的对象不同&#xff0c;接下来详细了解一下它们的区别以及如何正确使用它们。 useRouter useRouter 用于获取 router 实例&#xff0c;这个实例提供…

python(5)之处理数组

上次代码结果如下&#xff1a; 1、处理数组的缺失值 1、isnan&#xff08;&#xff09;函数 isnan&#xff08;&#xff09;函数是Numpy模块里的一个可以标记数组中缺失值的位置 代码示例如下&#xff1a; import numpy as np ac np.array([1,2,3,2,3,4,5,9,np.nan,1]) p…

OSPF收发报文实验简述

1、OSPF采用组播形式收发报文&#xff0c;这样可以减少对其它不运行OSPF路由器的影响。 通过wireshark软件对r2 e0/0/0 端口进行数据抓包&#xff0c;发现224.0.0.5为组播地址&#xff0c;如下图

深入了解二叉搜索树:原理、实现与应用

目录 一、介绍二叉搜索树 二、二叉搜索树的基本性质 三、二叉搜索树的实现 四、总结 在计算机科学中&#xff0c;数据结构是构建算法和程序的基础。其中&#xff0c;二叉搜索树&#xff08;Binary Search Tree&#xff0c;简称 BST&#xff09;作为一种常见的数据结构&#…

力扣图论篇

以下思路来自代码随想录以及官方题解。 文章目录 797.所有可能的路径200.岛屿数量130.被围绕的区域1020.飞地的数量 797.所有可能的路径 给你一个有 n 个节点的 有向无环图&#xff08;DAG&#xff09;&#xff0c;请你找出所有从节点 0 到节点 n-1 的路径并输出&#xff08;不…

基于PySide2实现调用本地摄像头抓拍并保存照片(Python版本)

因为横向课题需要&#xff0c;这是其中的一个小小的功能&#xff0c;单独拎出来作为一个小demo&#xff0c;方便后续学习使用 项目实现功能&#xff1a; 点击open按钮&#xff0c;摄像头开启&#xff0c;实时捕获周围图像并显示 点击capture按钮&#xff0c;保存摄像头照片&am…

Day6 java 常用API

文章目录 1、Calendar1.1 Calendar日历对象 2、JDK8 之后新增的时间类2.1 LocalDate、LocalTime 、LocalDateTime2.2 ZoneId 、ZoneIdTime2.3 Instant2.4 DateTimeFormatter2.5 Period2.6 Duration 1、Calendar 在了解calendar之前&#xff0c;先用SimpleDateFormat 写一个小例…

保持长期高效的七个法则(一)7 Rules for Staying Productive Long-Term(1)

Easily the best habit I’ve ever started was to use a productivity system.The idea is simple:organizing all the stuff you need to do (and how you’re going to do it) prevents a lot of internal struggle to get things done. 无疑&#xff0c;我曾经建立过的最好…

C++面试宝典一部分

今天整理书籍资料时&#xff0c;发现多年前打印的面试资料&#xff0c;拍照分享给大家。

ai+模型选择+过拟合和欠拟合

ai模型选择过拟合和欠拟合 1模型选择1训练误差和泛化误差2验证数据集和测试数据集3k-折交叉验证4总结 2过拟合和欠拟合1模型容量2估计模型容量3VC维4数据复杂度5总结 3代码 1模型选择 1训练误差和泛化误差 训练误差&#xff08;Training Error&#xff09;和泛化误差&#xff…

代码随想录刷题笔记-Day29

1. N皇后 51. N 皇后https://leetcode.cn/problems/n-queens/ 按照国际象棋的规则&#xff0c;皇后可以攻击与之处在同一行或同一列或同一斜线上的棋子。 n 皇后问题 研究的是如何将 n 个皇后放置在 nn 的棋盘上&#xff0c;并且使皇后彼此之间不能相互攻击。 给你一个整数…