How to get ECSDA with p-256 and SHA256 in openSSL?

Question

Apple requests to its APNS must use JWT (JSON Web Token) signed using a Elliptic Curve Digital Signature Algorithm aka ECSDA using a p-256 curve and a SHA256 hash. How can you sign with such params in openssl?

openssl ecparam -list_curves

shows:

secp256k1 : SECG curve over a 256 bit prime field

prime256v1: X9.62/SECG curve over a 256 bit prime field

Nicolas - Did using prime256v1 work with Apple? – Raj Feb 07 '20 at 21:58 — Raj, Feb 07 '20 at 21:58
yes it did work with apple servers – Nicolas Manzini Mar 06 '21 at 20:03 — Nicolas Manzini, Mar 06 '21 at 20:03

score 22 · Accepted Answer · answered Oct 12 '17 at 10:10

22

The p-256 curve you want to use is prime256v1.

Try this:

Create private key:
openssl ecparam -genkey -name prime256v1 -noout -out private.pem

Create public key:
openssl ec -in private.pem -pubout -out public.pem

Sign something
openssl dgst -sha256 -sign private.pem yourinputdocument -out yourinput.sha256 yourinput 

To verify:
openssl dgst -sha256 -verify public.pem -signature yourinput.sha256 yourinputdocument

answered Oct 12 '17 at 10:10

Megascolia

336
2
3

2

Megascolia - Could you explain why to use prime256v1 instead of secp256k1? I can sign using the key which has secp256k1 but Apple fails to verify the signature. Is it because of difference in libraries used to sign and verify ? – Raj Feb 07 '20 at 21:53
1

I think the "sign something" line should have been: openssl dgst -sha256 -sign private.pem -out yourinput.sha256 yourinputdocument – Sam Liddicott Sep 01 '20 at 13:54
3

secp256k1 is deprecated and support has been removed from recent versions of openssl – kleptog Dec 09 '21 at 13:10

How to get ECSDA with p-256 and SHA256 in openSSL?

1 Answers1