generates malformed keys about ecdsatool HOT 5 OPEN

Both formats should work the same – the only difference is that ecdsatool includes the curve parameters explicitly, while openssl only names the curve's OID. (See cat *.key | openssl ec -noout -text.)

You can use openssl ecparam -param_enc explicit to change this, or feed a key through openssl ec -param_enc ... to convert it to the other format.

The "EC PARAMETERS" block is redundant, it merely repeats the same information as in "EC PRIVATE KEY". (See cat *.key | openssl ecparam -noout -text.)

The slashes and AAAAs are fine as well; some of the key parameters just happen to have series of 00:00:00's and ff:ff:ff's, corresponding to AAAA and //// in Base64.

I don't know if the "EC PRIVATE KEY" format is standard or OpenSSL-specific, but programs that claim to support it should support reading all key formats. (So it's a Limnoria bug really.)

There is another key format, PKCS#8, which might be supported better (or worse) in some programs. Feed a key through openssl pkey or openssl pkcs8 -topk8 -nocrypt to get it in PKCS#8 form. Note that it also can have either explicit or named curve parameters.

from ecdsatool.

Sorry. Need way more proof than that, because ecdsatool generates keys the same way.

from ecdsatool.

I don't know anything else than what is said in attached log. I can probably paste the private key here as it's not used anywhere and I didn't remove it.

-----BEGIN EC PRIVATE KEY-----
MIIBKAIBAQQgpCPoOrr6ie0svfT5xFOLvxJIHQyRzV2dX1ZXGCg5aR6ggdowgdcC
AQEwLAYHKoZIzj0BAQIhAP////8AAAABAAAAAAAAAAAAAAAA////////////////
MFsEIP////8AAAABAAAAAAAAAAAAAAAA///////////////8BCBaxjXYqjqT57Pr
vVV2mIa8ZR0GsMxTsPY7zjw+J9JgSwMVAMSdNgiG5wSTamZ44ROdJreBn36QBCED
axfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpYCIQD/////AAAAAP//////
////vOb6racXnoTzucrC/GMlUQIBAaEkAyIAA+8zLmVqAnGozwd2fhaktCPI/Ur7
uwIlWIDxO95rC3R7
-----END EC PRIVATE KEY-----

from ecdsatool.

comparing to openssl generated one, that is missing ec parameters and is longer and those slashes and AAAABAAAs don't look like they belong there.

-----BEGIN EC PARAMETERS-----
BggqhkjOPQMBBw==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIH9MqM8q5mXXfwDjFn7Q+0ubrAEbnSRz/HPugkGUkXJToAoGCCqGSM49
AwEHoUQDQgAEv+IUruHzSU+mXY1xjFE4yLdzRLghG3QiBODKk5kI58tQnlSZEnwE
Jge/satHBZ6HrFQ/xRmeHrA05dI4OEpAdg==
-----END EC PRIVATE KEY-----

from ecdsatool.

ecdsatool keys are meant to be used with ecdsatool. they may or may not be compatible with other scripts. not a bug.

from ecdsatool.