A.2. ECC Algorithms and Curves

Certificate System does not include a module natively to enable ECC, but it is possible to load and use a third-party PKCS #11 module with ECC-enabled. This is covered in Section 9.3, “Installing an Instance with ECC Enabled”.
The following algorithms are available for ECC keys:
  • SHA256withEC (the default)
  • SHA1withEC
  • SHA384withEC
  • SHA512withEC
The curves available for ECC keys are listed in Table A.1, “ECC Curves”.

NOTE

The only supported curve for the TPS is nistp256.

IMPORTANT

While Certificate System supports all of these curves, hardware security modules or servers may not support some of these curves. Check with the hardware vendor when determining what curves to use.

Table A.1. ECC Curves

Curve Family Supported Curves
NIST, SEC2 Prime
  • secp521r1 and nistp521
  • nistp521
  • secp384r1 and nistp384
  • nistp384
  • secp256r1 and nistp256
  • nistp256
  • secp256k1
  • secp224r1 and nistp224
  • nistp224
  • secp224k1
  • secp192r1 and nistp192
  • nistp192
  • secp192k1
  • secp160r2
  • secp160r1
  • secp160k1
  • secp128r2
  • secp128r1
  • secp112r2
  • secp112r1
NIST, SEC2 Binary
  • sect571r1 and nistb571
  • nistb571
  • sect571k1 and nistk571
  • nistk571
  • sect409r1 and nistb409
  • nistb409
  • sect409k1 and nistk409
  • nistk409
  • sect283r1 and nistb283
  • nistb283
  • sect283k1 and nistk283
  • nistk283
  • sect239k1
  • sect233r1 and nistb233
  • nistb233
  • sect233k1 and nistk233
  • nistk233
  • sect193r2
  • sect193r1
  • nistb163
  • sect163r2 and nistb163
  • sect163r1
  • sect163k1 and nistk163
  • nistk163
  • sect131r2
  • sect131r1
  • sect113r2
  • sect113r1
ANSI X9.62 Prime
  • prime239v3
  • prime239v2
  • prime239v1
  • prime192v3
  • prime192v2
  • prime192v1 and nistp192
  • prime256v1 and nistp256
ANSI X9.62 Binary
  • c2pnb163v1
  • c2pnb163v2
  • c2pnb163v3
  • c2pnb176v1
  • c2tnb191v1
  • c2tnb191v2
  • c2tnb191v3
  • c2onb191v4
  • c2onb191v5
  • c2pnb208w1
  • c2tnb239v1
  • c2tnb239v2
  • c2tnb239v3
  • c2onb239v4
  • c2onb239v5
  • c2pnb272w1
  • c2pnb304w1
  • c2tnb359v1
  • c2pnb368w1
  • c2tnb431r1