OpenSSL "pkey" - Open Encrypted EC Keys

Q

How to open an encrypted EC key file using OpenSSL "pkey" command? I was told the key file is DES encrypted and I know the password.

✍: FYIcenter.com

A

If you are trying to open a password (encrypted) EC key file using the "pkey" command, you will be prompted for the password as shown below:

C:\Users\fyicenter>\local\openssl\openssl

OpenSSL> pkey -in my_ec_des.key -text -noout
Enter pass phrase for my_ec_des.key: noidea
unable to load key
15924:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad 
   decrypt:.\crypto\evp\evp_enc.c:529:
15924:error:23077074:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 cipherfinal 
   error:.\crypto\pkcs12\p12_decr.c:108:
15924:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe 
   crypt error:.\crypto\pkcs12\p12_decr.c:139:
15924:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 
   lib:.\crypto\pem\pem_pkey.c:141:
error in pkey

OpenSSL> pkey -in my_ec_des.key -text -noout
Enter pass phrase for my_ec_des.key: fyicenter
Private-Key: (112 bit)
priv:
    31:b2:99:6b:d4:e6:be:95:68:54:9b:43:f0:c1
pub:
    04:56:3d:bb:e9:c1:a0:41:c0:a4:8d:2a:ce:43:e6:
    9b:4a:ae:fd:66:57:32:f9:5a:63:52:60:7b:71
Field Type: prime-field
Prime:
    00:db:7c:2a:bf:62:e3:5e:66:80:76:be:ad:20:8b
A:
    00:db:7c:2a:bf:62:e3:5e:66:80:76:be:ad:20:88
B:
    65:9e:f8:ba:04:39:16:ee:de:89:11:70:2b:22
Generator (uncompressed):
    04:09:48:72:39:99:5a:5e:e7:6b:55:f9:c2:f0:98:
    a8:9c:e5:af:87:24:c0:a2:3e:0e:0f:f7:75:00
Order:
    00:db:7c:2a:bf:62:e3:5e:76:28:df:ac:65:61:c5
Cofactor:  1 (0x1)
Seed:
    00:f5:0b:02:8e:4d:69:6e:67:68:75:61:51:75:29:
    04:72:78:3f:b1

Options used in this command are:

"-in my_ec_des.key" - Read the EC private key file.
"-text" - Print content of the key in text format.
"-noout" - Do not include the key in the output.
"noidea" - The incorrect password of the key file. You get errors.
"fyicenter" - The correct password of the key file.

⇒ OpenSSL "pkey -aes*" - Re-Encrypt EC Keys

⇐ OpenSSL "genpkey -des" - DES Encrypt EC Keys

⇑ OpenSSL "genpkey" Command for EC Keys

⇑⇑ OpenSSL Tutorials

2017-06-16, 3463👍, 0💬

💬 2021-06-28 THONG NGO: BitcoinVN

💬 2021-06-21 reza: Thanks

OpenSSL "rsautl -encrypt" - Encryption with RSA Public Key
How to encrypt a file with an RSA public key using OpenSSL "rsautl" command? If you want to encrypt a file with an RSA public in order to send private message to the owner of the public key, you can use the OpenSSL "rsault -encrypt" command as shown below: C:\Users\fyicenter>type clear.txt Th... 2017-06-11, 13645👍, 0💬

OpenSSL "ecparam -list_curves" - List of EC Curves
What EC curves are supported by OpenSSL for generating EC keys? I want a list of all EC curves. If you want a list of all EC curves, you can use the OpenSSL "ecparam" command as shown below: C:\Users\fyicenter>\loc al\openssl\opensslOpenSSL> ecparam -list_curves secp112r1 : SECG/WTLS c... 2017-06-23, 13462👍, 0💬

OpenSSL "rsautl" Command Options
What can I use OpenSSL "rsautl" command for? What are options supported by the "rsautl" command? OpenSSL "rsautl" command is a utility to sign, verify, encrypt and decrypt data using RSA private key and public key. Here are options supported by the "rsautl" command: C:\Users\fyicenter>\loc al\... 2017-06-16, 8122👍, 0💬

OpenSSL "rsautl" Command for RSA Keys
Where to find tutorials on using OpenSSL "genpkey" and "rsautl" commands for RSA private keys? Here is a collection of tutorials on using OpenSSL "rsautl" command compiled by FYIcenter.com team to encrypt, decrypt, sign or verify data with RSA (Rivest, Shamir and Adleman) public and private keys. Op... 2017-05-29, 7024👍, 0💬

OpenSSL "pkey -pubout" - Extract EC Public Key
How to extract the public key from a EC key file using OpenSSL "pkey" command? If you want to extract the public key out from a EC key file (private key an public key), you can use the OpenSSL "pkey -pubout" command as shown below: C:\Users\fyicenter>\loc al\openssl\openssl.exeOpenSSL>... 2017-07-03, 6201👍, 0💬

OpenSSL "genpkey ec_paramgen_curve:secp521r1" - EC Long Keys
How to generate a new EC key pair with a longer key size using OpenSSL "genpkey" command? If you need a new EC key pair with a longer key size for testing purpose, you can use the OpenSSL "genpkey" command as shown below: C:\Users\fyicenter>\loc al\openssl\opensslOpenSSL> genpkey -genp... 2017-06-28, 6165👍, 0💬

OpenSSL "pkey -pubin" - View EC Public Key
How to view contents of a EC public key file using OpenSSL "pkey" command? If you want to view contents of a EC public key stored in a file, you can use the OpenSSL "pkey -pubin" command as shown below: C:\Users\fyicenter>\loc al\openssl\openssl.exeOpenSSL> pkey -pubin -in my_ec_pub.ke... 2017-07-03, 5269👍, 0💬

OpenSSL "pkey" - Open Encrypted EC Keys
How to open an encrypted EC key file using OpenSSL "pkey" command? I was told the key file is DES encrypted and I know the password. If you are trying to open a password (encrypted) EC key file using the "pkey" command, you will be prompted for the password as shown below: C:\Users\fyicenter>... 2017-06-16, 3464👍, 0💬

OpenSSL "pkey -aes*" - Re-Encrypt EC Keys
How to re-encrypt a EC key file using OpenSSL "pkey" command? I want to change the encryption password, and maybe change the encryption algorithm. If you want to encrypt an existing EC key file again, you can use the "pkey -aes*" command as shown below: C:\Users\fyicenter>\loc al\openssl\opens... 2017-05-29, 2093👍, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.