Discussion:
what is the difference between -passout option and PEM pass phrase?
ÑŠÔŽ
2002-11-18 07:23:20 UTC
Permalink
I want to generate a rsa encrypted private key file using openssl
commands,and then use the privkey file to retrieve the private key in
my c language program.
I tried the cmd:
1)openssl genrsa šCpassout stdin -out key.pem
and then input the -passout specific parm"12345",so got the key.pem
file.But the out file seems not a encrypted priv key file,I am puzzling
what is the usage of my input "12345"?
so I tried again:
2)openssl genrsa -des -out key2.pem
It prompted me to "Enter PEM pass phrase:",I gived "12345",and it
seems worked. Then I used the file key2.pem in my program as follows:

char * passin = "12345";
EVP_PKEY *pkey = NULL;
pkey=PEM_read_bio_PrivateKey(in,pkey,0,passin);//in is key2.pemfile bio

but it dosen't work at all, pkey is NULL in the end.
How can I get the right private key from my key2.pem?


best regards!
xue yuan



________________
USTC Alumni Email System, http://mail.ustc.edu, FREE Signup.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org
Nils Larsch
2002-11-18 11:52:33 UTC
Permalink
Post by ÑŠÔŽ
I want to generate a rsa encrypted private key file using openssl
commands,and then use the privkey file to retrieve the private key in
my c language program.
1)openssl genrsa šCpassout stdin -out key.pem
the '-des' option (or any other cipher is missing) => the output
is not encrypted.
Post by ÑŠÔŽ
and then input the -passout specific parm"12345",so got the key.pem
file.But the out file seems not a encrypted priv key file,I am puzzling
what is the usage of my input "12345"?
2)openssl genrsa -des -out key2.pem
It prompted me to "Enter PEM pass phrase:",I gived "12345",and it
char * passin = "12345";
EVP_PKEY *pkey = NULL;
pkey=PEM_read_bio_PrivateKey(in,pkey,0,passin);//in is key2.pemfile bio
but it dosen't work at all, pkey is NULL in the end.
What error message do you get ?

Regards,
Nils
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org
周光华
2002-11-18 12:22:30 UTC
Permalink
char passin[] = "12345";

----- Original Message -----
From: "ѦԴ" <xueyuan-***@public.gmane.org>
To: <openssl-users-MCmKBN63+***@public.gmane.org>
Sent: Monday, November 18, 2002 3:23 PM
Subject: what is the difference between -passout option and PEM pass phrase?
Post by ÑŠÔŽ
I want to generate a rsa encrypted private key file using openssl
commands,and then use the privkey file to retrieve the private key in
my c language program.
1)openssl genrsa �Cpassout stdin -out key.pem
and then input the -passout specific parm"12345",so got the key.pem
file.But the out file seems not a encrypted priv key file,I am puzzling
what is the usage of my input "12345"?
2)openssl genrsa -des -out key2.pem
It prompted me to "Enter PEM pass phrase:",I gived "12345",and it
char * passin = "12345";
EVP_PKEY *pkey = NULL;
pkey=PEM_read_bio_PrivateKey(in,pkey,0,passin);//in is key2.pemfile bio
but it dosen't work at all, pkey is NULL in the end.
How can I get the right private key from my key2.pem?
best regards!
xue yuan
________________
USTC Alumni Email System, http://mail.ustc.edu, FREE Signup.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org
xue yuan
2002-11-19 05:05:00 UTC
Permalink
I have got the reason.
It is because that I haven't call SSLeay_add_all_algorithms(),so the cipher
can't run well.
thanks all!
Post by ÑŠÔŽ
I want to generate a rsa encrypted private key file using openssl
commands,and then use the privkey file to retrieve the private key in
my c language program.
1)openssl genrsa šCpassout stdin -out key.pem
and then input the -passout specific parm"12345",so got the key.pem
file.But the out file seems not a encrypted priv key file,I am puzzling
what is the usage of my input "12345"?
2)openssl genrsa -des -out key2.pem
It prompted me to "Enter PEM pass phrase:",I gived "12345",and it
char * passin = "12345";
EVP_PKEY *pkey = NULL;
pkey=PEM_read_bio_PrivateKey(in,pkey,0,passin);//in is key2.pemfile
bio
Post by ÑŠÔŽ
but it dosen't work at all, pkey is NULL in the end.
How can I get the right private key from my key2.pem?
best regards!
xue yuan
________________
USTC Alumni Email System, http://mail.ustc.edu, FREE Signup.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
________________
USTC Alumni Email System, http://mail.ustc.edu, FREE Signup.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org
Loading...