OpenSSL "pkey" - Open Encrypted DSA Keys

Q

How to open an encrypted DSA key file using OpenSSL "pkey" command? I was told the key file is DES encrypted and I know the password.

✍: FYIcenter.com

A

If you are trying to open a password (encrypted) DSA key file using the "pkey" command, you will be prompted for the password as shown below:

C:\Users\fyicenter>\local\openssl\openssl

OpenSSL> pkey -in my_dsa_des.key -text -noout
Enter pass phrase for my_dsa_des.key: noidea
unable to load key
18288:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad 
   decrypt:.\crypto\evp\evp_enc.c:529:
18288:error:23077074:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 cipherfinal 
   error:.\crypto\pkcs12\p12_decr.c:108:
18288:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt 
   error:.\crypto\pkcs12\p12_decr.c:139:
18288:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 lib:.\crypto\pem\
pem_pkey.c:141:
error in pkey

OpenSSL> pkey -in my_dsa_des.key -text -noout
Enter pass phrase for my_dsa_des.key: fyicenter
Private-Key: (1024 bit)
priv:
    00:92:3e:ff:46:be:39:9c:cb:92:1b:ac:a9:84:1a:
    b4:0b:86:80:0b:c7
pub:
    7d:a3:68:56:65:c3:54:06:00:69:a7:52:a5:68:2d:
    06:e1:d0:36:29:9b:0e:a3:aa:55:05:32:11:a2:13:
    77:6d:98:32:4b:64:71:c5:e0:c0:ad:97:0e:be:0c:
...

Options used in this command are:

  • "-in my_dsa_des.key" - Read the DSA private key file.
  • "-text" - Print content of the key in text format.
  • "-noout" - Do not include the key in the output.
  • "noidea" - The incorrect password of the key file. You get errors.
  • "fyicenter" - The correct password of the key file.

 

OpenSSL "genpkey" Command for DSA Keys

⇒⇒OpenSSL Tutorials

2017-10-08, 327👍, 0💬