I have an Ethereum private key which consists of 64 bytes. I need to use this key for asymmetric encryption using p256k1 elliptic curve (the signing algorithm used on Ethereum).
This is supported on KMS now in the process of importing my key, I came across the following section in the GCP KMS documentation.
It stipulates the key must be in PKCS#8 format. I have tried a couple of commands using openssl. like the following
openssl pkcs8 -topk8 -in ./private.pem -outform DER -out ./private.key
Here is my private.pem
format
-----BEGIN PRIVATE KEY-----
64_CHAR_PRIVATE_KEY_PASTED_HERE
-----END PRIVATE KEY-----
I understand this might not be the correct way to convert as errors happen when I run this command.
unable to load key
4456490668:error:0DFFF07B:asn1 encoding routines:CRYPTO_internal:header too long:/System/Volumes/Data/SWE/macOS/BuildRoots/b8ff8433dc/Library/Caches/com.apple.xbs/Sources/libressl/libressl-75/libressl-2.8/crypto/asn1/asn1_lib.c:152:
4456490668:error:0DFFF066:asn1 encoding routines:CRYPTO_internal:bad object header:/System/Volumes/Data/SWE/macOS/BuildRoots/b8ff8433dc/Library/Caches/com.apple.xbs/Sources/libressl/libressl-75/libressl-2.8/crypto/asn1/tasn_dec.c:1132:
4456490668:error:0DFFF03A:asn1 encoding routines:CRYPTO_internal:nested asn1 error:/System/Volumes/Data/SWE/macOS/BuildRoots/b8ff8433dc/Library/Caches/com.apple.xbs/Sources/libressl/libressl-75/libressl-2.8/crypto/asn1/tasn_dec.c:317:Type=PKCS8_PRIV_KEY_INFO
4456490668:error:09FFF00D:PEM routines:CRYPTO_internal:ASN1 lib:/System/Volumes/Data/SWE/macOS/BuildRoots/b8ff8433dc/Library/Caches/com.apple.xbs/Sources/libressl/libressl-75/libressl-2.8/crypto/pem/pem_pkey.c:143:
My goal remains to be able to import the key into KMS as securely as possible. Thank you in advance for your responses :D
So for anyone, who might deal with something similar. John Hanley pointed me to this link which describes the process of basically converting a Ethereum private key into a EC PEM or DER encoded key file.
A couple of strings need to be added (The linked answer does a good job at explaining it). I was able to then convert EC PEM to PKCS#8 DER format which is what I needed for importing the key to GCP KMS.