> I'm having trouble duplicating the decryption in Crypto++. I suspect
> the problem is with the Key and IV dervied in EVP_KeyToBytes.
Found it... I was overwriting the existing IV with the IV produced in
EVP_KeyToBytes.
For those interested, the call of interest is in PEM_ASN1_write_bio
(from pem_lib.c:400):
if (!EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL))
goto err;
...
On Wed, Jul 16, 2014 at 1:42 AM, Jeffrey Walton <noloa...@gmail.com> wrote:
> I have an encrypted private key in PEM format created with `openssl
> genrsa -aes128 -out key.pem` (using a password of 'test' when
> prompted).
>
> According to http://www.openssl.org/docs/crypto/pem.html (under PEM
> ENCRYPTION FORMAT):
>
> The encryption key is determined using EVP_bytestokey(),
> using salt and an iteration count of 1. The IV used is the
> value of salt and *not* the IV returned by EVP_bytestokey().
>
> I'm having trouble duplicating the decryption in Crypto++. I suspect
> the problem is with the Key and IV dervied in EVP_KeyToBytes.
> (EVP_KeyToBytes was essentially copied/pasted. The only changes were
> the Crypto++ retro-fitting. So I suspect I'm not setting up Salt or
> Data correctly; or AES/CBC is not using MD5).
>
> To understand what's going on, I started examining what OpenSSL is
> doing in the source code. When I step `genrsa` under a debugger to see
> what is being passed to EVP_KeyToBytes, the breakpoint never fires.
>
> I can BP at `password_callback` (in apps.c), and I can BP at
> `PEM_write_bio_RSAPrivateKey` (in genrsa.c), but I don't see the call
> to EVP_KeyToBytes.
>
> Any ideas what I am doing wrong such that I can't break at EVP_KeyToBytes?
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
