0

First of all, sorry for my ignorance, I'm new at cryptography. I'm trying to generate a public key for use with elliptic curves given the private key.

So, at the moment I have:

  1. The curve I will be using y^2 = x^3 - ax + b (prime256v1)

  2. A .pem file with a private key.

The first question is, does the private key have to be random? I mean, can it be whatever I want?

When I use the OpenSSL command:

openssl ecparam -in private.pem -name prime256v1 -out public.pem

If I do a cat of public.pem I get: 

-----BEGIN EC PARAMETERS-----
BggqhkjOPQMBBw==
-----END EC PARAMETERS-----

But there is no public key.

The second question is, does anyone know what I'm doing wrong?

Thanks in advance.

jww
  • 97,681
  • 90
  • 411
  • 885
tknbr
  • 139
  • 1
  • 13
  • 1
    This is somewhat off topic here as it is just about command line usage. But it's X-mas. Next time, use superuser please. – Maarten Bodewes Dec 24 '15 at 11:42
  • @Maarten - I was ready to cast the close, but I'm going to follow your lead. [Unix & Linux Stack Exchange](http://unix.stackexchange.com/) and [Information Security Stack Exchange](http://security.stackexchange.com/) may also be useful. – jww Dec 25 '15 at 01:17

1 Answers1

1

A .pem file with a private key. I have here the first question. The private key can be random? I mean, can it be whatever I want?

No. The parameter S of the private key can be random, but the ASN.1 -> DER -> PEM encoded private key - which includes the parameters - can't.

openssl ecparam -in private.pem -name prime256v1 -out public.pem ... But there is no public key, anyone know what I'm doing wrong?

You need to use the ec command instead, and use -pubout. The .pem that you are currently getting simply contains the name of the curve encoded as OID:

echo "BggqhkjOPQMBBw==" | openssl base64 -d | openssl asn1parse -inform DER

result: 

0:d=0  hl=2 l=   8 prim: OBJECT            :prime256v1
Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263