Accessing an ECDSA private key

[StefanHri]

Hi,

I am writing a small command-line tool for generating ECDSA keys which I want to use in a c application on a microcontroller. For that, I want to export the private and public keys and save them in a c header file. My code looks like that:

    let rng = rrand::SystemRandom::new();

    let pkcs8 =
        signature::EcdsaKeyPair::generate_pkcs8(&signature::ECDSA_P256_SHA256_FIXED_SIGNING, &rng)
            .unwrap();

    let key_pair = signature::EcdsaKeyPair::from_pkcs8(
        &signature::ECDSA_P256_SHA256_FIXED_SIGNING,
        pkcs8.as_ref(),
    )
    .unwrap();

    //accessing the public key
    println!();
    println!("pk: ");
    for b in key_pair.public_key().as_ref() {
        print!("{:02x}", *b);
    }

With this code, I can access the public key. But how can I access the private key?

Thank you! Stefan

[gbaranski]

I have the same problem, and also I'm developing it to deploy those keypairs to microcontrollers later ;D. From what I see, it's not possible with this library. Tried to use ed25519-dalek but it seems like it has really outdated documentation. Have you solved this problem with different library?

[briansmith]

My plan is to create a new "generate_" API that will generate a "Components" structure that contains the private key bytes and the public key bytes, alongside the generate_pkcs8. I already implemented that for RSA and I "just" need to do it for ECDSA and Ed25519.

In the interim, you could parse the private key out of the PKCS#8 document. I will also spend some effort getting the RSA code I wrote into the main branch so somebody could adapt it to work for ECDSA and Ed25519.

[DoumanAsh]

@StefanHri a bit late but you can find index of private key within PKCS#8 document in declaration of template: https://github.com/briansmith/ring/blob/main/src/ec/suite_b/ecdsa/signing.rs#L506

Private key size is determined by number of bits in curve so to extract it you just need to memcpy start from index up to size of private key