VASP Key Pair

Key Generation

VASP needs to generate an EC key pair of size 256 for personal information encryption and signature signing to ensure information integrity.

This short guide will help you to generate a key pair via the OpenSSL command-line tool, in order to provide the public key to Bridge.

Generate an EC private key, of size 256, and output it to a file named key.pem:

$ openssl ecparam -name secp256k1 -genkey -out key.pem

Extract the public key from the key pair, which can be used in the encryption:

$ openssl ec -in key.pem -pubout -out public.pem

If you want to convert private key from PEM to hexadecimal format:

$ openssl ec -in key.pem -text -out hexPrvKey.txt

After running these two commands you will generate two files: key.pem and public.pem in your working directory. The public.pem represents the public key of the EC key pair and the key.pem is the private key of the EC key pair.

Please provide us with the public.pem and keep the key.pem on a system that you consider to be secure to make certain that it is not exposed in any way.

VASP Private Key

  1. To decrypt the personal information sent from originator VASP.
  2. To sign a message when sending or replying to a permission request.

VASP Public Key

  1. For originator VASPs to encrypt the personal information. Only the assigned beneficiary VASP can decrypt the information.
  2. All member VASP's Public Keys will be shared on the API Bridge/VASP.