OpenSSL command line to display EC key data

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

OpenSSL command line to display EC key data

Roger Dunn
I have an EC key I am trying to extract the private+public key info

I use the command line:

openssl ec -in mykey.key.pem -noout -text

Output is as follows:

read EC key
Private-Key: (256 bit)
priv: 1 (0x1)
pub:
    xxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxx
ASN1 OID: prime256v1

The private section is not being displayed, only the public.

I've seen many samples using the same command where both private+public key data are displayed... not sure what's up with this.

The key headers are

-----BEGIN EC PRIVATE KEY-----
-----END EC PRIVATE KEY-----

This is an intermediate cert.
--
dev-tech-crypto mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-crypto
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL command line to display EC key data

Hubert Kario
On Wednesday, 16 August 2017 20:41:58 CEST Roger Dunn wrote:

> I have an EC key I am trying to extract the private+public key info
>
> I use the command line:
>
> openssl ec -in mykey.key.pem -noout -text
>
> Output is as follows:
>
> read EC key
> Private-Key: (256 bit)
> priv: 1 (0x1)
> pub:
>     xxxxxxxxxxxxxxxxxxxxxxxxx
>     xxxxxxxxxxxxxxxxxxxxxxxxx
>     xxxxxxxxxxxxxxxxxxxxxxxxx
> ASN1 OID: prime256v1
Is that pub value similar to:

  04
  6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296
  4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5

then 1 *is* your private key value (I don't think I have to explain how bad
that is...)


--
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purky┼łova 115, 612 00  Brno, Czech Republic
--
dev-tech-crypto mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-crypto

signature.asc (836 bytes) Download Attachment