Accessing Google’s Private Key
Some time ago, I gained access to Google’s webserver certificate’s private key…
![[0xC001]](https://miro.medium.com/v2/resize:fill:88:88/0*ahYZF0r0IJyOhIcj.jpeg){kind=small}
To prove this, I used the private key to sign the SHA-256 hash of a message:
Hash
1af3ebca01d642dc6f69a786710a79f76e79b8be46ce879049de77ae7c3c620f
Signature
MEYCIQDCKIiTYVoKVbWN67jx2WvO455Iks/B7KgfW0xVWaheKQIhANwHWLNGeAoQeYIIwhjvXJ23I1L+bzZRzEPpb/QdJfaz
The message is something similar to what @BenLaurie suggested at the mozilla.dev.security.policy mailing list, a message plus a random string/nonce. The reason this is done is that the only entities that can sign messages are the holders of the private key. By signing a specific message one shows that they can control what is signed, thus the certificate’s key, and according to the CA / Browser Forum (section 4.9.1.1.3) that key would require revocation.
The Signing
You can see the message to be signed by using the xxd command on the base64 encoded message :
xxd -l 64 <(base64 -d <<< cHJvb2Ygb2YgcHJpdmF0ZSBrZXkgY3RybDtub25jZS1aub2puDlP6jhTHgCx27YMFWKhQUVXFIDdxnFkjPGKKAMAF0EEVlO1Afskc+N/82BMOEvWUIaJNvyvAeniaqtA6oZGHG0sBXIioShZl0V94BZQ2u5/cF3rBoyEyZINfD6AgwWQ9A==)
The message itself is hashed using SHA–256:
And that hash is then signed using the key (openssl creates the hash itself, so you still have to pass in the full message rather than just the hash):
Verification:
Here are the steps to verify the signature from a Linux command line console:
1) Download cert:
wget -O 349531041.cer https://crt.sh/?d=349531041
2) Run the OpenSSL dgst command to show that the signature is valid
openssl dgst -sha256 -verify <pubkey> -signature <signature> <message>
Paste the following into a terminal, and the message that returns out will say that the signature is verified!
wget -O 349531041.cer https://crt.sh/?d=349531041
openssl dgst -sha256 -verify <(openssl x509 -in 349531041.cer -pubkey -noout) -signature <(base64 -d <<< MEYCIQDCKIiTYVoKVbWN67jx2WvO455Iks/B7KgfW0xVWaheKQIhANwHWLNGeAoQeYIIwhjvXJ23I1L+bzZRzEPpb/QdJfaz) <(base64 -d <<< cHJvb2Ygb2YgcHJpdmF0ZSBrZXkgY3RybDtub25jZS1aub2puDlP6jhTHgCx27YMFWKhQUVXFIDdxnFkjPGKKAMAF0EEVlO1Afskc+N/82BMOEvWUIaJNvyvAeniaqtA6oZGHG0sBXIioShZl0V94BZQ2u5/cF3rBoyEyZINfD6AgwWQ9A==)
And there you have it, proof.
An update to this here:
https://medium.com/@ECCTLS/how-to-sign-with-googles-private-key-5b8e99abcdb3
![[0xC001]](https://miro.medium.com/v2/resize:fill:144:144/0*ahYZF0r0IJyOhIcj.jpeg)