Skip Menu |
 

This queue is for tickets about the Net-SSLeay CPAN distribution.

Report information
The Basics
Id: 115163
Status: rejected
Priority: 0/
Queue: Net-SSLeay

People
Owner: chrisn [...] cpan.org
Requestors: logioniz [...] yandex.ru
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



Subject: maybe bug when read encrypted private key
Date: Wed, 08 Jun 2016 17:22:12 +0500
To: bug-net-ssleay [...] rt.cpan.org
From: Алексей Ставров <logioniz [...] yandex.ru>
private key from examples (server_key.pem)
 
$ cat 11.pl
#!/usr/bin/perl
use Mojo::Base -strict;
 
use Net::SSLeay;
 
sub provide_password {
#    ($buf,$siz,$rwflag,$pwd)=@_;
    $_[0]="1234";
    return 4;
}
 
my $bio = Net::SSLeay::BIO_new_file('server_key.pem', 'r');
my $pk = Net::SSLeay::PEM_read_bio_PrivateKey($bio, \&provide_password);
if ($pk == 0) {
  warn 'Error';
} else {
  warn 'Success';
}
 
$ cat server_key.pem
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,932256E9ACCDC996
 
wav+t55gSrsCnvgeikRqcQKXuUeXEqEcL6zwNsTMIis6rpGuXkBYH5Ezntm6h/5h
2vZDu2vTOeq7QbNmTbKWbU6Rw0e7hlnWcPFhg3ssLNrh0XW3ynZ56gLCj/TRHj9V
4c7UnozeDTb+XYEAp+1Yj21Bpepectak6j4dZfhhJteEGWMDj9faNTbA08LX87Wn
JiNhlhIWl7ncS/13riwLqsemHcTFlNCaoANaVCUKEGoIFZmz1OoYJvBWLj7HnxDU
+Z/lvf3o1glE1EP3XcCACGhapfZcALlYhz1qGTA6ProZ/sIJGLAYAi8uobJlA1E0
SwGXNm4rtMocR7utO649/g92SFvGZmG715t2P8jBa4MqgV5H3oIIVJK1YiL6Zmk5
jZMPmTDctXD61dLnTFXa+m0vLJMZAMD8UkhtbuCMYzTy0dIHBaxTYNxggSbfbbKJ
6QijHZHn+iygyudCxYWXtZQ1uyBFzU4wpEGqugngf3T0W2TWpiM3PQjh+vymxKRZ
UVY5LGejMuz3HpgFcJ+Hs6DCJYAECUWWjSPhTXvTifNIZq5XdaeCveyLkMnCHQ7y
LW64XcZ9jWzI+FOqRmLMYcUoHh8eZyB6X6ITC3wy2g1ovc5KrD+OuC+HOyLvvb+8
avnSoc1+maBC7su7htE/EPP6X/zvNzLM4Ky4JvmNtFR5+CzD7xnwoS3jY97u6gMz
MHjb7t2pA7rFnVImwivvi/y3sEAL9P5N+mL+q82q9qsmcb58tlkAteUpcrOvlmRk
3kzlM0tz9/Rm4bYttEDBt67Fg4/hZbZ+m+5BMzVWWdtZIdHUIGJjew==
-----END RSA PRIVATE KEY-----
$ perl 11.pl
Error at 11.pl line 15.
$
 
How can i read private key which encrypted with password?
 
--
С уважением, Ставров Алексей.
 
Subject: Re: [rt.cpan.org #115163] maybe bug when read encrypted private key
Date: Thu, 9 Jun 2016 06:34:33 +0900
To: bug-Net-SSLeay [...] rt.cpan.org
From: Mike McCauley <mikem [...] airspayce.com>
Thanks for the report. I am travelling now and will investigate when I return in 3 weeks Cheers Sent from my iPhone Show quoted text
> On 8 Jun 2016, at 9:22 PM, Алексей Ставров via RT <bug-Net-SSLeay@rt.cpan.org> wrote: > > Wed Jun 08 08:22:28 2016: Request 115163 was acted upon. > Transaction: Ticket created by logioniz@yandex.ru > Queue: Net-SSLeay > Subject: maybe bug when read encrypted private key > Broken in: (no value) > Severity: (no value) > Owner: Nobody > Requestors: logioniz@yandex.ru > Status: new > Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=115163 > > > > private key from examples (server_key.pem) $ cat 11.pl#!/usr/bin/perluse > Mojo::Base -strict; use Net::SSLeay; sub provide_password {# > ($buf,$siz,$rwflag,$pwd)=@_; $_[0]="1234"; return 4;} my $bio = > Net::SSLeay::BIO_new_file('server_key.pem', 'r');my $pk = > Net::SSLeay::PEM_read_bio_PrivateKey($bio, \&provide_password);if ($pk == 0) { > warn 'Error';} else { warn 'Success';} $ cat server_key.pem-----BEGIN RSA > PRIVATE KEY-----Proc-Type: 4,ENCRYPTEDDEK-Info: DES-EDE3-CBC,932256E9ACCDC996 > wav+t55gSrsCnvgeikRqcQKXuUeXEqEcL6zwNsTMIis6rpGuXkBYH5Ezntm6h/5h2vZDu2vTOeq7QbNmTbKWbU6Rw0e7hlnWcPFhg3ssLNrh0XW3ynZ56gLCj/TRHj9V4c7UnozeDTb+XYEAp+1Yj21Bpepectak6j4dZfhhJteEGWMDj9faNTbA08LX87WnJiNhlhIWl7ncS/13riwLqsemHcTFlNCaoANaVCUKEGoIFZmz1OoYJvBWLj7HnxDU+Z/lvf3o1glE1EP3XcCACGhapfZcALlYhz1qGTA6ProZ/sIJGLAYAi8uobJlA1E0SwGXNm4rtMocR7utO649/g92SFvGZmG715t2P8jBa4MqgV5H3oIIVJK1YiL6Zmk5jZMPmTDctXD61dLnTFXa+m0vLJMZAMD8UkhtbuCMYzTy0dIHBaxTYNxggSbfbbKJ6QijHZHn+iygyudCxYWXtZQ1uyBFzU4wpEGqugngf3T0W2TWpiM3PQjh+vymxKRZUVY5LGejMuz3HpgFcJ+Hs6DCJYAECUWWjSPhTXvTifNIZq5XdaeCveyLkMnCHQ7yLW64XcZ9jWzI+FOqRmLMYcUoHh8eZyB6X6ITC3wy2g1ovc5KrD+OuC+HOyLvvb+8avnSoc1+maBC7su7htE/EPP6X/zvNzLM4Ky4JvmNtFR5+CzD7xnwoS3jY97u6gMzMHjb7t2pA7rFnVImwivvi/y3sEAL9P5N+mL+q82q9qsmcb58tlkAteUpcrOvlmRk3kzlM0tz9/Rm4bYttEDBt67Fg4/hZbZ+m+5BMzVWWdtZIdHUIGJjew==-----END > RSA PRIVATE KEY-----$ perl 11.plError at 11.pl line 15.$ How can i read private > key which encrypted with password? -- > С уважением, Ставров Алексей. >
Download (untitled) / with headers
text/plain 3.6k
On Wed Jun 08 13:22:28 2016, logioniz@yandex.ru wrote: Show quoted text
> private key from examples (server_key.pem) $ cat > 11.pl#!/usr/bin/perluse > Mojo::Base -strict; use Net::SSLeay; sub provide_password {# > ($buf,$siz,$rwflag,$pwd)=@_; $_[0]="1234"; return 4;} my $bio = > Net::SSLeay::BIO_new_file('server_key.pem', 'r');my $pk = > Net::SSLeay::PEM_read_bio_PrivateKey($bio, \&provide_password);if ($pk > == 0) { > warn 'Error';} else { warn 'Success';} $ cat server_key.pem-----BEGIN > RSA > PRIVATE KEY-----Proc-Type: 4,ENCRYPTEDDEK-Info: DES-EDE3- > CBC,932256E9ACCDC996 > wav+t55gSrsCnvgeikRqcQKXuUeXEqEcL6zwNsTMIis6rpGuXkBYH5Ezntm6h/5h2vZDu2vTOeq7QbNmTbKWbU6Rw0e7hlnWcPFhg3ssLNrh0XW3ynZ56gLCj/TRHj9V4c7UnozeDTb+XYEAp+1Yj21Bpepectak6j4dZfhhJteEGWMDj9faNTbA08LX87WnJiNhlhIWl7ncS/13riwLqsemHcTFlNCaoANaVCUKEGoIFZmz1OoYJvBWLj7HnxDU+Z/lvf3o1glE1EP3XcCACGhapfZcALlYhz1qGTA6ProZ/sIJGLAYAi8uobJlA1E0SwGXNm4rtMocR7utO649/g92SFvGZmG715t2P8jBa4MqgV5H3oIIVJK1YiL6Zmk5jZMPmTDctXD61dLnTFXa+m0vLJMZAMD8UkhtbuCMYzTy0dIHBaxTYNxggSbfbbKJ6QijHZHn+iygyudCxYWXtZQ1uyBFzU4wpEGqugngf3T0W2TWpiM3PQjh+vymxKRZUVY5LGejMuz3HpgFcJ+Hs6DCJYAECUWWjSPhTXvTifNIZq5XdaeCveyLkMnCHQ7yLW64XcZ9jWzI+FOqRmLMYcUoHh8eZyB6X6ITC3wy2g1ovc5KrD+OuC+HOyLvvb+8avnSoc1+maBC7su7htE/EPP6X/zvNzLM4Ky4JvmNtFR5+CzD7xnwoS3jY97u6gMzMHjb7t2pA7rFnVImwivvi/y3sEAL9P5N+mL+q82q9qsmcb58tlkAteUpcrOvlmRk3kzlM0tz9/Rm4bYttEDBt67Fg4/hZbZ+m+5BMzVWWdtZIdHUIGJjew==----- > END > RSA PRIVATE KEY-----$ perl 11.plError at 11.pl line 15.$ How can i > read private > key which encrypted with password? -- > С уважением, Ставров Алексей.
There are three problems here. The first is that you're not getting very useful feedback about where your code is failing - to do that, import die_now() and call it when one of the Net::SSLeay functions returns a false value (remembering to call load_error_strings() - and, for reasons I don't fully understand, randomize() - so that die_now() does in fact show the underlying error message string from OpenSSL): use Net::SSLeay qw(die_now); Net::SSLeay::randomize(); Net::SSLeay::load_error_strings(); [...] Net::SSLeay::BIO_new_file('server_key.pem', 'r') or die_now("BIO_new_file: $!"); Net::SSLeay::PEM_read_bio_PrivateKey($bio, \&provide_password) or die_now("PEM_read_bio_PrivateKey: $!"); Your code will now die with the message 24305: PEM_read_bio_PrivateKey: Invalid argument so the problem is with the call to Net::SSLeay::PEM_read_bio_PrivateKey(), and one or more of the arguments passed to it are "invalid". (The integer at "24305" is a red herring: that's the PID of your Perl process, not an OpenSSL error code.) Admittedly this isn't very helpful, but it's a starting point. The second problem is with the first argument to PEM_read_bio_PrivateKey(): you've loaded server_key.pem, but OpenSSL can't interpret it as an RSA key because it doesn't know about the RSA algorithm until you've initialised the library (see https://wiki.openssl.org/index.php/Library_Initialization): Net::SSLeay::randomize(); Net::SSLeay::load_error_strings(); Net::SSLeay::library_init(); Your code will die with the same message as before: 27035: PEM_read_bio_PrivateKey: Invalid argument so there's also a third problem, with the second argument to PEM_read_bio_PrivateKey(). The return value of the function should be the passphrase of the RSA key as a scalar, not the length of the passphrase: sub provide_password { return "1234"; } Now you get the result you're looking for: Success at examples/encrypted_key.pl line 22. See t/local/05_passwd_cb.t for a fully-worked example of decrypting an RSA private key using a password callback.


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.