Extracting an Uncompressed Public Key from a Compressed Private Key Using OpenSSL
When working with cryptographic keys, especially Elliptic Curve Cryptosystem (ECC) keys such as ECDSA, it is essential to understand how to extract an uncompressed public key from a compressed private key. In this article, we will delve into the process and provide an example code snippet using the OpenSSL library.
Compressed Private Key Format
The compressed private key format used by ECC keys is based on the Curve25519 key structure, which consists of several fields:
- “ec_point”: the elliptic curve point.
- “Base_string”: the base string containing the compressed public key (more on this later).
- “length”: the length of the base string in bytes.
Compressed Public Key Format
The uncompressed public key format is similar, but uses a different base string and has a few differences:
- “ec_point”: still a point on the elliptic curve.
- “Base_string”: the base string containing the uncompressed public key (more on this later).
- “length”: the length of the base string in bytes.
Extracting the uncompressed public key from the compressed private key
To extract the uncompressed public key, you must first decompress the compressed private key using the OpenSSL “ecdk” library. This will give you a “Base64 encoded string” that can be decrypted to get the uncompressed public key.
Here is an example of a C++ code snippet:
#include
#include
#include
int main() {
// Load your private key from a file or buffer
EC_KEY* pKey = NULL;
int ret = EC_KEY_new_by_curve_name(NID_secp256k1, NULL);
if (ret != 0) {
std::cerr << "Error loading private key" << std::endl;
return 1;
}
// Decompress the compressed private key
unsigned char* base64Enc = NULL; // Your compressed private key here
ret = Base64_decode(base64Enc, NULL);
if (ret != 0) {
std::cerr << "Error extracting private key" << std::endl;
EC_KEY_free(pKey);
return 1;
}
int len= strlen((char*)base64Enc); // Get the length of the base string
unsigned char* uncompressedBase64 = new unsigned char[len];
ret = Base64_decode(uncompressedBase64, NULL, len);
if (ret != 0) {
std::cerr << "Error extracting private key" << std::endl;
delete[] base64Enc; // Don't forget to free memory!
EC_KEY_free(pKey);
return 1;
}
// Convert uncompressed base string to public key
unsigned char* publicKey = NULL;
ret = ECDP_key_from_bytes(&publicKey, uncompressedBase64, len);
if (ret != 0) {
std::cerr << "Error converting private key to public key" << std::endl;
delete[] base64Enc; // Don't forget to free memory!
EC_KEY_free(pKey);
return 1;
}
// Print the uncompressed public key
unsigned char* pubStr = new unsigned char[256]; // Allocate some space for the string
ret = ECDP_pub_key_to_str(publicKey, pubStr, 256);
if (ret != 0) {
std::cerr << "Error converting public key to string" << std::endl;
delete[] base64Enc; // Don't forget to free memory!
EC_KEY_free(pKey);
return 1;
}
// Free all allocated memory
delete[] base64Enc;
delete[] uncompressedBase64;
delete[] publicKey;
std::cout << "Uncompressed public key: " << pubStr << std::endl;
// Clear the private key (not necessary in this example)
EC_KEY_free(pKey);
return 0;
}
Remember that you will need to replace “base64Enc” with the actual compressed private key.
Example use case
This code snippet is just a demonstration of how to extract an uncompressed public key from a compressed private key using OpenSSL.