Re: Understanding: EncryptedPrivateKeyInfo

Dr. Stephen Henson Tue, 21 Sep 2010 17:21:01 -0700

On Tue, Sep 21, 2010, Stephan Mller wrote:

> Hello,
> 
> I try to understand the encryption of a private rsa key. It was generated
> with
> 
> > openssl genpkey -aes-256-cbc -algorithm rsa -out mykey.enc
>     -pkeyopt rsa_keygen_bits:2048
> 
> (pw: 'admin', file attached)
> 
> according to pkcs#8 the result is
> 
> EncryptedPrivateKeyInfo ::= SEQUENCE {
>     encryptionAlgorithm AlgorithmIdentifier {{KeyEncryptionAlgorithms}},
>     encryptedData EncryptedData
> }
> 
> parsing through 'encryptionAlgorithm' i got
> 
> > openssl asn1parse - in mykey.enc -strparse 4
> 0: d=0 hl=2 l=73 cons : SEQUENCE
> 2: d=1 hl=2 l=9 prim : OBJECT: PBES2
> 13: d=1 hl=2 l=60 cons : SEQUENCE
> 15: d=2 hl=2 l=27 cons : SEQUENCE
> 17: d=3 hl=2 l=9 prim :OBJECT: PBKDF2
> 28: d=3 hl=2 l=14 cons :SEQUENCE
> 30: d=4 hl=2 l=8 prim :OCTET STRING
>     [ HEX DUMP ]:7C4B1587B12A7705
> 40: d=4 hl=2 l=2 prim :INTEGER: 0800
> 44: d=2 hl=2 l= 29 cons :SEQUENCE
> 46: d=3 hl=2 l=9 prim :OBJECT :aes-256-cbc
> 57: d=3 hl=2 l=16 prim :OCTET STRING
>     [ HEX DUMP ]: 4850BA5F76BA9CD5574F0121D8C0C657.
> 
> as i understood the rare documenation, offset 30 is the salt for PBKDF2
> and offset 57 is the IV for aes.
> 
> as result of PKCS5_PBKDF2_HMAC_SHA1 fed with the salt from above,
> pw:'admin' and ic:2048 (offset 40 above) i got:
> 
> K  = dc55f54889fe64153fb1b181e89ec5c08a864ef5f777d6aa1d0be9ff82dd8b3a
> iv = 11be3aafd0768fd9fdbc7880936ad2c4
> 
> decryption with this key (and any of those ivs) fails.
> 
> How can i reproduce the data in offset 57? if its really an iv why is it
> written explicitly if it could be calculated a result of PBKDF2?
> 
> Does anyone have some hints?
>


The IV is generated randomly and included explicitly. It is done this way
because that's what the PKCS#5 PBES2 standards require. You only generate
keying material using PBKDF2.

If you set the option DEBUG_PKCS5V2 when you compile OpenSSL (or just
uncomment it from p5_crpt2.c in source it will print out the keying material
and parameters used.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Re: Understanding: EncryptedPrivateKeyInfo

Reply via email to