Public key same as PublicKey.getEncoded()

Question

I want to get same ASN.1 output from OpenSSL as from Java PublicKey.getEncoded(). I use EC and curve type is prime256v1. Here is my code for OpenSSL:

EC_KEY *ec_key = EVP_PKEY_get1_EC_KEY(key);
unsigned char *result = NULL;
int r = i2d_EC_PUBKEY(ec_key, &result);

Java code is very simple:

byte[] result = keyPair.getPublicKey().getEncoded();

And OpenSSL result contains ASN.1 but not same format as Java code output. In Java output there are only two Object ID's and bit string. In OpenSSL output there are much more parameters and bit string. It seems like in OpenSSL version all this parameters described by curve type are provided but why? If we know curve type we know this parameters so the only thing output must provide is curve type (second Object ID).

I understand that I'm doing something wrong so could someone please provide right code for OpenSSL version?

Answer 1

In OpenSSL output there are much more parameters and bit string. It seems like in OpenSSL version all this parameters described by curve type are provided but why? If we know curve type we know this parameters so the only thing output must provide is curve type (second Object ID).

You are not using named curves. To use a named curve, you need to set the OPENSSL_EC_NAMED_CURVE flag:

EC_KEY* key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
EC_KEY_set_asn1_flag(key, OPENSSL_EC_NAMED_CURVE);

That will use a named curve like ASN1 OID: prime256v1 rather than domain parameters.

See ECDH and Named Curves for a more detailed discussion.