RE: Error reading EC Private Key from PEM file
Made the fix and that seems to be the case, thanks! -John Larson -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson Sent: Tuesday, February 24, 2009 9:18 AM To: openssl-users@openssl.org Subject: Re: Error reading EC Private Key from PEM file On Tue, Feb 24, 2009, Larson, John wrote: > Hi again, > > I have printed out the human readable error output of the call to > PEM_read_PrivateKey and it is a s such: > > > > error:0906B072:lib(9):func(107):reason(114) > > > > >From looking through the EVP error codes function 107 is > PEM_GET_EVP_CIPHER_INFO and reason 114 is PEM_R_UNSUPPORTED_ENCRYPTION. > Now I created the private key using OpenSSL so it seems odd to me that > it would be considered unsupported. Some relevant info from the key > file is: > > This possibly: http://www.openssl.org/support/faq.html#PROG8 And this avoids having to look through the files for an error message: http://www.openssl.org/support/faq.html#PROG7 Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Error reading EC Private Key from PEM file
On Tue, Feb 24, 2009, Larson, John wrote: > Hi again, > > I have printed out the human readable error output of the call to > PEM_read_PrivateKey and it is a s such: > > > > error:0906B072:lib(9):func(107):reason(114) > > > > >From looking through the EVP error codes function 107 is > PEM_GET_EVP_CIPHER_INFO and reason 114 is PEM_R_UNSUPPORTED_ENCRYPTION. > Now I created the private key using OpenSSL so it seems odd to me that > it would be considered unsupported. Some relevant info from the key > file is: > > This possibly: http://www.openssl.org/support/faq.html#PROG8 And this avoids having to look through the files for an error message: http://www.openssl.org/support/faq.html#PROG7 Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Error reading EC Private Key from PEM file
first - do you use FIPS? if yes, 1) the you need to include in the very beginning // for use with privkey with password OpenSSL_add_all_algorithms(); PKCS5_PBE_add(); 2) convert the key before use: openSSL pkcs8 -in privkey_pass.pem -topk8 -v2 des3 -out cprivkey_pass.pem second - use the call back to set password Galina On Tue, Feb 24, 2009 at 10:48 AM, Larson, John wrote: > Hi again, > > > > I forgot to include a subject and I have some extra information on this as > well so thought I’d send more. > > > > I have printed out the human readable error output of the call to > PEM_read_PrivateKey and it is a s such: > > > > error:0906B072:lib(9):func(107):reason(114) > > > > From looking through the EVP error codes function 107 is > PEM_GET_EVP_CIPHER_INFO and reason 114 is PEM_R_UNSUPPORTED_ENCRYPTION. Now > I created the private key using OpenSSL so it seems odd to me that it would > be considered unsupported. Some relevant info from the key file is: > > > > Proc-Type: 4,ENCRYPTED > > DEK-Info: DES-EDE3-CBC,C1897FAC7F2375FD > > > > I have read that the cipher type is determined from the salt, i.e. C1897…, > and a few other variables such as iv (?) that I haven’t had much luck in > determining. > > > Any ideas why PEM_read_PrivateKey would still be returning NULL??? > > > > By the way I am using version 0.9.8g which I know is slightly outdated if > that makes a difference. > > > > -John Larson > -- > > *From:* owner-openssl-us...@openssl.org [mailto: > owner-openssl-us...@openssl.org] *On Behalf Of *Larson, John > *Sent:* Monday, February 23, 2009 5:17 PM > *To:* openssl-users@openssl.org > *Subject:* > > > > Hi all, > > > > I am working on some code that takes an existing EC Private Key stored in a > PEM file and uses it to create a digital signature. In my code the call I > make to read the private key continues to return a NULL pointer. I perform > the call as such: > > > > pkey = PEM_read_PrivateKey(keyFile, NULL, NULL, “password”); > > > > I have confirmed both that I am referencing the correct file and that the > pass phrase I use (“password” in this example) is correct. I confirmed the > password by executing on the command line: > > > > openssl ec -in signer_key.pem –passin pass:password > > > > Any ideas why my function call would still return NULL? > > > > John Larson > > *JIPM Systems Engineer, ViaSat Inc*. > > Work: (760) 930-3594 > > Cell: (510) 435-3277 > > >