Re: PrivateKey Decrypt Failure
Thanks very much, that worked. On Wed, Sep 11, 2019 at 10:56 PM Wim Lewis wrote: > > > On Sep 11, 2019, at 3:31 AM, Chitrang Srivastava < > chitrang.srivast...@gmail.com> wrote: > > I am using openssl 1.1.1b and I am storing private key encrypted. > > > > I am storing private key as > > PEM_write_bio_PrivateKey(bio, pkey, EVP_aes_128_cbc(), PKeyPassPKCS12, > 0, 0, NULL); > > I don't think that PEM_write_bio_PrivateKey() will compute the key length > for you if you pass 0. If you pass klen=0 it will encrypt with a 0-byte > key. Try passing strlen(PKeyPassPKCS12) for klen and see if that helps. > > >
Re: PrivateKey Decrypt Failure
On Sep 11, 2019, at 3:31 AM, Chitrang Srivastava wrote: > I am using openssl 1.1.1b and I am storing private key encrypted. > > I am storing private key as > PEM_write_bio_PrivateKey(bio, pkey, EVP_aes_128_cbc(), PKeyPassPKCS12, 0, 0, > NULL); I don't think that PEM_write_bio_PrivateKey() will compute the key length for you if you pass 0. If you pass klen=0 it will encrypt with a 0-byte key. Try passing strlen(PKeyPassPKCS12) for klen and see if that helps.
PrivateKey Decrypt Failure
Hi,
I am using openssl 1.1.1b and I am storing private key encrypted.
I am storing private key as
*PEM_write_bio_PrivateKey*(bio, pkey, EVP_aes_128_cbc(), PKeyPassPKCS12, 0,
0, NULL);
and on system startup reading using the following way
if(!*PEM_read_bio_PrivateKey*(keyBIO, _s_key, NULL,
decryptSharedSecret))
Upon debugging I found it is failing in PKCS12_pbe_crypt >
*EVP_CipherFinal_ex*
Please suggest where I am doing wrong?
Could this be appear to related to padding ?
Without encryption of key , it works fine , which clear other code is all
fine.
Thanks,
*evp_enc.c:EVP_DecryptFinal_ex:569*
/*
* The following assumes that the ciphertext has been authenticated.
* Otherwise it provides a padding oracle.
*/
n = ctx->final[b - 1];
if (n == 0 || n > (int)b) {
*EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);*
return 0;
}
