OpenSSL "pkey" - Open Encrypted DH Keys

Q

How to open an encrypted DH key file using OpenSSL "pkey" command? I was told the key file is DES encrypted and I know the password.

✍: FYIcenter.com

A

If you are trying to open a password (encrypted) DH key file using the "pkey" command, you will be prompted for the password as shown below: 

C:\Users\fyicenter>\local\openssl\openssl

OpenSSL> pkey -in my_dh_des.key -text -noout
unable to load key
15924:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad 
   decrypt:.\crypto\evp\evp_enc.c:529:
15924:error:23077074:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 cipherfinal 
   error:.\crypto\pkcs12\p12_decr.c:108:
15924:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe 
   crypt error:.\crypto\pkcs12\p12_decr.c:139:
15924:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 
   lib:.\crypto\pem\pem_pkey.c:141:
error in pkey

OpenSSL> pkey -in my_dh_des.key -text -noout
Enter pass phrase for my_dh_des.key:
DH Private-Key: (1024 bit)
    private-key:
        53:fb:7c:ed:bb:b7:d5:a0:4e:2e:c1:97:3a:01:2b:
        90:a0:8b:5f:59:2b:07:6f:33:88:9c:3a:a3:c5:14:
        72:67:67:cc:ec:0b:c7:eb:72:cc:6d:e2:84:1a:47:
        de:3e:b6:46:3c:46:28:da:82:8b:7a:da:3c:7d:34:
        cb:d5:3d:d9:0f:bd:89:cb:7a:4c:55:81:64:b5:3a:
        33:3e:a0:c3:08:84:f9:a5:c4:3e:35:fa:3f:e0:69:
        e4:3f:4c:5e:a9:5c:9d:d4:ed:33:86:97:c4:52:f9:
        88:f5:e2:41:8e:3b:7f:bf:d5:ed:d7:54:02:72:67:
        0b:52:fe:81:a7:3b:72:7f
    public-key:
        34:c2:41:7b:5c:50:95:2e:93:8b:55:48:76:8a:e7:
        fa:10:2e:5c:b4:38:8f:1f:7c:4b:45:16:06:14:ad:
        28:79:df:80:0e:44:24:82:66:e2:d1:4d:ec:ec:5b:
        b3:16:eb:e1:83:01:17:d1:85:e5:3c:ea:c6:4c:e3:
        33:45:b1:a6:7b:c0:13:eb:d2:eb:64:d2:c0:26:d7:
        0b:94:ef:79:66:b0:39:cc:16:f1:97:59:d5:b2:93:
        c5:7f:9b:99:e9:14:50:9a:2d:24:8f:96:c6:ac:ec:
        93:11:a1:e4:a6:60:26:5b:2b:1e:86:58:be:4d:be:
        46:4f:d0:56:b4:39:d6:f8
    prime:
        00:bc:e2:cd:16:1f:86:17:5c:d6:68:89:31:71:bc:
        f2:d2:82:09:d2:ce:48:81:bb:1b:61:6c:87:6e:de:
        73:8d:40:3f:ea:44:c6:24:fb:f3:53:ff:26:39:cb:
        9b:2f:39:36:2c:bd:3a:14:d9:0e:48:92:9c:0a:8d:
        89:63:be:0c:2f:f7:7a:52:0a:8c:77:f1:42:00:4c:
        31:df:b9:ec:c0:9d:b8:7f:4c:10:e5:44:40:a6:ff:
        76:b2:64:3c:57:82:05:28:49:94:cf:8a:ca:83:42:
        a4:b7:d5:d1:3b:bf:89:c6:ff:29:34:00:51:d8:90:
        03:47:1e:84:1b:53:36:6c:33
    generator: 2 (0x2)

Options used in this command are:

  • "-in my_dh_des.key" - Read the DH private key file.
  • "-text" - Print content of the key in text format.
  • "-noout" - Do not include the key in the output.
  • "noidea" - The incorrect password of the key file. You get errors.
  • "fyicenter" - The correct password of the key file.

 

OpenSSL "genpkey" Command for DH Keys

⇒⇒OpenSSL Tutorials

2017-08-21, 309👍, 0💬

Firefox General Google Chrome IE (Internet Explorer) Intermediate CA Java VM JDK Keytool Microsoft CertUtil Mozilla CertUtil OpenSSL Other Portecle Public Private Key Publishers Revoked Certificates Root CA Tools Tutorial What Is Windows