On Wed, Apr 14, 2004, Carlos Roberto Zainos H wrote: > Hi !! > > I have some problems because I want a RSA private key in DER form but > des-cbc codified. The source key is in PEM encoded form (password protected) > and I need something similar but in DER encoded form (also password > protected key). I have been tried with: openssl rsa -in mykey.pem -outform > DER -out mykey.key, to get a DER encoded form key, and after this: openssl > enc -des-cbc -in mykey.key -out mydeskey.key -pass stdin -e; it looks like > all finishes ok, but when I take a look to the output file, it looks like a > little bit "strange" because it begins with "Salt_" > > Really I don't know what is happening ... for me will be wonderful if I will > do something like this from C routines. >
The "traditional" encryption used by OpenSSL is at the PEM level and cannot be applied to DER. An alternative is to use PKCS#8 format (see pkcs8 utility) which encrypts at the DER level. However you need to use the PKCS8 functions to encrypt and decrypt your key then. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
