On Tue, Jun 21, 2005, Nick G. wrote: > Hello, > I have a need to read an encrypted RSA Private Key generated using > openssl with a java program. I have included some background at the end > of this message, but my question is basically: how is the pass phrase > converted into the key part? I can get the IV from the DEK-Info line, > but I can't seem to figure out (by looking at the openssl source) how > the key portion of the decryption key is created from the password > entered by the user. Right now I am simply converting the pass phrase > into a bytes and using that as the key portion. I believe this is > incorrect, but I don't know what else to try. Also, I assume that the > key is _not_ encrypted with PBE (since it is not padded per pkcs5). Is > this assumption correct? Finally, once decrypted, will the key have the > same asn1 schema as a key written in the clear? > > Please excuse me if these questions are already answered in the > archives, as I was unable to locate any posts with this information > (probably poor choice of search terms!) Also, if the transformation of > the pass phrase into key is covered in some rfc I have yet to discover a > shove in the right direction would be appreciated! > > Background: > I have been able to generate/convert keys using openssl in the following > formats and successfully read them using a java program: > > pkcs8 - clear text > pkcs8 - des encrypted > rsa - clear text > > However, I'm using the key for Apache mod_ssl and the only formats it > seems to accept are: > > pkcs8 - clear text > rsa - clear text > rsa - des encrypted > > Since we want to protect the key using at least des encryption and I > can't seem to make Apache read the pkcs8 format keys when they are > encrypted (perhaps the httpd folks are using the wrong callback?), I > thought making java decrypt the RSA key would be the "simplest" solution. >
Any OpenSSL application should transparently handle PKCS#8 clear text or encrypted keys. But make sure you have the correct PEM headers. If you try: openssl rsa -in key.pem -noout -text and that can correctly decrypt the key you should have no problems with Apache unless it does something weird. The PKCS#8 formats OpenSSL uses are all standard and it can use a variety of password based encryption (PBE) algorithms included PKCS#5 v1.5, v2.0 and PKCS#12. The other 'traditional' format for OpenSSL private key encyption is non-standard and has remained unchanged since the SSLeay days. It *is* documented. See: http://www.openssl.org/docs/crypto/pem.html#PEM_ENCRYPTION_FORMAT and http://www.openssl.org/docs/crypto/EVP_BytesToKey.html#KEY_DERIVATION_ALGORITHM Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]