| Issue | The following table summarises the Elliptic Curve types supported by RSA Certificate Manager:
Elliptic Curve Signing AlgorithmsXudaCryptoInfo Name
(RCM API) | Signing Algorithm Name
(RCM Administration Console) | Description | Supported Sizes |
|---|
| XudaCryptoECCCurvesA | ECCA | BSAFE “A” elliptic curves | 163, 239 | | XudaCryptoECCCurvesB | ECCB | BSAFE “B” elliptic curves | 163 | | XudaCryptoECCCurvesP | ECCP | “P” elliptic curves with curve OID | 256, 384, 521 | | XudaCryptoECCCurvesPWithParams | ECCPwithParams | BSAFE “P” elliptic curves with explicit curve parameters | 256, 384, 521 |
However, the RSA Certification Manager documentation does not define the exact curves used for each of these. |
| Resolution | Supported ECC Curves References| Curve Type | Size | Technical Description | ECC Standard (see below) |
|---|
| ECC A | 163 | Elliptic Curve Domain Parameters over F 2^m is sect163k1 (koblitz) | 1 | | ECC A | 239 | Elliptic Curve Domain Parameters over F 2^m is sect239k1 (koblitz) | 2 | | ECC B | 163 | Elliptic Curve Domain Parameters over F 2^m is sect163r1 (random) | 3 | | ECC P | 256 | Elliptic Curve Domain Parameters over F p - Key pair is generated using BSAFE Crypto-C with defined curve NIST_P256 | 4 | | ECC P | 384 | Elliptic Curve Domain Parameters over F p - Key pair is generated using BSAFE Crypto-C with defined curve NIST_P384 | 5 | | ECC P | 521 | Elliptic Curve Domain Parameters over F p - Key pair is generated using BSAFE Crypto-C with defined curve NIST_P521 | 6 | | ECC P with params | 256 | Elliptic Curve Domain Parameters over F p - Keys pair is generated using BSAFE Crypto-C with field type FT_PRIME256V1 | 4 | | ECC P with params | 384 | Elliptic Curve Domain Parameters over F p - Keys pair is generated using BSAFE Crypto-C with field type FT_NIST_PRIME384 | 5 | | ECC P with params | 521 | Elliptic Curve Domain Parameters over F p - Keys pair is generated using BSAFE Crypto-C with field type FT_NIST_PRIME521 | 6 |
ECC Standards
The curves specified in the table above, are defined in full in the following:
- Standards for Efficient Cryptography - SEC 2: Recommended Elliptic Curve Domain Parameters, "3.4.1 Recommended Parameters sect163k1", p. 27, Certicom Research, September 20, 2000, Version 1.0, available at http://www.secg.org/SEC2-Ver-1.0.pdf
- Standards for Efficient Cryptography - SEC 2: Recommended Elliptic Curve Domain Parameters, "3.7.1 Recommended Parameters sect239k1", p. 32, Certicom Research, September 20, 2000, Version 1.0, available at http://www.secg.org/SEC2-Ver-1.0.pdf
- Standards for Efficient Cryptography - SEC 2: Recommended Elliptic Curve Domain Parameters, "3.4.2 Recommended Parameters sect163r1", p. 28, Certicom Research, September 20, 2000, Version 1.0, available at http://www.secg.org/SEC2-Ver-1.0.pdf
- FIPS 186-4: "D.2.3 Curve P-256", p. 102, available at http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
- FIPS 186-4: "D.2.4 Curve P-384", p. 103, available at http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
- FIPS 186-4: "D.2.5 Curve P-521", p. 104, available at http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
See also RSA Knowledge Base Article Number 32299 Difference between ECCP and ECCPWithParams Elliptic Curve Types |
on Jun 14, 2016