OpenSSL - OpenSSL "pkey" - Open Encrypted RSA Keys

OpenSSL "pkey" - Open Encrypted RSA Keys

Q

How to open an encrypted RSA key file using OpenSSL "pkey" command? I was told the key file is DES encrypted and I know the password.

✍: FYIcenter.com

A

If you are trying to open a password (encrypted) RSA key file using the "pkey" command, you will be prompted for the password as shown below:

C:\Users\fyicenter>\local\openssl\openssl

OpenSSL> pkey -in my_rsa_des.key -text -noout
Enter pass phrase for my_rsa_des.key: noidea
unable to load key
16376:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad 
   decrypt:.\crypto\evp\evp_enc.c:529:
16376:error:23077074:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 cipherfinal 
   error:.\crypto\pkcs12\p12_decr.c:108:
16376:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe 
   crypt error:.\crypto\pkcs12\p12_decr.c:139:
16376:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 
   lib:.\crypto\pem\pem_pkey.c:141:
error in pkey

OpenSSL> pkey -in my_rsa_des.key -text -noout
Enter pass phrase for my_rsa_des.key:
Private-Key: (1024 bit)
modulus:
    00:96:e9:4e:36:b9:bb:a6:86:53:65:cb:52:30:25:
    67:d2:45:65:c2:7b:04:a1:16:e3:41:fd:ea:86:3b:
    58:b7:a1:0c:e9:6a:aa:c1:8c:a3:53:68:6c:6b:c8:
    8d:cf:29:66:83:89:73:42:e9:8e:8b:23:4b:6a:85:
    5c:26:5a:39:87:60:85:b6:e7:17:db:83:cc:41:41:
...

Options used in this command are:

"-in my_rsa_des.key" - Read the RSA private key file.
"-text" - Print content of the key in text format.
"-noout" - Do not include the key in the output.
"noidea" - The incorrect password of the key file. You get errors.
"fyicenter" - The correct password of the key file.

⇒ OpenSSL "pkey -aes*" - Re-Encrypt RSA Keys

⇐ OpenSSL "genpkey -des" - DES Encrypt RSA Keys

⇑ OpenSSL "genpkey" Command for RSA Keys

⇑⇑ OpenSSL Tutorials

2017-12-26, 1291👍, 0💬

OpenSSL "genpkey -pkeyopt rsa_keygen_pubexp:2" Runs Forever
What will happen if I use 2 as the public exponent to generate an RSA private key? OpenSSL will run forever, if you use 2 as the public exponent to generate an RSA private key, because OpenSSL can no find any private exponent to meet the RSA requirements. See the test below: C:\Users\fyicenter&g... 2017-09-08, 1018👍, 0💬

OpenSSL "genpkey" Command for DSA Keys
Where to find tutorials on using OpenSSL "genpkey" and "pkey" commands for DSA private keys? Here is a collection of tutorials on using OpenSSL "genpkey" and "pkey" commands compiled by FYIcenter.com team to generate and manage DSA (Digital Signature Algorithm) private keys OpenSSL "genpkey -genpara... 2017-09-12, 767👍, 0💬

OpenSSL "pkey -aes*" - Re-Encrypt RSA Keys
How to re-encrypt an RSA key file using OpenSSL "pkey" command? I want to change the encryption password, and maybe change the encryption algorithm. If you want to encrypt an existing RSA key file again, you can use the "pkey -aes*" command as shown below: C:\Users\fyicenter>\loc al\openssl\op... 2017-09-12, 761👍, 0💬

OpenSSL "genpkey -des" - DES Encrypt RSA Keys
How to generate a new RSA key pair and encrypt the output with a DES password using OpenSSL "genpkey" command? If you want to secure your new RSA private key with a DES encryption, you can use the OpenSSL "genpkey -des" command as shown below: C:\Users\fyicenter>\loc al\openssl\opensslOpenSSL... 2017-12-31, 694👍, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.