Export public key from TECCEncSign to PEM o DER

Carrillo_Gomez_Edwin · July 5, 2020, 5:46pm

Hello,

I need generate "GenerateSharedSecret", but sRemKey(PeerPublicKey) is not valid.
what is the correct format? I need interoperabilty with others systems. DER or PEM ???

Thank's

function TECGGateCipher.ECCTMSSharedKey( const sRemKey : AnsiString ):AnsiString;
var ecc : TECCEncSign;
begin
ecc := TECCEncSign.Create;
try
ecc.ECCType:= p256;
ecc.OutputFormat:= base64;
ecc.Unicode:= noUni;
ecc.GenerateKeys();
Result := ecc.GenerateSharedSecret( sRemKey );
finally
ecc.Free;
end;
end;

brunofierens · July 6, 2020, 9:43am

@Marion

Marion · July 6, 2020, 10:11am

Hello,
Do you have sample of PEM public key that I can use to test? The correct format is the same that is generated by ecc.GenerateKeys(), the raw public key in fact.
I can consider coding an import function from PEM format.

Carrillo_Gomez_Edwin · July 6, 2020, 4:29pm

Hi,
The error is : The poin has not the right format!

MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEjt/BDgEVvZ2y35bjGT+klOR47dVujS4bQmHWHvLScMZmoH5qHhGNl+L1zteJU+2or2saQyDySsnAdkqXI3kmng==

The remote system have chilkat software..

Your publick key is ok, but the remote key not.

other issue your components not run in windos service. the services no start. 1053.

Sorry for my english.

Thanks

Carrillo_Gomez_Edwin · July 7, 2020, 2:30am

I try to generate a remote key with openssl and pass it to "GenerateSharedSecret"
and this did not work..

..
openssl ecparam -name secp256k1 -genkey -noout -out key.pem
openssl ec -in key.pem -pubout -out public.pem

-----BEGIN PUBLIC KEY-----
MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEZrqbp0e/V2LkQ4XcuBkeBvZfWAIGOrr1
1HESZLtX2qeG9cQe1hJ1Cd42nKoMtnPFAwL/itJitBZZFXcf6a9uYQ==
-----END PUBLIC KEY-----

brunofierens · July 7, 2020, 10:13am

@Marion

Marion · July 7, 2020, 10:20am

Our curve is prime256v1 not secp256k1.

brunofierens · July 7, 2020, 10:22am

@Carrillo_Gomez_Edwin
These are not feature requests but technical support questions.
Please post technical support questions in the proper TMS Cryptography category.

Carrillo_Gomez_Edwin · July 7, 2020, 4:22pm

Sorry for the inconvenience.

but, the public key not work.

Result := ecc.GenerateSharedSecret( "PUBLIC KEY" );

PUBLIC KEY :

openssl ecparam -genkey -out key.pem -name prime256v1
openssl ec -in key.pem -pubout -out public.pem

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE+SbHqv3I79Be6cr6d+JBzwvSfNHn
OLU/Z3hInzeTInYzjPgskcHwpWJa79tcM8EBoczDZAXeH6hSwQOoX768pw==
-----END PUBLIC KEY-----

your public keys look shorter:
BD7CFp6xMq96iqOMmKFgC9QjbzNt58VIToK1EhSvzCEgD23XMjkodaJ5Or0uRyRdcEXwbiASfVRPOmAfAuCjaCA=

your public keys begin with "B" ever, but openssl with "M" ever.

Thanks for your time

brunofierens · July 7, 2020, 9:40pm

@Carrillo_Gomez_Edwin
These are not feature requests but technical support questions.
Please post technical support questions in the proper TMS Cryptography category.

Marion · July 8, 2020, 7:22am

As I said previously, our public key is the raw public key. If you use https://lapo.it/asn1js/ to decode the ASN.1 encoded public key, we use the BIT STRING sequence, beginning by 04 in hexadecimal.
I will code a function to extract the key from a PEM key format. I will keep you informed.