Re: [Perl-openssl-users] Problem with method: new_private_key of perl module: Crypt::OpenSSL::RSA

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Crypt::OpenSSL::RSA does not currently support DES3-encrypted keys.  There
is no reason in principle that it couldn't, but adding support will involve
figuring out how to deal with the passphrase.  Some applications will want
to use openssl's support for reading the passphrase directly from the
keyboard, but others will want to allow for passing it in as a perl
variable.

On Wed, Jul 28, 2010 at 8:53 AM, piet paaltjens <eco...@ya...> wrote:

> Hi,
>
>
> i try to use method: new_private_key to create a new rsa object. I do this
> by passing new_private_key a string (8192 bytes long) that comes from a
> keyfile that has been generated using: openssl genrsa -des3 -out <file>.pem
> 1024. The  string that is read succesfully from the keyfile looks like this:
>
>
> -----BEGIN RSA PRIVATE KEY-----
> Proc-Type: 4,ENCRYPTED
> DEK-Info: DES-EDE3-CBC,51B821DDF2B50ECC
>
> dGqykqNSJefyHiZ2B+sFfMXDKvP4qbZMh9BDRfuzwFKyLdYlB+JaEQXKOUu5j9tQ
> szpKI5eSjYg+1RytR/L8EI5US9cW3eh23xl+fcqC3zT8+xrCeUzfG1kvK0AwUHoj
> MFVHzmlL8GXMEQtb/O2sFBMLNSgF9ajw30I1ZK8OMpdwKe1NP3X0FY0RiQykrZqA
> O+EAW6F8NZ96imXCWb7ZLYiVlazgW3l5HUlFoeBseF0Doo6VOx/W3BvGkjiJnunu
>
> ....
>
> 6Q3n3+whixrLA5BdduT3U9Fg/2U/64rcAayieekxEgybCYY1aWONE6k94B8hlz1/
> ek2jYVDuIXmtGTpmDCqHJ56hF5e4AFI2ywfO5Bmk7bb7G85cp5xXXZKMlB6xpD06
> IKT1rJTHKzkL54ZnwOtya+KuOo+++4xzAKwwQUsy1Sktb6TkkEHKCQ==
> -----END RSA PRIVATE KEY-----
>
>
> However when I pass this string to method new_private_key it tells me:
> RSA.xs:178: OpenSSL error: unsupported encryption at test_openssl_crypt.plline 23.
>
>
> Does this mean I cannot use a DES3 encrypted keyfile in module:
> Crypt::OpenSSL::RSA? Or do I make a silly mistake?
>
>
> I work on CentOS 5.5 with perl 5.8.8 and openssl 0.9.8e and have installed
> the latest version of Crypt::OpenSSL::RSA from CPAN.
>
> The OpenSSL software installed supports the DES3 option.
>
>
> Any helpful reply is most appreciated.
>
>
> P.S. I've attached a rough test script.
>
>
> Piet
>
>