Ho la chiave pubblica ECDSA:
-----BEGIN PUBLIC KEY-----
//public key data
-----END PUBLIC KEY-----
Mi piacerebbe creare una struttura ASN.1 come questa:
Parameters:: = CHOICE {
ecParametersECParameters, namedCurveCURVES. & id( {
CurveNames}
), implicitlyCANULL}
ed estrai il valore Q . È possibile estrarre tali parametri dalla chiave pubblica?
Puoi farlo usando OpenSSL :
$> openssl ec -in /tmp/blih -pubout | openssl ec -text -pubin
read EC key
writing EC key
read EC key
Private-Key: (256 bit)
pub:
04:b0:36:49:b9:76:9a:1b:fd:72:1a:cf:22:d9:eb:
29:e8:b4:fe:0b:fc:93:e6:35:9e:cd:c4:a0:15:00:
27:49:af:40:8c:94:6c:50:58:da:e9:9b:88:61:83:
34:d0:21:6d:03:b6:18:43:41:65:50:d4:db:d0:bb:
75:8c:cf:fb:6f
Field Type: prime-field
Prime:
00:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:fe:ff:
ff:fc:2f
A: 0
B: 7 (0x7)
Generator (uncompressed):
04:79:be:66:7e:f9:dc:bb:ac:55:a0:62:95:ce:87:
0b:07:02:9b:fc:db:2d:ce:28:d9:59:f2:81:5b:16:
f8:17:98:48:3a:da:77:26:a3:c4:65:5d:a4:fb:fc:
0e:11:08:a8:fd:17:b4:48:a6:85:54:19:9c:47:d0:
8f:fb:10:d4:b8
Order:
00:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
ff:fe:ba:ae:dc:e6:af:48:a0:3b:bf:d2:5e:8c:d0:
36:41:41
Cofactor: 1 (0x1)
writing EC key
-----BEGIN PUBLIC KEY-----
MIH1MIGuBgcqhkjOPQIBMIGiAgEBMCwGByqGSM49AQECIQD/////////////////
///////////////////+///8LzAGBAEABAEHBEEEeb5mfvncu6xVoGKVzocLBwKb
/NstzijZWfKBWxb4F5hIOtp3JqPEZV2k+/wOEQio/Re0SKaFVBmcR9CP+xDUuAIh
AP////////////////////66rtzmr0igO7/SXozQNkFBAgEBA0IABLA2Sbl2mhv9
chrPItnrKei0/gv8k+Y1ns3EoBUAJ0mvQIyUbFBY2umbiGGDNNAhbQO2GENBZVDU
29C7dYzP+28=
-----END PUBLIC KEY-----
Credo che Order sia il parametro Q della curva.
Tieni presente che potresti non avere lo stesso output perché la chiave pubblica potrebbe non includere EC parameters , se non è detto "parametri impliciti" perché il destinatario sa quale curva e quali parametri utilizzare. In questo caso sei sfortunato se non sai quale curva è.
Se conosci la curva, puoi estrarre i parametri usando nuovamente OpenSSL :
$> openssl ecparam -name secp256k1 -param_enc explicit -text
Field Type: prime-field
Prime:
00:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:fe:ff:
ff:fc:2f
A: 0
B: 7 (0x7)
Generator (uncompressed):
04:79:be:66:7e:f9:dc:bb:ac:55:a0:62:95:ce:87:
0b:07:02:9b:fc:db:2d:ce:28:d9:59:f2:81:5b:16:
f8:17:98:48:3a:da:77:26:a3:c4:65:5d:a4:fb:fc:
0e:11:08:a8:fd:17:b4:48:a6:85:54:19:9c:47:d0:
8f:fb:10:d4:b8
Order:
00:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
ff:fe:ba:ae:dc:e6:af:48:a0:3b:bf:d2:5e:8c:d0:
36:41:41
Cofactor: 1 (0x1)
-----BEGIN EC PARAMETERS-----
MIGiAgEBMCwGByqGSM49AQECIQD////////////////////////////////////+
///8LzAGBAEABAEHBEEEeb5mfvncu6xVoGKVzocLBwKb/NstzijZWfKBWxb4F5hI
Otp3JqPEZV2k+/wOEQio/Re0SKaFVBmcR9CP+xDUuAIhAP//////////////////
//66rtzmr0igO7/SXozQNkFBAgEB
-----END EC PARAMETERS-----
Nota il flag -param_enc explicit .
Leggi altre domande sui tag encryption