How to separate marshalled ecdsa public and private keys in GoLang

Question

So far, I have:

key, err := ecdsa.GenerateKey(elliptic.P521(), rand.Reader)
if err != nil {
    os.Exit(-1)
}
marshalled, err := x509.MarshalECPrivateKey(key) // marshalls data to byte stream
if err != nil {
    os.Exit(-1)
}

Basically, what I am having trouble with has to do with the fact that when a key pair is generated, it is stored in an *ecdsa.PrivateKey, in which the public key is stored in the *ecdsa.PrivateKey.PublicKey, and when I marshall the key pair data (stored in the *ecdsa.PrivateKey) using x509.MarshalECPrivateKey(key), a single byte slice is returned. I am therefore having trouble determining which are the public and private keys in the byte slice itself.

score 0 · Answer 1 · answered Nov 24 '18 at 07:55

0

The private key is a superset of the public key. It always contains the public key. Usually a public key is stored as part of a certificate.

If you really want to get the public key by itself, you can grab the X and Y big integers from the ecdsa public key struct and store the binary representation of them.

You might benefit from a bit of retrospect on your design here. There aren't too many situations where you need to communicate a public key alone.

answered Nov 24 '18 at 07:55

Luke Joshua Park

9,527
5
27
44

I need to do this, because I need to share the public key and keep the private key in secret, while both are in a binary representation. – Matt Nov 24 '18 at 07:57
Why are you not storing the public in a certificate? – Luke Joshua Park Nov 24 '18 at 07:59
How may I go about doing that? (No pun intended) – Matt Nov 24 '18 at 08:01
I suggest you give the `x509` package documentation a good read. – Luke Joshua Park Nov 24 '18 at 08:17

How to separate marshalled ecdsa public and private keys in GoLang

1 Answers1