I am using Botan to create public/private ECDSA keypairs. The public keys that are generated (even on different machines using this code) are very similar... too similar to consider safe I would think. Here is an example of two runs:
-----BEGIN PUBLIC KEY-----
MIIBEzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEA////////////////
/////////////////////v///C8wRAQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAEIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBEEEeb5m
fvncu6xVoGKVzocLBwKb/NstzijZWfKBWxb4F5hIOtp3JqPEZV2k+/wOEQio/Re0
SKaFVBmcR9CP+xDUuAIhAP////////////////////66rtzmr0igO7/SXozQNkFB
AgEBAyIAAneDBKm4ubKbv0hxgzhkh0oAI8WKFTs1Hz/Qqyl6qxzD
-----END PUBLIC KEY-----
-----BEGIN PUBLIC KEY-----
MIIBEzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEA////////////////
/////////////////////v///C8wRAQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAEIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBEEEeb5m
fvncu6xVoGKVzocLBwKb/NstzijZWfKBWxb4F5hIOtp3JqPEZV2k+/wOEQio/Re0
SKaFVBmcR9CP+xDUuAIhAP////////////////////66rtzmr0igO7/SXozQNkFB
AgEBAyIAAtQr5BPT04pk/Ror6uIGRqEKeB8dwIteR8p/r+Nl7hql
-----END PUBLIC KEY-----
I am using X509 encoding to encode the public key. Here's the code to generate the ECDSA keys:
LibraryInitializer init;
AutoSeeded_RNG rng;
EC_Group ecGroup("secp256k1");
ECDSA_PrivateKey key(rng, ecGroup);
Why am I generating such similar public keys? And am I right in assuming that isn't "safe" if multiple users were to use this code to generate their own keys?
UPDATE:
The answer below seems correct. I emailed the creator of XCA, Christian Hohnstaedt, to probe a little further into how XCA generates this public key and what it is. He replied that it is the EC_POINT and is obtained by using the command
openssl ec -pubin -noout -text
Plugging in the X509 PEM encoded public keys indeed reveals different public EC Points. It should be noted (for other newbs like me) that the public EC Points in the answer do no good for another party on their own - the other party needs to know which EC Group is being used, and that's why the X509 PEM encoding is much more helpful than just an EC Point.
The actual public keys from these are:
02:77:83:04:A9:B8:B9:B2:9B:BF:48:71:83:38:64:87
4A:00:23:C5:8A:15:3B:35:1F:3F:D0:AB:29:7A:AB:1C
C3
and
02:D4:2B:E4:13:D3:D3:8A:64:FD:1A:2B:EA:E2:06:46
A1:0A:78:1F:1D:C0:8B:5E:47:CA:7F:AF:E3:65:EE:1A
A5
These are not the same, so there is no apparent reason to worry on that front. The data that is the same is the key meta-data and encoding bumf (which you would expect to be the same for identical format keys).
Values obtained by importing into xca (linux). There are better tools for inspecting DER encoded data, but I couldn't find any easily.
Related
I have a next.js application where I have a local .pem file for JWT public/private key authentication. My host does not allow me to upload secret files, so I am trying to access the .pem from a muli-line string .env variable.
I have the contents of the .pem stored like this:
PUB_KEY="-----BEGIN RSA PUBLIC KEY----- [newline]
YTuFE/BOU+pF6T2nYuyYQugqJHUZ62b3LJAeZYyBIjW+LZLeHGkUOZfqHnwSbmd9[newline]
isMbGtdNN/wujOftX1GSDApHX0LyNb+covtN4X4mcFFqyKuotFftUjOLzvb2AeJe[newline]
s9285pXbhAKVcStyAn26pI5...[newline]
-----END RSA PUBLIC KEY-----"
I get the error: Error, secretOrPrivateKey must be an asymmetric key when using RS256
I have tried to convert the .env variable from a multi line string to a single line string, preserving the newlines with this function:
function makeSingleLineKey(key) {
return key.replace(/(\r\n|\n|\r)/gm, '\\n');
}
but I get the same error.
There is an issue with the formatting of the .pem key I think.
Any ideas what might be going wrong?
Thanks
I was able to fix this by storing the .pem files in .env variables where the multi line strings were converted to a single line with the \n line breaks preserved e.g.
`LOCAL_AUTH_PUB_KEY={"PUB_KEY":"-----BEGIN RSA PUBLIC KEY-----\nMIICCgKCAgEAyLKk4ldt/a9dItmU2GkCVUJ1nTIh137JLTGLVyfPHkBaEBpMSm0j\nYT...`
I then accessed the variables in my code like this:
const { PUB_KEY } = JSON.parse(process.env.LOCAL_AUTH_PUB_KEY)
https://dev.to/cfofiu/how-to-store-a-long-private-key-in-vercel-s-environment-variables-46f5
I'm trying to generate an RSA key pair using openssl with a custom bit-length. Using the openssl genrsa command, passing the bit-length at the end of the command would work. But as genrsa is show depricated in the man page(man openssl-genrsa), I've chosen the genpkey command instead. The man page shows several options for generating the key including the algorithm to use, but there isn't any option to specify the bit-length.
This is the command I used: openssl genpkey -algorithm rsa -out pkey.pem -outform PEM
I'm new to openssl and Public Key Encryption, so please forgive me if the question is too basic.
What you are looking for is -pkeyopt option. The text for this is as follows:
Set the public key algorithm option opt to value. The precise set of options supported depends on the public key algorithm used and its implementation. See "KEY GENERATION OPTIONS" and "PARAMETER GENERATION OPTIONS" below for more details.
For RSA, the options are:
rsa_keygen_bits:numbits
The number of bits in the generated key. If not specified 2048 is used
openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:2048 -out pkey.pem -outform PE
I think this should do what you want, where 2048 is the number of bits you want.
I've got a .env file with public/private multiline keys in it, but only some keys are parsing. While the PUBLIC_KEY variable parses correctly with the dotenv package, PRIVATE_KEY is parsed as '-----BEGIN RSA PRIVATE KEY-----.
We've tried swapping their positions in the file, swapping their values, but nothing we do changes the way the file parses--regardless of how we change the file, the PUBLIC_KEY alone parses correctly.
PUBLIC_KEY='-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuEdNotdGbDKZO1o7oATA
...
BvnP5uVCRrHigT1b8kvpJ/ptVw3hy2yE9h6V0Lolqq8XJ4kydLrOym5fVCdQlGBV
a9R7j5Z/03IUU34BwHNy648CAwEAAQ==
-----END PUBLIC KEY-----
'
PRIVATE_KEY='-----BEGIN RSA PRIVATE KEY-----
MIIJKQIBAAKCAgEAuEdNotdGbDKZO1o7oATAn6PsIoN3DhVLAZBDjg2JZ54ZDVc/
...
jUId69Z3cNk9QM2q0y26qo8uhEZ+yHCkxC3tBfWJ45YrP+Mj3FsPR044rhmu
-----END RSA PRIVATE KEY-----
'
We've got a working solution to manually input line breaks into the remaining keys, but we're still curious if anyone knows what could be causing this.
Thank you!
Using this library..
https://github.com/motdotla/dotenv
I've added a private RSA key to .env. Using it to sign a JWT.
When I sign the JWT, this error greats me.
error:0906D066:PEM routines:PEM_read_bio:bad end line
My RSA key is just a basic multi line, key.
-----BEGIN RSA PRIVATE KEY-----
MIIEpgIBAAKCAQE.......
........
The RSA key is multi-line.
DotEnv can only read one-liners, the unfortunate work around (AFIAK) are to add a \n to the end of every line. And then make this string a one liner. But this error keeps occuring..
Has anyone else experienced this and have solution?
Or perhaps know of another env file manager that can handle multi-lines?
Add surrounding double quotes to the value in the .env file and replace line breaks with \n like so:
KEY="-----BEGIN RSA PRIVATE KEY-----\nMIIE..."
I have created a PFX PDU using the java bouncycastle library. Inside the PFX PDU, there are two certificates and two encrypted private keys. All the contents are used as PKCS#7 data content (i.e. no encryption, stored as octet strings).I organised the elements according to the guidelines of PKCS#12 (RFC 7292 Section 5). Then I wrote the DER encoded byte array to a file.
I opened the file in a hex editor and saw that the object structure is OK. I have also read the file contents and built a bouncycastle PFX object from it. But when I try to open the .pfx file from my file system, the Certificate Import Wizard asks for the password for the private key. I did not use any password to create the PFX object. I have tried to use empty string and the password used for encrypting the private keys, but they didn't work. It shows "The password you entered is incorrect.".
Is there something I missed here? How can I get the password required to import certificates?
In RFC 7292, section 4.1, page 41, details of AuthenticatedSafe is described. AutthenticatedSafe is sequence OF ContentInfo which could one of three types.
AuthenticatedSafe ::= SEQUENCE OF ContentInfo
-- Data if unencrypted
-- EncryptedData if password-encrypted
-- EnvelopedData if public key-encrypted
Make your authenticatedSafe data as EncryptedData where you needs to encrypt the BERencoded value of AuthenticatedSafe with the SecretKey generated from password you will give using SecretKeyFactory and PBEParameterSpec.
Hope that, this will help you. Cheers !!!