Problems decrypting PKCS# Private Key , Help needed

[Carlos Roberto Zainos H]

Hi all!!!

 

Thanks again for the answers.

 

The question that I now post refers to decrypt a private key PBE (PKCS#5). I've working with priv/pub keys gotten from openssl, but now my C applications needs to work with ones generated with another application (commercial software). I've been discovered (with openssl help) that private key is in "clear" PEM format (not encrypted) and PBE (PKCS#5 v2(?)) protected (form DER: privkey.key ). My problem is that I can't decrypt that key for use this in my C application. Follows my code:

 

 alg = PKCS5_pbe2_set (EVP_des_cbc(), -1, NULL, 0); /*pkcs5 v2.0 */
 err = EVP_PBE_CipherInit (alg->algorithm, password, strlen(password), alg->parameter, &ctx, decripta); /*descripta is defined as 0 */
decr_buf = (unsigned char *) malloc (longitud + EVP_CIPHER_CTX_block_size(&ctx) + 1);

 err = EVP_CipherUpdate (&ctx, decr_buf, &bytes_decr, privkey_pointer, length_privkey);

err = EVP_CipherFinal (&ctx, decr_buf+bytes_decr, &bytes_final);

if ( err == 0 )
 {
  printf("Ha ocurrido un error EVP_CipherFinal \n");
  while ( c_error = ERR_get_error() )
   fprintf(stderr, ERR_error_string(c_error, NULL));
  exit(1);
 }

 

So, err always is 0 in EVP_CipherFinal,  error code returns:

error:0606506D:digital envelope routines:EVP_DecryptFinal:wrong final block length

 

I thought that the problem could be the priv key, so I generate privkeys in PKCS#5 and PKCS#8 with:

openssl pkcs8 -inform DER -in privkey.key -topk8 -v1 PBE_MD5_DES -outform DER -out privkeyp5.key ; and

openssl pkcs8 -inform DER -in privkey.key -topk8  -outform DER -out privkeyp8.key

 

And test my application again with those keys but results are the same.

 

I don't know what is wrong ....... any suggestions or tips???

 

Best regards

 

Zainos

---

Do You Yahoo!?
Yahoo! Net: La mejor conexión a internet y 25MB extra a tu correo por $100 al mes.