59

PEM_read_bio_PrivateKey() returns NULL if a private key is encrypted by DES EDE in ECB mode. The issue happens in EVP_DecryptFinal_ex():

4128:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:330:

If the same private key is encrypted by DES EDE in CBC mode, this function works OK.

I checked, this issue is reproducible on openssl 0.9.8r/y versions (without FIPS). If openssl is built with FIPS the issue doesn't happen.

What causes this behaviour?

Thanks!

mazhar islam
  • 5,561
  • 3
  • 20
  • 41
Alex
  • 2,361
  • 1
  • 20
  • 27
  • 1
    Welcome to crypto.SE. Your question is probably better suited to being asked on the [openssl-users](http://www.openssl.org/support/community.html) mailing list. – archie Jul 04 '13 at 01:24
  • 2
    have you made sure to [load the appropriate algorithms?](http://www.openssl.org/docs/crypto/OpenSSL_add_all_algorithms.html) – javex Jul 05 '13 at 22:45
  • Yes, I call OpenSSL_add_all_algorithms(). Also I checked that correct cipher is selected for reading a private key. Looks strange that it works with FIPS only. – Alex Jul 06 '13 at 10:43
  • 5
    For better help sooner, post your code as an [SSCCE](http://www.sscce.org) that demonstrates your problem. This allows users to copy/paste and reproduce your issue. – Duncan Jones Jul 15 '13 at 09:33
  • 1
    Why use ECB mode? Maybe it's returning null because ECB is insecure. – Jeff Jun 29 '14 at 02:08

1 Answers1

1

Looking at OpenSSL sources, this can happen only if padding in encrypted data is invalid. Does this happen with different keys, and can you provide a sample one? And, what tool is used to generate such keys (i.e. the same OpenSSL or not)? Probably, it omits padding/or writes zero padding instead of correct one.

Nickolay Olshevsky
  • 13,706
  • 1
  • 34
  • 48