On Sun, Feb 29, 2004, Claus Nagel wrote: > hello, I hope someone can help me with the following problem: > I'm trying to generate a rsa key pair in perl using the Crypt::RSA module. > this works fine so far. I am converting the resulting private key into PEM > format and it is checked ok by 'openssl rsa -in private.pem -check'. > now i want this private key to be protected by a passphrase using for > example AES-128-CBC encrypting. but I am not sure, what exactly is done with the > passphrase. is it used to generate a 128 bit key for the Rijndael algorithm? if > so, how is the passphrase converted to that key? >
It is used along with a random salt to derive the key and IV. The algorithm used is unchanged since the SSLeay days. Check out the pem and EVP_bytestokey() manual pages. Other formats such as PKCS#8 are more standard and more secure though. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
