OpenSSL "pkey" - Open Encrypted RSA Keys

Q

How to open an encrypted RSA key file using OpenSSL "pkey" command? I was told the key file is DES encrypted and I know the password.

✍: FYIcenter.com

A

If you are trying to open a password (encrypted) RSA key file using the "pkey" command, you will be prompted for the password as shown below:

C:\Users\fyicenter>\local\openssl\openssl

OpenSSL> pkey -in my_rsa_des.key -text -noout
Enter pass phrase for my_rsa_des.key: noidea
unable to load key
16376:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad 
   decrypt:.\crypto\evp\evp_enc.c:529:
16376:error:23077074:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 cipherfinal 
   error:.\crypto\pkcs12\p12_decr.c:108:
16376:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe 
   crypt error:.\crypto\pkcs12\p12_decr.c:139:
16376:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 
   lib:.\crypto\pem\pem_pkey.c:141:
error in pkey

OpenSSL> pkey -in my_rsa_des.key -text -noout
Enter pass phrase for my_rsa_des.key:
Private-Key: (1024 bit)
modulus:
    00:96:e9:4e:36:b9:bb:a6:86:53:65:cb:52:30:25:
    67:d2:45:65:c2:7b:04:a1:16:e3:41:fd:ea:86:3b:
    58:b7:a1:0c:e9:6a:aa:c1:8c:a3:53:68:6c:6b:c8:
    8d:cf:29:66:83:89:73:42:e9:8e:8b:23:4b:6a:85:
    5c:26:5a:39:87:60:85:b6:e7:17:db:83:cc:41:41:
...

Options used in this command are:

  • "-in my_rsa_des.key" - Read the RSA private key file.
  • "-text" - Print content of the key in text format.
  • "-noout" - Do not include the key in the output.
  • "noidea" - The incorrect password of the key file. You get errors.
  • "fyicenter" - The correct password of the key file.

 

OpenSSL "pkey -aes*" - Re-Encrypt RSA Keys

OpenSSL "genpkey -des" - DES Encrypt RSA Keys

OpenSSL "genpkey" Command for RSA Keys

⇑⇑ OpenSSL Tutorials

2017-12-26, 2278👍, 0💬