-
Notifications
You must be signed in to change notification settings - Fork 3
Generate a private key with OpenSSL
To check if KeyChain adheres to encryption standards, you can generate a private key from a KeyChain JSON file using an openSSL utility.
To illustrate how it works, we shall take a key file from the key_data folder
Here is the contents of 76de427d42c38be4.json:
{
"filetype": "TYPE_KEY",
"keyname": "test1@76de427d42c38be4",
"description": "",
"keychain_version": "0.9",
"keyinfo": {
"format": "FORMAT_ARRAYIO",
"encrypted": true,
"curve_type": "secp256k1",
"priv_key_data": {
"cipher_type": "aes256",
"iv": "bb104b287748b6714f543370fc9a4730",
"enc_data": "0d98d71da8515fca89aac89f8280861fa349169025caed6dbb836e4ba9e184fad298a0238fb38c0a7cf4a38dfd77e783e17d77c6a39ce0f42ecfd35f05269df16d6e67f058cc91b17d02309c0f1f88d4"
},
"public_key": "082d578f8b53f7640362bc490d02a5a0fd9a81bd43b600414573cb39bec492e3530679bca49c117b19fd8636a972c11b67235d1bc6dc556f0d5b9fcd140323e0"
}
}
To get a private key, we should use the following command:
openssl enc -nosalt -aes-256-cbc -d -in myBinaryFile -K B5BA77AF1F7BDA735894E746A199ACB1D2C836424DA2FC46BEBB55423DCCBFF8 -iv bb104b287748b6714f543370fc9a4730
Result:
b3d3427eea7867c243baaf2f4c67a9551eea2ea96556acfb0051dffa18d182d4
The command has three parameters: myBinaryFile, -K, and -iv
- myBinaryFile - a binary file that we need to get.
Here is how we can do that.
The line enc_data
from our json file is in hex format. This line should be transposed to a binary file.
For example, we can accomplish that with a xxd
utility:
xxd -r -p 1.txt myBinaryFile
- -K ...
SHA2-512 from the passphrase. We take the first half of the line (the first 64 symbols).
The passphrase for this key: qwe
Now we are going to use a sha512 hash generating service that you can find here.
Result:
B5BA77AF1F7BDA735894E746A199ACB1D2C836424DA2FC46BEBB55423DCCBFF871877A30FAB77A31E47B0A29EA0154882E532E9A29B220A8F2958773313BBB2A
If we take the first half of the line, we get:
B5BA77AF1F7BDA735894E746A199ACB1D2C836424DA2FC46BEBB55423DCCBFF8
- iv is taken as is from the json file