EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Unable to load an AES encrypted private key

Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.
#12377
Posted: 02/10/2010 13:35:27
by Matt Wixson (Standard support level)
Joined: 01/23/2007
Posts: 13

I am receiving a return code of 7428 (The message was encrypted using unknown cipher) from SBX509.TElX509Certificate's LoadKeyFromBufferPEM method when attempting to load an encrypted key. I am providing the correct buffer and password to the method.

The key was created using OpenSSL (genrsa -aes192) originally, so I would expect this to be a standard algorithm for RSA key encryption.

Please advise. How can I load this encrypted key in SBB for crypto?

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-192-CBC,D728A7A9ADB4A86771946A76F0345FC0

rUdnFwaq6...more data here containing the encrypted key ....
-----END RSA PRIVATE KEY-----

I am using SBB 6.1

Thanks,
Matt
#12378
Posted: 02/10/2010 13:55:35
by Eugene Mayevski (EldoS Corp.)

AES is not supported for PEM format. Only DES and 3DES are.


Sincerely yours
Eugene Mayevski
#12394
Posted: 02/11/2010 08:57:21
by Matt Wixson (Standard support level)
Joined: 01/23/2007
Posts: 13

AES is deemed as the preferred encryption method by PCI and government agencies. Is AES private key encryption planned for a future release of SBB?

Thanks,
Matt
#12395
Posted: 02/11/2010 08:59:26
by Eugene Mayevski (EldoS Corp.)

Encrypted PEM is not a standard format, so there are no any standard requirements regarding the algorithm. Yes, we will add support for this encryption mode to the next version.


Sincerely yours
Eugene Mayevski

Reply

Statistics

Topic viewed 1370 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!