Bitcoin Forum
December 14, 2017, 09:12:39 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Strongcoin.com expired certificate  (Read 1478 times)
Portnoy
Legendary
*
Offline Offline

Activity: 1988

My money; Our Bitcoin.


View Profile
October 17, 2012, 05:29:55 PM
 #1

Neither Firefox nor Chrome will let me go to the strongcoin.com site because they deem it to be insecure:

--------------------------------------------------
strongcoin.com uses an invalid security certificate.

The certificate expired on 12/10/2012 6:28 AM.
--------------------------------------------------

I am not too worried since I have a pdf backup. Just wondering what is going on.

~~

So what is the best way to decrypt the private keys in that pdf so I can import them into blockchain.info/wallet or MtGox? 

I think I read that it uses AES encryption. Is it reasonably safe to use some online form to decrypt them, or are there [trusted] programs to download to do that locally? 

Thanks
1513285959
Hero Member
*
Offline Offline

Posts: 1513285959

View Profile Personal Message (Offline)

Ignore
1513285959
Reply with quote  #2

1513285959
Report to moderator
1513285959
Hero Member
*
Offline Offline

Posts: 1513285959

View Profile Personal Message (Offline)

Ignore
1513285959
Reply with quote  #2

1513285959
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1513285959
Hero Member
*
Offline Offline

Posts: 1513285959

View Profile Personal Message (Offline)

Ignore
1513285959
Reply with quote  #2

1513285959
Report to moderator
1513285959
Hero Member
*
Offline Offline

Posts: 1513285959

View Profile Personal Message (Offline)

Ignore
1513285959
Reply with quote  #2

1513285959
Report to moderator
Richy_T
Legendary
*
Offline Offline

Activity: 1330


1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k


View Profile
October 17, 2012, 05:50:36 PM
 #2

Neither Firefox nor Chrome will let me go to the strongcoin.com site because they deem it to be insecure:

--------------------------------------------------
strongcoin.com uses an invalid security certificate.

The certificate expired on 12/10/2012 6:28 AM.
--------------------------------------------------

I am not too worried since I have a pdf backup. Just wondering what is going on.

~~

So what is the best way to decrypt the private keys in that pdf so I can import them into blockchain.info/wallet or MtGox? 

I think I read that it uses AES encryption. Is it reasonably safe to use some online form to decrypt them, or are there [trusted] programs to download to do that locally? 

Thanks


They just forgot to renew their certificate, I'm sure. Nothing too sinister. I'd just accept the certificate temporarily then log on and transfer all my bitcoins out since if they don't have a handle on their server certificates, that's signs of a lax attitude elsewhere.

1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k
Portnoy
Legendary
*
Offline Offline

Activity: 1988

My money; Our Bitcoin.


View Profile
October 17, 2012, 07:11:48 PM
 #3

Neither Firefox nor Chrome will let me go to the strongcoin.com site because they deem it to be insecure:

--------------------------------------------------
strongcoin.com uses an invalid security certificate.

The certificate expired on 12/10/2012 6:28 AM.
--------------------------------------------------

I am not too worried since I have a pdf backup. Just wondering what is going on.


They just forgot to renew their certificate, I'm sure. Nothing too sinister. I'd just accept the certificate temporarily then log on and transfer all my bitcoins out since if they don't have a handle on their server certificates, that's signs of a lax attitude elsewhere.

Those browsers don't seem to give me the option to accept the cert temporarily and continue on to the site... but I suppose I could do a bit of googling to find out how to do that.

But just as an exercise, or just for fun, lets pretend that site went away completely...  does anyone have the answer to my question? 

~~

So what is the best way to decrypt the private keys in that pdf so I can import them into blockchain.info/wallet or MtGox? 

I think I read that it uses AES encryption. Is it reasonably safe to use some online form to decrypt them, or are there [trusted] programs to download to do that locally? 

Thanks
Kris
Donator
Hero Member
*
Offline Offline

Activity: 645


View Profile
October 17, 2012, 07:13:54 PM
 #4

Neither Firefox nor Chrome will let me go to the strongcoin.com site because they deem it to be insecure:

--------------------------------------------------
strongcoin.com uses an invalid security certificate.

The certificate expired on 12/10/2012 6:28 AM.
--------------------------------------------------

I am not too worried since I have a pdf backup. Just wondering what is going on.


They just forgot to renew their certificate, I'm sure. Nothing too sinister. I'd just accept the certificate temporarily then log on and transfer all my bitcoins out since if they don't have a handle on their server certificates, that's signs of a lax attitude elsewhere.

Those browsers don't seem to give me the option to accept the cert temporarily and continue on to the site... but I suppose I could do a bit of googling to find out how to do that.

But just as an exercise, or just for fun, lets pretend that site went away completely...  does anyone have the answer to my question? 

~~

So what is the best way to decrypt the private keys in that pdf so I can import them into blockchain.info/wallet or MtGox? 

I think I read that it uses AES encryption. Is it reasonably safe to use some online form to decrypt them, or are there [trusted] programs to download to do that locally? 

Thanks

Oh snap, that's not good.

I might be able to help you out, if you would allow me to import them to WalletBit ?
Portnoy
Legendary
*
Offline Offline

Activity: 1988

My money; Our Bitcoin.


View Profile
October 17, 2012, 07:31:20 PM
 #5

Oh snap, that's not good.

I might be able to help you out, if you would allow me to import them to WalletBit ?

I don't need a place to keep those keys. 

I just thought a question about decrypting keys like that would be a simple one for the cryptographically minded types here on this forum. 

I expected a quick answer like:

"Sure, using an online decrypter should be safe enough."

or

"You can download a good decrypter here: somesite.com" 


Thanks for the offer anyway.
Kris
Donator
Hero Member
*
Offline Offline

Activity: 645


View Profile
October 17, 2012, 07:48:08 PM
 #6

Oh snap, that's not good.

I might be able to help you out, if you would allow me to import them to WalletBit ?

I don't need a place to keep those keys. 

I just thought a question about decrypting keys like that would be a simple one for the cryptographically minded types here on this forum. 

I expected a quick answer like:

"Sure, using an online decrypter should be safe enough."

or

"You can download a good decrypter here: somesite.com" 


Thanks for the offer anyway.

Anytime.
Richy_T
Legendary
*
Offline Offline

Activity: 1330


1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k


View Profile
October 17, 2012, 09:12:48 PM
 #7

This may help:

https://bitcointalk.org/index.php?topic=75430.msg837238#msg837238

Though it contains a link to the strongcoin which you can't see because they have an expired certificate. To save you some hassle, here is the meat: They have an online decrypter (which will be subject to the same certificate issues presumably) or you can use command-line tools:
Quote
Decrypting on the command line

We use the Gibberish AES Javascript library to generate our AES encryption. To get this to work on the command you need to cut and paste the private key data into a text file and preserve the line breaks.

You can then run the following command. (we have the key stored with line breaks in key.txt).

openssl enc -d -aes-256-cbc -in key.txt -a -k password

And you should get something like the results below.


Images missing, sorry.

openssh is available trivially for Linux or probably the easiest way for Windows is via Cygwin. Alternatively, you could maybe get a free shell account somewhere.

1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k
Portnoy
Legendary
*
Offline Offline

Activity: 1988

My money; Our Bitcoin.


View Profile
October 18, 2012, 12:18:07 AM
 #8

This may help:

https://bitcointalk.org/index.php?topic=75430.msg837238#msg837238

Though it contains a link to the strongcoin which you can't see because they have an expired certificate. To save you some hassle, here is the meat: They have an online decrypter (which will be subject to the same certificate issues presumably) or you can use command-line tools:
Quote
Decrypting on the command line

We use the Gibberish AES Javascript library to generate our AES encryption. To get this to work on the command you need to cut and paste the private key data into a text file and preserve the line breaks.

You can then run the following command. (we have the key stored with line breaks in key.txt).

openssl enc -d -aes-256-cbc -in key.txt -a -k password

And you should get something like the results below.


Images missing, sorry.

openssh is available trivially for Linux or probably the easiest way for Windows is via Cygwin. Alternatively, you could maybe get a free shell account somewhere.

I notice there seems to be a few online decrypters, but I might try what you present above just to try it out.  I have a few different distros of linux that I run under/within/along-side Windows with VirtualBox. 


Thanks
auberon
Newbie
*
Offline Offline

Activity: 10


View Profile
October 20, 2012, 07:05:45 AM
 #9

If you use Opera, you can still get to the StrongCoin site, and decrypt your keys.  HOWEVER - I have reason to believe they've been compromised, because I just recently installed MultiBit, and imported my key from StrongCoin and reset the block chain to "move" my coins over.  But when I tried to send coins from that address, the transaction didn't get picked up in a block chain after being seen by one peer, which makes me think it appears as a "double send."  I (fortunately) used a secondary wallet for what I had in StrongCoin, so I sent coins from my "primary" wallet to confirm it wasn't some other issue, and those went just fine.
Portnoy
Legendary
*
Offline Offline

Activity: 1988

My money; Our Bitcoin.


View Profile
October 20, 2012, 04:55:40 PM
 #10

I was able to decrypt using openssl on the command line, as Richy_T posted, perfectly. 

I booted up linux using virtualbox in Windows 7.   I typed "openssl" in a console and
saw that it was already installed; got the openssl> prompt.

I copied the encrypted key from the backup pdf I had in Windows and put it in a file called key.txt.
I put that in a folder shared between that virtualbox linux OS and Windows.

I typed out the command like in Richy_T's post:
openssl enc -d -aes-256-cbc -in key.txt -a -k password

Providing the proper path to my key.txt file and copy-pasting the password from
the password manager I have running in Windows 7.  I got the decrypted key and
then copy-pasted that back into the form at the blockchain.info webpage in firefox,
also running in Windows.  It worked!

It is so cool to be able to run multiple operating systems on the same computer
at the same time, and to be able to seamlessly share files, and copy-paste data,
between them.    Cool
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!