Click here to Skip to main content
15,879,096 members
Please Sign up or sign in to vote.
2.33/5 (3 votes)
Hi All,

I am working on a small project based on PKI.
And i needed some information about extracting the PrivateKey from the Digital Signature.

Is there any way in which i can extract the PrivateKey information from the custom .p12/.pfx Certificate i have installed into the browser ?

Google suggested a few methods of using openssl to do this. But I am not sure as how how i have to use them.

I would like some suggestion as to how I can get the privateKey information from the Digital Signature using php/javascript.

I am looking for these information in the client machine. I am not talking about the information in the Server side.
Updated 22-Apr-11 19:38pm

1 solution

No way.

If you read about asymmetric encryption and think about it, you will understand, that if such method existed it would defeat the purpose if ciphering or digital signature.

All this is based on the idea of one-way function, see[^]. The algorithm representing a one-way function is believed or proven to have not backdoor ([^]).

Perhaps you need better understanding of public-key cryptography. Please read[^].
To understand digital signature, read[^].

Share this answer
ZeeroC00l 22-Apr-11 22:45pm    
Thanks for the Information. :)

I read those articles and now its clear that I can't extract privateKey, but is it possible to use the digital Signature directly to encrypt/decrypt a message ?? (i.e. Use the signature as a key in encrypting/decrypting the message)
Sergey Alexandrovich Kryukov 22-Apr-11 23:32pm    
Wait, wait! What do you mean "use digital signature to encrypt/decrypt"?
No. Perhaps you need to explain your ***ultimate*** goals.

I think you misunderstood the signature. The signature task is something in reverse to the problem of secret communication, but technology is the same. Look at the example of Alice and Bob in the article on public-key cryptography. One of them can decrypt with private key, but anyone can encrypt as the other key is public. Digital signature is kind of reversed situation: anyone can "decrypt" (read signed message, run signed application), but only the owner of the private key can "encrypt" (sign assembly, create another message impersonating the original author, an owner of the private key). In both cases, the same mathematics/algorithm works: generate pair of key: what is encrypted with one key is decrypted with its counterpart. The difference is only which one to open to the public. The communication in the opposite direction needs another pair of keys...

Sergey Alexandrovich Kryukov 23-Apr-11 1:19am    
I added one more reference -- on digital signature good to understand how it works.
See the last sentence and link in my updated answer.
ZeeroC00l 23-Apr-11 1:26am    
Thanks for the answer :) Now things are clear..
My goal was to encrypt a message using the key available in the Digital Signature.
And when you mention that extracting the privateKey would be a security violation, I thought it might be possible to use the Digital signature file itself directly to encrypt the message.
ZeeroC00l 23-Apr-11 1:27am    
Is there any other way in which i can encrypt a message using the information present in the Digital Signature ?

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900