如何在Pem证书中加密私钥？ [英] How is a private key encrypted in a pem certificate?

问题描述

作为尝试调试问题的一部分，我试图了解如何在 pem 证书中加密私钥，因为我想知道是否 curl 无法解密私钥。

As part of trying to debug an issue, I am trying to understand how a private key is encrypted in a pem certificate, because I am wondering whether curl does not manage to decrypt the private key.

我有一个 -----已加密的BEGIN我的 pem 中的私钥----- 部分。

I have a -----BEGIN ENCRYPTED PRIVATE KEY----- section in my pem.

是否已加密用密码短语？

Is it encrypted with the passphrase? Is there some other kind of encryption scheme involved?

更精确地

A同事建议，即使没有密码，也可以用 pem 加密私钥。这是对的吗？

A colleague suggests a private key could be encrypted in a pem even without a passphrase. Is this is correct?

推荐答案

私钥可以有两种不同的书写形式，但最常见的形式是PKCS＃8，已定义在 RFC 5208 中。

Private keys can have a couple of different forms of being written down, but the most common form is PKCS#8, defined in RFC 5208.

RFC定义了两种形式的结构。

The RFC defines two forms of structure.

PrivateKeyInfo ::= SEQUENCE {
  version                   Version,
  privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
  privateKey                PrivateKey,
  attributes           [0]  IMPLICIT Attributes OPTIONAL }

这种结构的版本号，以防万一，请参见如何识别用于读取privateKey的解析器，一些资料，希望您可以阅读，一些有关资料的数据，也许。

"The version number for this structure, in case it evolves", "how to identify what parser to use to read privateKey", "some stuff, hope you can read it", "some data about the stuff, maybe".

当PEM编码后，PrivateKeyInfo会获得标签 PRIVATE KEY，如 BEGIN PRIVATE KEY中所示。您没有其中之一。

When PEM encoded a PrivateKeyInfo gets the tag "PRIVATE KEY", as in "BEGIN PRIVATE KEY". You don't have one of these.

另一种形式是

EncryptedPrivateKeyInfo ::= SEQUENCE {
  encryptionAlgorithm  EncryptionAlgorithmIdentifier,
  encryptedData        EncryptedData }

我如何加密东西，加密东西。

"How I encrypted stuff", "the encrypted stuff".

EncryptedPrivateKeyInfo带有PEM标签加密的私钥，即您拥有的。

EncryptedPrivateKeyInfo comes with the PEM tag "ENCRYPTED PRIVATE KEY", which is what you have.

查看其中一个：

$ openssl asn1parse -i -dump < rsa.enc.p8
    0:d=0  hl=4 l= 710 cons: SEQUENCE
    4:d=1  hl=2 l=  64 cons:  SEQUENCE
    6:d=2  hl=2 l=   9 prim:   OBJECT            :PBES2
   17:d=2  hl=2 l=  51 cons:   SEQUENCE
   19:d=3  hl=2 l=  27 cons:    SEQUENCE
   21:d=4  hl=2 l=   9 prim:     OBJECT            :PBKDF2
   32:d=4  hl=2 l=  14 cons:     SEQUENCE
   34:d=5  hl=2 l=   8 prim:      OCTET STRING
      0000 - e9 37 68 99 cb 9c 4f 10-                          .7h...O.
   44:d=5  hl=2 l=   2 prim:      INTEGER           :0800
   48:d=3  hl=2 l=  20 cons:    SEQUENCE
   50:d=4  hl=2 l=   8 prim:     OBJECT            :des-ede3-cbc
   60:d=4  hl=2 l=   8 prim:     OCTET STRING
      0000 - 16 ad ce 41 47 e8 ba 85-                          ...AG...
   70:d=1  hl=4 l= 640 prim:  OCTET STRING
     <data_omitted />

数据是根据基于密码的加密方案2（ PBES2 ）。输入的密码/口令通过基于密码的密钥派生功能2（ PBKDF2 ）加盐（在加密时随机选择，但解密时必须相同） e9 37 68 99 cb 9c 4f 10 并使用2048的迭代计数（0x800）。该密钥用于CBC模式下的TripleDES加密，其IV（在加密时随机选择，但解密时必须相同）的 16 ad ce 41 47 e8 ba 85 。加密的内容为640字节，然后将被解析为PrivateKeyInfo结构。

The data was encrypted under Password-Based Encryption Scheme 2 (PBES2). The input password/passphrase is transformed into key material by Password-Based Key Derivation Function 2 (PBKDF2) with the salt (randomly chosen at encryption time, but must be the same to decrypt) e9 37 68 99 cb 9c 4f 10 and using an iteration count of 2048 (0x800). The key was used for TripleDES encryption in CBC mode with an IV (randomly chosen at encryption time, but must be the same to decrypt) of 16 ad ce 41 47 e8 ba 85. The encrypted content is 640 bytes, and will then be parsed as a PrivateKeyInfo structure.

除了PKCS＃8之外，传输私钥的唯一真正的选择是PKCS＃12。 / PFX，但该数据结构没有标准的PEM表示形式。最新版本的PKCS＃12允许以EnvelopedCMS / PKCS＃7的样式将数据加密为证书。

Aside from PKCS#8 the only real other choice for transmitting private keys is PKCS#12/PFX, but that data structure doesn't have a standard PEM representation. The newest version of PKCS#12 allows for encrypting the data to a certificate, in the style of EnvelopedCMS/PKCS#7.

因此，给出一些简洁的答案：

So, for some succinct answers:

• 加密的私钥格式已加密。
  
  
  
  
  • 使用密码短语对其进行加密的可能性为99.999％。
  
  
  • 但是可能有人向OpenSSL讲述了PBES2 KDF
  
  
  • The ENCRYPTED PRIVATE KEY form is encrypted.
    • It's 99.999% likely that it's encrypted with a passphrase.
    • But someone may have taught OpenSSL about a PBES2 KDF using something other than passphrases :).
    
    
    • RSA私钥格式也未加密，但这是PKCS＃1 RSAPrivateKey，而不是一个PKCS＃8 PrivateKeyInfo。
    
    
    • The RSA PRIVATE KEY form is also not encrypted, but that's a PKCS#1 RSAPrivateKey, not a PKCS#8 PrivateKeyInfo.

    这篇关于如何在Pem证书中加密私钥？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！