ECC keypair generation with password

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

ECC keypair generation with password

Ken Goldman-2
I've been using this command to generate a password protected ECC keypair.

openssl ecparam -name prime256v1 -genkey -noout | openssl pkey -aes256
-passout pass:passwd -text > tmpecprivkey.pem

The output is a
-----BEGIN ENCRYPTED PRIVATE KEY-----

which I parsed using

        PEM_read_PrivateKey(pemKeyFile, NULL, NULL, (void *)password);
        *ecKey = EVP_PKEY_get1_EC_KEY(evpPkey);
        privateKeyBn = EC_KEY_get0_private_key(ecKey);

Now I must send the PEM file to a crypto library that does not support
-----BEGIN ENCRYPTED PRIVATE KEY-----

It expects
-----BEGIN EC PRIVATE KEY-----

Its parser does accept a password.

Is there a way to generate that PEM file?  I.e.

A password protected ECC keypair in -----BEGIN EC PRIVATE KEY----- format/






Reply | Threaded
Open this post in threaded view
|

Re: ECC keypair generation with password

Viktor Dukhovni
On Thu, Feb 28, 2019 at 03:05:43PM -0500, Ken Goldman wrote:

> The output is a
> -----BEGIN ENCRYPTED PRIVATE KEY-----

This is PKCS8, which is the non-legacy private key format that
should be used by modern libraries.  This is for example output by:

    $ openssl genpkey -algorithm ec -pkeyopt ec_paramgen_curve:prime256v1 -aes128
    Enter PEM pass phrase:
    Verifying - Enter PEM pass phrase:
    -----BEGIN ENCRYPTED PRIVATE KEY-----
    MIHsMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAgWnV30Y37QvAICCAAw
    DAYIKoZIhvcNAgkFADAdBglghkgBZQMEAQIEEMx8xGM1W+W4JdPET0xj0MAEgZAp
    9XvYDcsnokrXBoyWqFF73VeT/4ALgS+StQQK/84qzqjOKSUeteLiDoHkyH2GUYue
    WILJh+3MoqRRGyGPGaznI7yT2fCSUJNGZsvEDd8ILYGpvkS8ssfa/WXWZ0d4jwXr
    VE05VWx424ospaKPz8E5wsvpfuqB3/CxFnD0WUTa1cY/oLkwAUem/ps4iMWoIP8=
    -----END ENCRYPTED PRIVATE KEY-----

[ The password is "sesame", if you want to test using the above key. ]

> Now I must send the PEM file to a crypto library that does not support
>
> It expects
> -----BEGIN EC PRIVATE KEY-----

That's the legacy algorithm-specific format, your library is rather
dated.

> Its parser does accept a password.
>
> Is there a way to generate that PEM file?  I.e.

    $ openssl ec -aes128 <<EOF
    > -----BEGIN ENCRYPTED PRIVATE KEY-----
    > MIHsMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAgWnV30Y37QvAICCAAw
    > DAYIKoZIhvcNAgkFADAdBglghkgBZQMEAQIEEMx8xGM1W+W4JdPET0xj0MAEgZAp
    > 9XvYDcsnokrXBoyWqFF73VeT/4ALgS+StQQK/84qzqjOKSUeteLiDoHkyH2GUYue
    > WILJh+3MoqRRGyGPGaznI7yT2fCSUJNGZsvEDd8ILYGpvkS8ssfa/WXWZ0d4jwXr
    > VE05VWx424ospaKPz8E5wsvpfuqB3/CxFnD0WUTa1cY/oLkwAUem/ps4iMWoIP8=
    > -----END ENCRYPTED PRIVATE KEY-----
    > EOF
    read EC key
    Enter PEM pass phrase:
    writing EC key
    Enter PEM pass phrase:
    Verifying - Enter PEM pass phrase:
    -----BEGIN EC PRIVATE KEY-----
    Proc-Type: 4,ENCRYPTED
    DEK-Info: AES-128-CBC,28ADEB740F62A9F41B2AAE09B53CD433

    WbSfKUDAWwz8/6mAH9fuiBbCHrNwb7hnoRz7rfaoJ9QU5VzxZtwuZhGnAw/nKfsy
    b/GHtWa4ghtHf9QofQWuJukeMrC2/KAO+8K1qRsUtcH3KFsaVLcKrDk9plQ2lGdr
    qh3IX8vzPi+YZbdtquSse84g5GNMSE/Urv2bGdZH278=
    -----END EC PRIVATE KEY-----

[ The password is still "sesame" ]

--
        Viktor.
Reply | Threaded
Open this post in threaded view
|

RE: ECC keypair generation with password

Michael Wojcik
In reply to this post by Ken Goldman-2
> From: openssl-users [mailto:[hidden email]] On Behalf Of
> Ken Goldman
> Sent: Thursday, February 28, 2019 15:06
>
> I've been using this command to generate a password protected ECC keypair.
>
> openssl ecparam -name prime256v1 -genkey -noout | openssl pkey -aes256
> -passout pass:passwd -text > tmpecprivkey.pem
>...
>
> Now I must send the PEM file to a crypto library that does not support
> -----BEGIN ENCRYPTED PRIVATE KEY-----
>
> It expects
> -----BEGIN EC PRIVATE KEY-----
>
> Its parser does accept a password.
>
> Is there a way to generate that PEM file?  I.e.
>
> A password protected ECC keypair in -----BEGIN EC PRIVATE KEY----- format

You don't say what version of OpenSSL you're using.

Have you tried just changing the PEM header and footer? OpenSSL doesn't like that (it expects an unencrypted EC keypair for "EC PRIVATE KEY"), but maybe this other library does.

Are you sure the other library is expecting an encrypted key? Have you tried with an unencrypted one, but using the "EC PRIVATE KEY" header/footer?

--
Michael Wojcik
Distinguished Engineer, Micro Focus


Reply | Threaded
Open this post in threaded view
|

RE: ECC keypair generation with password

Michael Wojcik
In reply to this post by Ken Goldman-2
> From: Michael Wojcik
> Sent: Thursday, February 28, 2019 15:55
>
> Have you tried just changing the PEM header and footer? ...

Whoops. Just saw Viktor's response. Never mind.

--
Michael Wojcik
Distinguished Engineer, Micro Focus



Reply | Threaded
Open this post in threaded view
|

Re: ECC keypair generation with password

Viktor Dukhovni
In reply to this post by Viktor Dukhovni
> On Mar 25, 2019, at 1:53 PM, Kenneth Goldman <[hidden email]> wrote:
>
>
>     $ openssl ec -aes128 <<EOF
>
> This was the piece I was missing.  Thanks.
>
> In the script, I used this:
>
>     openssl ec -aes128 -passout pass:rrrr -in tmpecprivkeydec.pem -out tmpecprivkey.pem

I try to avoid putting sensitive information in command-line arguments.

If you're using "bash" (which has "printf" as a built-in) you could use:

        -passout file:<(printf "rrrr\n")

which does not create any processes with the password in the argument vector.
Example:

$ openssl enc -aes128 -pass file:<(printf "rrrr\n") <<EOF | openssl enc -d -aes128 -pass file:<(printf "rrrr\n")
> foobar
> EOF
foobar

--
        Viktor.

Reply | Threaded
Open this post in threaded view
|

Re: ECC keypair generation with password

Ken Goldman-2

> From: Viktor Dukhovni <[hidden email]>
> >


> > In the script, I used this:
> >
> >     openssl ec -aes128 -passout pass:rrrr -in tmpecprivkeydec.pem
> -out tmpecprivkey.pem
>
> I try to avoid putting sensitive information in command-line arguments.
>
> If you're using "bash" (which has "printf" as a built-in) you could use:
>
>    -passout file:<(printf "rrrr\n")
>
> which does not create any processes with the password in the argument vector.
> Example:
>
> $ openssl enc -aes128 -pass file:<(printf "rrrr\n") <<EOF | openssl
> enc -d -aes128 -pass file:<(printf "rrrr\n")
> > foobar
> > EOF
> foobar

Understood, but this is just for a regression test script.

Thanks.