It seems that both of the following commands (openssl from LibreSSL) produce private keys. Is there a difference between them? If not, why there are two ways to generate the private keys? Thanks.
openssl genrsa -out key.pem 1024
openssl genpkey -algorithm rsa -out privkey.pem -pkeyopt rsa_keygen_bits:1024
Both ways create RSA keys, albeit in different formats. genrsa outputs a RSA key in PKCS#1 format while genpkey outputs a more generic container which can manage different kinds of keys (like ECC). See Differences between “BEGIN RSA PRIVATE KEY” and “BEGIN PRIVATE KEY" for more on this.
Note that the documentation for genpkey explicitly states that this tool should be used in instead of the algorithm specific genrsa:
The use of the genpkey program is encouraged over the algorithm specific utilities because additional algorithm options and ENGINE provided algorithms can be used.
Related
I am using python for most of my programming. I am trying to sign the <ds:SignedInfo> portion of my XML document. However, I am having a lot of trouble doing so in python. I generated my public and private keys with the following commands in open SSL: (I believe this is an elliptic curve based key pair, please verify)
openssl genpkey -genparam -algorithm ec -pkeyopt ec_paramgen_curve:P-256 -out ECPARAM.pem
openssl req -newkey ec:ECPARAM.pem -keyout privateKeyEC.key -out mycsrEC.csr
I then got the mycsrEC.csr signed by a CA. I saved the certificate in a issued_cert.cer (but I think it was formatted as a PEM file; it has BEGIN CERTIFICATE, END CERITFICATE). Also, my private key has a password associated with it, and the file is stored as BEGIN ENCRYPTED PRIVATE KEY. I believe with this setup, I should be using the ecdsa-with-sha256 signing algorithm, but I am having trouble implementing this.
To be clear, my requirement is to sign the <ds:SignedInfo> element in my XML document, using the issued_cert.cer certificate and the privateKeyEC.key private key, and this should be with the ecdsa-with-sha256 digest.
1.) I would prefer a python solution, but I am okay with a java or c++ solution, in that order of preference.
2.) Do I have the required resources to perform this operation?
3.) How can I convert my certificate to a readable text file? It has some encoding which makes it unreadable?
4.) Any questions for additional context are encouraged
I'm having problems understanding the difference between files produced by openssl and how to detect them.
For example I'm trying to generate Self-signed cert with private key and generate JKS file from p12
format. I'm googling like a madman but I still don't know how to generate it correctly to be able to use following commands.
openssl pkcs12 -export -in user.pem -inkey user.key -certfile user.pem -out testkeystore.p12
keytool -importkeystore -srckeystore testkeystore.p12 -srcstoretype pkcs12 -destkeystore wso2carbon.jks -deststoretype JKS
Source: https://www.ibm.com/support/pages/how-generate-jks-keystore-existing-private-key
I found a couple of different commands to generate Self-signed cert and private key but I don't know how to map resulting files to the commands above and whats worse I don't understand what those commands do.
I mean I see what files they generate and understand that certificate and private key used to sign it ( or maybe the other way around :| ) but what is the difference between those commands and is cert.pem === certificate.crt - Those file extensions are driving me crazy.
openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout privateKey.key -out certificate.crt
openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem
This is yet another situation where I'm having similar issues with the openssl command. At this point I'm even ready to read some RFC ( I hope it won't come to this :) )
Thanks in advance for help
Those file names represent different parts of the key generation and verification process. Please note that the names are just convention, you could just as easily call the files pepperoni.pizza and the content will be the same, so do be conscious of how you use the filenames.
A brief primer on PKI - Keys come in two halves, a public key and a private key. The public key can be distributed publicly and widely, and you can use it to verify, but not replicate, information generated using the private key. The private key must be kept secret.
.key files are generally the private key, used by the server to encrypt and package data for verification by clients.
.pem files are generally the public key, used by the client to verify and decrypt data sent by servers. PEM files could also be encoded private keys, so check the content if you're not sure.
.p12 files have both halves of the key embedded, so that administrators can easily manage halves of keys.
.cert or .crt files are the signed certificates -- basically the "magic" that allows certain sites to be marked as trustworthy by a third party.
.csr is a certificate signing request, a challenge used by a trusted third party to verify the ownership of a keypair without having direct access to the private key (this is what allows end users, who have no direct knowledge of your website, confident that the certificate is valid). In the self-signed scenario you will use the certificate signing request with your own private key to verify your private key (thus self-signed). Depending on your specific application, this might not be needed. (needed for web servers or RPC servers, but not much else).
A JKS keystore is a native file format for Java to store and manage some or all of the components above, and keep a database of related capabilities that are allowed or rejected for each key.
The commands you list look fine to me, and I don't see a question beyond asking what the different files are for. If you need more information, please enrich your question.
.key is the private key. This is accessible the key owner and no one else.
.csr is the certificate request. This is a request for a certificate authority to sign the key. (The key itself is not included.)
.crt is the certificate produced by the certificate authority that verifies the authenticity of the key. (The key itself is not included.) This is given to other parties, e.g. HTTPS client.
.pem is a text-based container using base-64 encoding. It could be any of the above files.
-----BEGIN EXAMPLE-----
...
-----END EXAMPLE-----
.p12 is a PKCS12 file, which is a container format usually used to combine the private key and certificate.
There isn't only one extension. For example you may see certificates with either the .crt or a .pem extension.
Just to add more info: .der, another (binary) encoding (either public or private key, or csr)
I know there are many commands (openssl) to export pfx to pem BUT I need one thing different: I need to export the public key to a pem file and the private key to another file. Most of the commands and sites (some sites convert the pfx format to anyone I need) will only generate a single *.pem file.
Thanks.
Meta: this isn't a programming or development question, and will likely be closed as offtopic.
If you want the privatekey and the certificate (which contains the publickey but is not the publickey as such), this is a dupe of several questions in other Stacks where it is ontopic, including at least:
https://security.stackexchange.com/questions/3779/how-can-i-export-my-private-key-from-a-java-keytool-keystore/
https://serverfault.com/questions/715827/how-to-generate-key-and-crt-file-from-jks-file-for-httpd-apache-server
https://serverfault.com/questions/806141/is-the-alert-ssl3-read-bytessslv3-alert-bad-certificate-indicating-that-the-s (disclosure: my answer)
Alternatively since PEM files are structured text, you can parse the output of a single pkcs12 command by any number of text-handling programs such as awk:
openssl pkcs12 <p12 | awk '/-BEGIN ENC/,-END ENC/{print >"privkey"} \
/-BEGIN CERT/,/-END CERT/{if(!n)print >"cert"} /-END CERT/{n++}'
# for unencrypted privatekey add -nodes and select BEGIN/END PRIV
If you truly want the publickey, you can create it in algorithm-generic X.509 SubjectPublicKeyInfo form, from either the privatekey or the certificate:
# from the certificate
openssl x509 <certfile -noout -pubkey >pubkey
openssl pkcs12 <p12file -nokeys -clcerts | openssl x509 -noout -pubkey >pubkey
# from the privatekey
openssl pkey <privkey -pubout >pubkey
openssl pkcs12 <p12file -nocerts -nodes | openssl pkey -pubout >pubkey
This format is used by some OpenSSL functions (which calls it PUBKEY to distinguish from the several algorithm-specific PublicKey's), and low-level Java (which calls it X509EncodedKeySpec), and pretty much nothing else. Note systems using the bare public key are often insecure; that's exactly why most systems embed the publickey in a certificate.
If the key is RSA and you want the algorithm-specific (PKCS1 RSAPublicKey) format, in OpenSSL 1.1.0 (and presumably up) then use:
# from the SPKI publickey as above
openssl rsa <RSApub_spki [-inform DER] -pubin -RSAPublicKey_out [-outform DER] >RSApub_pkcs1
# from the privatekey
openssl rsa <RSAprivate [-inform DER] -RSAPublicKey_out [-outform DER] >RSApub_pkcs1
This is used rarely by a few OpenSSL functions and AFAIK nothing else; see caveat above.
Using openssl, I am trying to generate shared parameters with Diffie-Hellman with 2048 modulus.
I believe that I can do this like this: openssl dhparam -C 2048
But, I am trying to complete the whole algorithm and am following a tutorial here:
https://sandilands.info/sgordon/diffie-hellman-secret-key-exchange-with-openssl
This tutorial I believe uses the line: openssl genpkey -genparam -algorithm DH -out dhp.pem to generate the same thing but without using the 2048 modulus (i could be wrong here).
How do integrate my use of dhparam instead of genpkey into this tutorial so that I can choose the modulus of 2048, or how do I choose the modulus of genpkey or am I fundamentally misunderstanding something here?
genpkey is the general purpose key generation utility of openssl.
dhparam is dedicated to diffie-hellman.
Both can be used for the same purpose. In you context you would have to use either
openssl genpkey -genparam -algorithm DH -pkeyopt dh_paramgen_prime_len:2048
or
openssl dhparam 2048
How do I convert public key generated by OpenSSL into one NSS would understand? I've generated key with OpenSSL, exported it into pkcs12 format, imported it into NSS database and then extract public key with McCoy utility. And it was different to my great surprise. That is probably the matter of encoding but which one should I use?
Update: Looks like OpenSSL contain NSS key inside so the question is - how do I find out which part of OpenSSL key is also a NSS key?
openssl x509 -in mycert.pem -pubkey
does the job nicely