read-opensslkey - extract key material from a SSL private keyfile


read-opensslkey infile outfile


The program writes a complete PCP keyfile to "outfile" after having extracted the key material from "infile". The input can be any ascii-armored OpenSSL private key file. A public key can be derived from outfile, by deleting the decryption and protection lines.
The value 1 will be used for the hash modulus and generator and both values should be substituted with a valid hashkey subsequently.

The secret key must be stored unprotected, i.e. with an empty passphrase in order to extract the secret decryption value, because the program does not use any symmetric cipher. Use protect-secretkey to encrypt the secret key with PCP's protection mechanism and wipe all files containing unencrypted data from the filesystem reliably.

Additionally the two primes p and q are printed to stdout when a secret key is processed.


Written by Ralf Senderek.


All rights reserved. © 2003
This is free software. Use this software on your own risk or not at all. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.


pcp - the Pure Crypto Program (
protect-secretkey, read-sshkey, read-pgpkey, sechash, check-keys