[B<-pubout>]
[B<-check>]
[B<-pubcheck>]
+[B<-ec_conv_form> I<arg>]
+[B<-ec_param_enc> I<arg>]
{- $OpenSSL::safe::opt_engine_synopsis -}
=for openssl ifdef engine
This option checks the correctness of either a public key or the public component
of a key pair.
+=item B<-ec_conv_form> I<arg>
+
+This option only applies to elliptic curve based public and private keys.
+
+This specifies how the points on the elliptic curve are converted
+into octet strings. Possible values are: B<compressed> (the default
+value), B<uncompressed> and B<hybrid>. For more information regarding
+the point conversion forms please read the X9.62 standard.
+B<Note> Due to patent issues the B<compressed> option is disabled
+by default for binary curves and can be enabled by defining
+the preprocessor macro B<OPENSSL_EC_BIN_PT_COMP> at compile time.
+
+=item B<-ec_param_enc> I<arg>
+
+This option only applies to elliptic curve based public and private keys.
+
+This specifies how the elliptic curve parameters are encoded.
+Possible value are: B<named_curve>, i.e. the ec parameters are
+specified by an OID, or B<explicit> where the ec parameters are
+explicitly given (see RFC 3279 for the definition of the
+EC parameters structures). The default value is B<named_curve>.
+B<Note> the B<implicitlyCA> alternative, as specified in RFC 3279,
+is currently not implemented in OpenSSL.
+
{- $OpenSSL::safe::opt_engine_item -}
=back
openssl pkey -in key.pem -pubout -out pubkey.pem
+To change the EC parameters encoding to B<explicit>:
+
+ openssl pkey -in key.pem -ec_param_enc explicit -out keyout.pem
+
+To change the EC point conversion form to B<compressed>:
+
+ openssl pkey -in key.pem -ec_conv_form compressed -out keyout.pem
+
=head1 SEE ALSO
L<openssl(1)>,
projects / thirdparty / openssl.git / blobdiff