Extracting an Uncompressed Public Key from a Compressed Private Key in OpenSSL
When working with cryptographic keys, especially those from the Elliptic Curve Cryptosystem (ECC) such as ECDSA, it is important to understand how to extract an uncompressed public key from a compressed private key. In this article, we will dive into this process and provide an example code snippet using the OpenSSL library.
Compressed Private Key Format
The compressed private key format used by ECC keys is based on the Curve25519 key structure, which consists of several fields:
ec_point: The elliptic curve point.
base_string: The base string containing the compressed public key (more on this later).
length: The length of the base string in bytes.
Compressed public key format
The uncompressed public key format is similar, but uses a different base string and has some differences:
ec_point: Still an elliptic curve point.
base_string: A base string containing the uncompressed public key (more on that later).
length: The length of the base string in bytes.
Extracting the uncompressed public key from the compressed private key
To extract the uncompressed public key, you must first decompress the compressed private key using OpenSSL’s ecdk library. This will give you a Base64 encoded string, which can be decoded to get the uncompressed public key.
Here is an example C++ code snippet:
#include
#include
#include
int main() {
// Load your private key from file or buffer
EC_KEY* pKey = NULL;
int ret = EC_KEY_new_by_curve_name(NID_secp256k1, NULL);
if (ret != 0) {
std::cerr << "Error loading private key" << std::endl;
return 1;
}
// Decompress compressed private key
unsigned char* base64Enc = NULL; // Your compressed private key here
ret = Base64_decode(base64Enc, NULL);
if (ret != 0) {
std::cerr << "Private key decompression error" << std::endl;
EC_KEY_free(pKey);
return 1;
}
int len = strlen((char*)base64Enc); // Get base string length
unsigned char* uncompressedBase64 = new unsigned char[len];
ret = Base64_decode(uncompressedBase64, NULL, len);
if (ret != 0) {
std::cerr << "Private key decompression error" << std::endl;
delete[] base64Enc; // Don't forget to free the memory!
EC_KEY_free(pKey);
return 1;
}
// Convert uncompressed base string to public key
unsigned char* publicKey = NULL;
ret = ECDP_key_from_bytes(&publicKey, uncompressedBase64, len);
if (ret != 0) {
std::cerr << "Error converting private key to public key" << std::endl;
delete[] base64Enc; // Don't forget to free memory!
EC_KEY_free(pKey);
return 1;
}
// Display uncompressed public key
unsigned char* pubStr = new unsigned char[256]; // Allocate some space for the string
ret = ECDP_pub_key_to_str(publicKey, pubStr, 256);
if (ret != 0) {
std::cerr << "Error converting public key to string" << std::endl;
delete[] base64Enc; // Don't forget to free memory!
EC_KEY_free(pKey);
return 1;
}
// Free all allocated memory
delete[] base64Enc;
delete[] uncompressedBase64;
delete[] publicKey;
std::cout << "Uncompressed public key: " << pubStr << std::endl;
// Clear private key (not necessary in this example)
EC_KEY_free(pKey);
return 0;
}
Remember, you need to replace base64Enc with your actual compressed private key.
Example use case
This code snippet is just a demonstration of how to extract the uncompressed public key from the compressed private key using OpenSSL.