by Anish
Posted on Wednesday December 12 , 2018
php openssl function openssl_get_curve_names: Gets list of available curve names for ECC
The Syntax
array openssl_get_curve_names ( void )
Gets the list of available curve names for use in Elliptic curve cryptography (ECC) for public/private key operations. The two most widely standardized/supported curves are prime256v1 (NIST P-256) and secp384r1 (NIST P-384).
Elliptic curve based algorithms use significantly smaller key sizes than their non elliptic curve equivalents.
The approximate equivalence in security strength for symmetric algorithms compared to standard asymmetric algorithms and elliptic curve algorithms is shown in the table below.
AES Symmetric Keysize (Bits) | RSA and DSA Keysize (Bits) | ECC Keysize (Bits) |
---|---|---|
80 | 1024 | 160 |
112 | 2048 | 224 |
128 | 3072 | 256 |
192 | 7680 | 384 |
256 | 15360 | 512 |
NIST recommends using ECC curves with at least 256 bits.
Examples
openssl_get_curve_names() example Gets the list of available curve names for use in Elliptic curve cryptography (ECC)
<?php
/**
* Created by https://8gwifi.org
* User: Anish Nath
* Date: 2018-12-12 * Time: 10:40 */
$curvenames = openssl_get_curve_names();
print_r($curvenames);
?>
The above example will output something similar to:
$ /usr/bin/php get_get_curve_names.php
Array
(
[0] => secp112r1
[1] => secp112r2
[2] => secp128r1
[3] => secp128r2
[4] => secp160k1
[5] => secp160r1
[6] => secp160r2
[7] => secp192k1
[8] => secp224k1
[9] => secp224r1
[10] => secp256k1
[11] => secp384r1
[12] => secp521r1
[13] => prime192v1
[14] => prime192v2
[15] => prime192v3
[16] => prime239v1
[17] => prime239v2
[18] => prime239v3
[19] => prime256v1
[20] => sect113r1
[21] => sect113r2
[22] => sect131r1
[23] => sect131r2
[24] => sect163k1
[25] => sect163r1
[26] => sect163r2
[27] => sect193r1
[28] => sect193r2
[29] => sect233k1
[30] => sect233r1
[31] => sect239k1
[32] => sect283k1
[33] => sect283r1
[34] => sect409k1
[35] => sect409r1
[36] => sect571k1
[37] => sect571r1
[38] => c2pnb163v1
[39] => c2pnb163v2
[40] => c2pnb163v3
[41] => c2pnb176v1
[42] => c2tnb191v1
[43] => c2tnb191v2
[44] => c2tnb191v3
[45] => c2pnb208w1
[46] => c2tnb239v1
[47] => c2tnb239v2
[48] => c2tnb239v3
[49] => c2pnb272w1
[50] => c2pnb304w1
[51] => c2tnb359v1
[52] => c2pnb368w1
[53] => c2tnb431r1
[54] => wap-wsg-idm-ecid-wtls1
[55] => wap-wsg-idm-ecid-wtls3
[56] => wap-wsg-idm-ecid-wtls4
[57] => wap-wsg-idm-ecid-wtls5
[58] => wap-wsg-idm-ecid-wtls6
[59] => wap-wsg-idm-ecid-wtls7
[60] => wap-wsg-idm-ecid-wtls8
[61] => wap-wsg-idm-ecid-wtls9
[62] => wap-wsg-idm-ecid-wtls10
[63] => wap-wsg-idm-ecid-wtls11
[64] => wap-wsg-idm-ecid-wtls12
[65] => Oakley-EC2N-3
[66] => Oakley-EC2N-4
[67] => brainpoolP160r1
[68] => brainpoolP160t1
[69] => brainpoolP192r1
[70] => brainpoolP192t1
[71] => brainpoolP224r1
[72] => brainpoolP224t1
[73] => brainpoolP256r1
[74] => brainpoolP256t1
[75] => brainpoolP320r1
[76] => brainpoolP320t1
[77] => brainpoolP384r1
[78] => brainpoolP384t1
[79] => brainpoolP512r1
[80] => brainpoolP512t1
)
In openssl
You can get a list of available ec curve name by calling
$ openssl ecparam -list_curves
The above example will output something similar to:
secp112r1 : SECG/WTLS curve over a 112 bit prime field
secp112r2 : SECG curve over a 112 bit prime field
secp128r1 : SECG curve over a 128 bit prime field
secp128r2 : SECG curve over a 128 bit prime field
secp160k1 : SECG curve over a 160 bit prime field
secp160r1 : SECG curve over a 160 bit prime field
......
......
Continue Reading how to generate ec key pair
Generate EC Curve Online Sign Verify Message
Thanku for reading !!! Give a Share for Support
Instead of directly asking for donations, I'm thrilled to offer you all nine of my books for just $9 on leanpub By grabbing this bundle you not only help cover my coffee, beer, and Amazon bills but also play a crucial role in advancing and refining this project. Your contribution is indispensable, and I'm genuinely grateful for your involvement in this journey!
Any private key value that you enter or we generate is not stored on this site, this tool is provided via an HTTPS URL to ensure that private keys cannot be stolen, for extra security run this software on your network, no cloud dependency