On Fri, Dec 19, 2008 at 05:34:27PM -0800, BiGNoRm6969 wrote:
> Terrible idea ? Can I know why ? If my private key stay private, why a
> SHA256 on it can creates a security hole ?
This is a bad key derivation protocol. It is vulnerable to replay
attacks, because the derived key is fixed. There are likely many more
problems. Security is about protocol design not algorithm selection. The
algorithms are pretty good, but most protocols are awful. Do NOT invent
your own protocol.
Instead, describe the problem you are really trying to solve (not your
flawed design) and perhaps a better design will be suggested.
> Victor Duchovni wrote:
> >
> > On Fri, Dec 19, 2008 at 07:30:51AM -0800, BiGNoRm6969 wrote:
> >
> >> I am doing a SHA256 on a RSA* private key. I used the result as a
> >> symmetric
> >> key for AES encryption.
> >
> > This is a terrible idea. Use PKCS7, S/MIME or CMS. Don't invent your
> > own security protocols or message formats.
> >
> >> ///////////////////////////////////////////////////////////////////////////////////////////
> >> int length = RSA_size(rsaPrivateKey);
> >>
> >
> > The "rsaPrivateKey" hers is an in memory data structure with various
> > pointers, ... it is not a fixed serialization of the key. For that you
> > need to "i2dRSAPrivateKey", but that would be a mistake too, see above.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
