On 10. 12. 2010 18:59, Dr. Stephen Henson wrote:
On Fri, Dec 10, 2010, Matej Kurpel wrote:
Hello,
I am developing an application where I need to decrypt a RSA private key
generated by OpenSSL (fyi, it's in C# .NET).
I am facing some trouble with the passphrase. I have chosen a 6-character
passphrase when generating the key but when I provide it to tie TripleDES
algorithm, it says the passphrase has invalid length. I know that it should
be 24-bytes long so I have padded it with zero bytes. Now it says it's a
known weak key and cannot be used.
My question is, how to get the 3DES key out of the passphrase? How does
OpenSSL do it?
Thanks in advance,
It is documented here:
http://www.openssl.org/docs/crypto/pem.html#PEM_ENCRYPTION_FORMAT
and here:
http://www.openssl.org/docs/crypto/EVP_BytesToKey.html
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
Thanks. I have couple more questions which arose when reading the pages:
1. what does D_i mean in EVP_BytesToKey?
2. is MD5 used as the hash algorithm when encrypting a private key in
OpenSSL?
3. my "data" is my choosen passphrase, right?
4. where did it get the salt? (and salt = IV if I understood correctly)
5. so what do I have to do when decrypting the key?
Sorry for bothering but it's really unclear to me from the documentation
pages.
M. Kurpel
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]