Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How to load a pubkey which is created using EC #1929

Open
ParasGarg7 opened this issue Jul 26, 2023 · 2 comments
Open

How to load a pubkey which is created using EC #1929

ParasGarg7 opened this issue Jul 26, 2023 · 2 comments

Comments

@ParasGarg7
Copy link

Hi

Can you help out on how to create a variable which takes a Public key created using EC with 192 as the bit size, and how to get the bits and size of the key.

For eg - key generated is BFgsTFQeqKr0toyURbtT43INMDS7FTHjz3yn3MR1/Yv/pb2b9ZCYNQ/Tafe5hQpEJ4TpZOKfikP/hWZvFL8QCPgqbIGqw/KTfA==

For this key, i want to validate whether this is a valid key and then get the key in bytes.

@terrafrost
Copy link
Member

Elliptic curves aren't like RSA. With elliptic curve crypto it's the curve name (or attributes) that's relevant - not it's size.

There are several 192-bit elliptic curves that phpseclib supports:

  • secp192r1 (aka nistp192, prime192v1)
  • secp192k1
  • prime192v2
  • prime192v3
  • brainpoolP192r1
  • brainpoolP192t1

That said, an EC public key is basically a coordinate. ie. more than one number. Coordinates can be compressed or not compressed.

After base64 decoding it, your "blob" is 73 bytes long. For an uncompressed 192-bit public key the "blob" should be 2*24+1 = 49 bytes long, at least if it was strictly a public key.

That said, I note that 49+24 is 73. So maybe the private key is concatenated after the public key. Like the private key of a 192-bit EC curve would be 24 bytes (192/8).

When I base64 decode your base64 encoded string I get this:

04582c4c541ea8aaf4b68c9445bb53e3720d3034bb1531e3cf7ca7dcc475fd8bffa5bd9bf59098350fd369f7b9850a442784e964e29f8a43ff85666f14bf1008f82a6c81aac3f2937c

The first byte is 04. That's what it should be for an uncompressed public key. So my guess is that the first 49 bytes are the public key and the last 24 bytes are the private key.

As for what curve is being used... looks like it's a nistp192 point. The point isn't valid on any other 192 bit curve phpseclib supports. My code:

$blob = base64_decode('BFgsTFQeqKr0toyURbtT43INMDS7FTHjz3yn3MR1/Yv/pb2b9ZCYNQ/Tafe5hQpEJ4TpZOKfikP/hWZvFL8QCPgqbIGqw/KTfA==');
$public = "\0" . substr($blob, 0, 49);
$private = substr($blob, -24);

$point = \phpseclib3\Crypt\EC\Formats\Keys\PKCS1::extractPoint(
	$public,
	new \phpseclib3\Crypt\EC\Curves\secp192r1()
);

If it wasn't a valid point an exception would be thrown. Case in point: try that with new \phpseclib3\Crypt\EC\Curves\secp192k1() vs new \phpseclib3\Crypt\EC\Curves\secp192r1().

Note that I didn't verify to see if the presumed private key corresponds to the public key. I can provide code to do that if so desired.

Also, I do not believe this is a standardized format. I mean, I don't pretend to be an expert on every format out there but if I'm right and it isn't then I would recommend you use a standard format for interoperability purposes.

@terrafrost
Copy link
Member

For this key, i want to validate whether this is a valid key and then get the key in bytes.

So lmk if you want the presumed private key part of the key validated.

As for getting the key in bytes... I assume what you mean is that you want it in one of the formats discussed at http://phpseclib.com/docs/ec#supported-formats? I mean, 'cause, technically, you already have a key in byte format - it's just not a standardized format.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants