Reputation: 998
ECDsaCng key generated longer than expected 32-bytes
I was playing around with the ECDsaCng, and I realised that the key size doesn't seem to be correct. From the code below, the privateKey variable, for instance, was a 104-long byte array, whereas I didn't expect it to be larger than 32.
What am I doing wrong?
ECDsaCng dsa = new ECDsaCng(256);
dsa.HashAlgorithm = CngAlgorithm.Sha256;
dsa.GenerateKey(ECCurve.NamedCurves.nistP256);
var privateKey = dsa.Key.Export(CngKeyBlobFormat.EccPrivateBlob);
var publicKey = dsa.Key.Export(CngKeyBlobFormat.EccPublicBlob);
Thank you in advance.
Upvotes: 1
Views: 1057
Answers (1)
Reputation: 49460
The private key d is a random integer in [1, n - 1], where n is the order of the base point G. The public key is the curve point (x, y) = d * G, here. For NIST P-256 (secp256r1) d, x and y are encoded to 32 bytes (the values cannot be larger).
MS stores both keys in a specific format described here. The format for the public key has an 8 bytes header, followed by the 32 bytes x-value and the 32 bytes y-value, so that the total length is 72 bytes. The format for the private key has a (different) 8-byte header, followed by the 32 byte x-value, the 32 byte y-value, and the 32 byte d-value, so that the total length is 104 bytes, in accordance with the value you found. A detailed description of the headers can be found here.
Upvotes: 2
Related Questions
- How to load private ecdsa key es256 in c#?
- Java ECC encoded Key too large
- ECDSA get public key in C#
- Issue with AES 256-Bit Encryption Key Size in C#
- C# fails to verify ECDSA (384-bit) base 64 digital signature from OpenSSL console line commands
- How do I load an OpenSSL ECDSA key into C#?
- ECDSA keys storing
- Public Key blob length using Elliptic curve cryptography (P521 curve) in c#
- C#: RSA implementation not working with large keys
- How can I use ECDSA in C# with a key size of less than the built in minimum of 256-bits