1

I generated a pkcs12 keystore in Java and wanted to inspect it with OpenSSL, but OpenSSL threw back an error. After a bit of head scratching I realized that the KeyStore format in Java allows you to have different passwords on the store itself and the pkcs8 encrypted key inside, while OpenSSL seems to assume that both passwords have to be the same. I can easily inspect a pkcs12 file created in Java if both the file and key passwords are the same, but get an error when they differ:

Bag Attributes
    friendlyName: usercert
    localKeyID: 54 69 6D 65 20 31 35 38 38 30 32 32 30 31 38 30 37 31 
Error outputting keys and certificates
139815467680960:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:../crypto/evp/evp_enc.c:570:
139815467680960:error:23077074:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 cipherfinal error:../crypto/pkcs12/p12_decr.c:62:
139815467680960:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt error:../crypto/pkcs12/p12_decr.c:93:

Have I missed something or is it correct to say that the pkcs12 impementations differ slightly?

I'm looking for a way to be able to inspect pkcs12 files with OpenSSL where the two passwords differ. Any help would be appreciated.

Jamie Le Tual
  • 13
  • 2

1 Answers1

1

TLDR: yes, this is a difference. Note the Java KeyStore API allows different passwords, but the keytool commandline program rejects attempts to create a PKCS12 with the keypass different from the storepass, precisely because such files are not interoperable.

But if you really want, you can extract the information, mostly following https://stackoverflow.com/questions/51242721/openssl-debugging-how-to-dump-intermediate-asn-1-inside-openssl

$ ll se230* # this file created by Java with keypass different from storepass
-rw-r--r--. 1 [redacted] 1506 Apr 28 01:24 se230650.p12
$ openssl pkcs12 <se230650.p12 -passin pass:sekrit   # and gets your error
MAC verified OK
Bag Attributes
    friendlyName: mykey
    localKeyID: 54 69 6D 65 20 31 35 38 38 30 35 31 34 35 32 31 36 34
Error outputting keys and certificates
139841232930632:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:596:
139841232930632:error:23077074:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 cipherfinal error:p12_decr.c:104:
139841232930632:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt error:p12_decr.c:130:

First get the cert(s), which use the storepass so OpenSSL can handle them -- and verify the MAC:

$ openssl pkcs12 <se230650.p12 -passin pass:sekrit -nokeys
MAC verified OK
Bag Attributes
    friendlyName: mykey
    localKeyID: 54 69 6D 65 20 31 35 38 38 30 35 31 34 35 32 31 36 34
subject=/CN=dummy
issuer=/CN=dummy
-----BEGIN CERTIFICATE-----
MIIBjjCB+AIBezANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVkdW1teTAeFw0y
MDA0MjgwMTI0MTFaFw0yMTA0MjkwMTI0MTFaMBAxDjAMBgNVBAMTBWR1bW15MIGf
MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCzAzdcre9ENIictTSr87E/0B7G6AYi
BA9BrBCXh8TMHjbXdIDEJT0TvrRqO2pt1y2QCtoqUcW1sZTEmNIIdZzmQZvsfwy7
BB/ZOo7NqVj2MMBwYw50BU/L+ZDBQafTPs+AjvlvWRDMs/JkWQj/skR3vY6KJf51
FKbKuzHHQxuJzwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAC1IvPSY/2P2+AKlMm48
CmrZLYMqkHFRYCWhOJt2XcbVhHhNYOD3DVZOPIJuKBGqDyGJIQEPvsptvBlH7F+X
VEeRcAVVSCd9zG43WrPBakoxAKsq53lBVq0h2EYJtkcoh1cjJa1zVWJFd8+FF8x7
da047UEJC5TQX6jlkSt3kAmm
-----END CERTIFICATE-----

Now look at the file:

$ openssl asn1parse -i -inform d <se230650.p12
    0:d=0  hl=4 l=1502 cons: SEQUENCE
    4:d=1  hl=2 l=   1 prim:  INTEGER           :03
    7:d=1  hl=4 l=1432 cons:  SEQUENCE
   11:d=2  hl=2 l=   9 prim:   OBJECT            :pkcs7-data
   22:d=2  hl=4 l=1417 cons:   cont [ 0 ]
   26:d=3  hl=4 l=1413 prim:    OCTET STRING      [HEX DUMP]:30820581[BIG snip]
 1443:d=1  hl=2 l=  61 cons:  SEQUENCE
 1445:d=2  hl=2 l=  33 cons:   SEQUENCE
 1447:d=3  hl=2 l=   9 cons:    SEQUENCE
 1449:d=4  hl=2 l=   5 prim:     OBJECT            :sha1
 1456:d=4  hl=2 l=   0 prim:     NULL
 1458:d=3  hl=2 l=  20 prim:    OCTET STRING      [HEX DUMP]:[snip]
 1480:d=2  hl=2 l=  20 prim:   OCTET STRING      [HEX DUMP]:[snip]
 1502:d=2  hl=2 l=   2 prim:   INTEGER           :0400

and find the authSafe:

$ openssl asn1parse -i -inform d <se230650.p12 -strparse 30
    0:d=0  hl=4 l=1409 cons: SEQUENCE
    4:d=1  hl=4 l= 798 cons:  SEQUENCE
    8:d=2  hl=2 l=   9 prim:   OBJECT            :pkcs7-data
   19:d=2  hl=4 l= 783 cons:   cont [ 0 ]
   23:d=3  hl=4 l= 779 prim:    OCTET STRING      [HEX DUMP]:30820307[BIG snip]
  806:d=1  hl=4 l= 603 cons:  SEQUENCE
  810:d=2  hl=2 l=   9 prim:   OBJECT            :pkcs7-encryptedData
  821:d=2  hl=4 l= 588 cons:   cont [ 0 ]
  825:d=3  hl=4 l= 584 cons:    SEQUENCE
  829:d=4  hl=2 l=   1 prim:     INTEGER           :00
  832:d=4  hl=4 l= 577 cons:     SEQUENCE
  836:d=5  hl=2 l=   9 prim:      OBJECT            :pkcs7-data
  847:d=5  hl=2 l=  40 cons:      SEQUENCE
  849:d=6  hl=2 l=  10 prim:       OBJECT            :pbeWithSHA1And40BitRC2-CBC
  861:d=6  hl=2 l=  26 cons:       SEQUENCE
  863:d=7  hl=2 l=  20 prim:        OCTET STRING      [HEX DUMP]:[snip]
  885:d=7  hl=2 l=   2 prim:        INTEGER           :0400
  889:d=5  hl=4 l= 520 prim:      cont [ 0 ]

and the first safebag, which contains the keybag:

$ openssl asn1parse -i -inform d <se230650.p12 -strparse 57
    0:d=0  hl=4 l= 775 cons: SEQUENCE
    4:d=1  hl=4 l= 771 cons:  SEQUENCE
    8:d=2  hl=2 l=  11 prim:   OBJECT            :pkcs8ShroudedKeyBag
   21:d=2  hl=4 l= 690 cons:   cont [ 0 ]
   25:d=3  hl=4 l= 686 cons:    SEQUENCE
   29:d=4  hl=2 l=  40 cons:     SEQUENCE
   31:d=5  hl=2 l=  10 prim:      OBJECT            :pbeWithSHA1And3-KeyTripleDES-CBC
   43:d=5  hl=2 l=  26 cons:      SEQUENCE
   45:d=6  hl=2 l=  20 prim:       OCTET STRING      [HEX DUMP]:EF7420960D29A9A2E69AE4FD35A6ACBE87F46BD0
   67:d=6  hl=2 l=   2 prim:       INTEGER           :0400
   71:d=4  hl=4 l= 640 prim:     OCTET STRING      [HEX DUMP]:[big snip]
  715:d=2  hl=2 l=  62 cons:   SET
  717:d=3  hl=2 l=  25 cons:    SEQUENCE
  719:d=4  hl=2 l=   9 prim:     OBJECT            :friendlyName
  730:d=4  hl=2 l=  12 cons:     SET
  732:d=5  hl=2 l=  10 prim:      BMPSTRING
  744:d=3  hl=2 l=  33 cons:    SEQUENCE
  746:d=4  hl=2 l=   9 prim:     OBJECT            :localKeyID
  757:d=4  hl=2 l=  20 cons:     SET
  759:d=5  hl=2 l=  18 prim:      OCTET STRING      :Time 1588051452164

and since it is a PKCS8-encrypted, as it should be, just copy it:

$ dd if=se230650.p12 of=se230650.key bs=1 skip=82 count=690
690+0 records in
690+0 records out
690 bytes (690 B) copied, 0.0020009 s, 345 kB/s
$ openssl pkcs8 -in se230650.key -inform d -passin pass:foobar   # note different pw
-----BEGIN PRIVATE KEY-----
MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBALMDN1yt70Q0iJy1
NKvzsT/QHsboBiIED0GsEJeHxMweNtd0gMQlPRO+tGo7am3XLZAK2ipRxbWxlMSY
0gh1nOZBm+x/DLsEH9k6js2pWPYwwHBjDnQFT8v5kMFBp9M+z4CO+W9ZEMyz8mRZ
CP+yRHe9jool/nUUpsq7McdDG4nPAgMBAAECgYBp+y17oT5WkwOOQ3m7k7sMnJqc
CCIZYW3m44evLqJEdl7hkAfsGF/goLcPbb3E6e//p20iQOdcepYpDpDKkVchunRX
NPM4BcdGy9Df/V+u1PpfY4ZQeGVYfQe4Aeg+8gMJKvKK3fhLqapqgPmR0KJPUKPo
DXYH3DoqwPM9sXSHAQJBAPqZrwpfIBIVz+VZ+r6IZebNeQuMaPdIXDYEPsBX9E5Q
0NzWaGyvUxku31NBwDLJD949Q68BKn4IX6sidWOqFGkCQQC23qcsML1NCudR4hZH
0kcZpOxgcYxiBaLXtfbhzG8ujiGCqPQGAz7ldw/Endjs0n+2BP+ezQMaxnzUiIUK
tgV3AkEA6x0rM7Dh1vXt8kGEViSEbpGSonoetPqHwQokkbMzfBKokrj6ihXIAhWO
438JwtwO7jROfy+53Tsf/uC6gEI/GQJBAJLGKFU+lWGVw84j8ZAZxTle9t39pRgz
v9z0zr+yrvYl292cL6f3yO6x3jUIIEkMNrboUiaqE7jU4PJQ1L+hEscCQC1IXh1X
1CL1ZGvyEqQCgk8ODxDpTAGIQRpi3zy3nO4hanaxiDgaEhAiwwqL2uJn4cjssQg8
q9TTgH0RrLGrZ50=
-----END PRIVATE KEY-----
$ # add -passout pass:value (or other option) if you want the output privkey encrypted

Here's a copy of my file if you want to test/compare for yourself:

$ openssl base64 <se230650.p12
MIIF3gIBAzCCBZgGCSqGSIb3DQEHAaCCBYkEggWFMIIFgTCCAx4GCSqGSIb3DQEH
AaCCAw8EggMLMIIDBzCCAwMGCyqGSIb3DQEMCgECoIICsjCCAq4wKAYKKoZIhvcN
AQwBAzAaBBTvdCCWDSmpouaa5P01pqy+h/Rr0AICBAAEggKANIjyFsrUNyha6efL
99Fx6/cQixa8Qmmio3s8JzhFP6q2fTHYi8XyRuItDK7XSIdEhtFTIK8OUWI7Keo0
M3TYB4XlkSrsyK0U5j75tyvDc3nohFxzFWJe6Rf4N7uG5LRZduS4K5UZoSPXfCkC
yJeKEzIBt4e3XgYjiEvNpkcroG2r6hdDO3N19cqhq6ZYy9L2f8uZc8NATJZswO6t
CeS1lsc2AH2ZWyKUFzCeDSxRuOxdzN0En9aty9kTENkm34LD1QfJSyjrs5Y0Byxj
ExLNl0dscmQFpA3SK5FL1wMvxJ64D2gA857kLyOk/m9VQp8LJ7I+oTaMQtlHRto/
Ku8Jy/6vatl+jS9+OR3UOG+H1VN8e0SVVuqA0cpU6hrsa5ap15vAEwRKrZIK4typ
7ZRFZ4jviGJp/wB8wlPySvL3UiXizNNATihDOJiUZxP4BVyAtBJgz6o6rtjTjcEU
dIpN1Q9OsD46X5LD6qD2psJEo3WyRwAHfc/BnBrGaezsX1RKLgfR32o7ef/5QOwB
0KMqnnvNBXE6PFdGQho0bf+Fn2pM1s0RPivdAVuqkaAgEKsjUWEqetnGwt2rBEuU
EQdUc8zEc4jylZZIANd6u8KXc7Fqraa8hV8jqRHceeji8l6w6YzQ82UhDccOTW3Q
6+yrMmmhyR4VW9/D9RBunlnpG9kK4XLttcu//ZnvHT8goT5HziSUrK5PWv/5xR04
bVLjEQbXNdsl5UCag5+VEruUJefWr9Y0ZC7CEyJixqtZr6O7tJfZ493Y6iC8Mo9C
7NPDi82oJA/A+pgnUVY2pj8jCF1QtEQJdHnX0bw11wrirER6Y0l9iFuwVQFxGHZ+
WvJLojE+MBkGCSqGSIb3DQEJFDEMHgoAbQB5AGsAZQB5MCEGCSqGSIb3DQEJFTEU
BBJUaW1lIDE1ODgwNTE0NTIxNjQwggJbBgkqhkiG9w0BBwagggJMMIICSAIBADCC
AkEGCSqGSIb3DQEHATAoBgoqhkiG9w0BDAEGMBoEFA6JgB8Yl8lWqq9q4lLFsju4
z/qiAgIEAICCAghCSOz2Ky7AUMiDzJKCLHEorDXhiSN+E6/mebeZbifFXp8NHpam
e3UwPIwqaDk7N3AwE7TVzvglht2jTEJvin4PGqewdoQ8g+WWjKG3ynsmoH1ejRuJ
MSqC9TVLfoUUFzvwmi1Ju0uP0+15JTx5hKVY0LANNsOuVO2Y5uOrMotKjE7PkXp/
CdXmG3sW3eJCmmVRq++RHfB1dL57QveHtze+UdArN71sFEkP+Rdl+rAyLePyleyP
5im7B6GwCShuk5/m5P4MdQDhv56rN8Y3tmNY8xjT4Ka7VPCBtilNd4rIHbIPvxa4
fKlTzNWd+ejK1eD4aO9fhntNhdCsTk8Iw2bdhvJ1v2WnS2az0c8atnSrvKxrZkbc
MccqQRNCtD8EHdUmmwP8pXK2oZKU8BnDFkxTWAKf+68v91tY8EHe5N6qxySgWBi5
kBnW41nDYxUhzFSCggUM04oYe5E+wq0QSVQ1jEvtjtBAbwQRkxTzOQX20ivWEGM0
RF4IWqVeXFQlTePGAZBoX0IW+0r7MlB23nmqufEZ+geAsSAypkVlT/1SeMmAHhje
GSSjO1ky3PGk5tE3c+qBNc1rGJv0Z4D07bWNevUhqGInQzrhiCXvRdvL/n9NjWWD
ja7DMXRyS08c1zkxAZy90PecUQI/B3f7yCubNiU0bFbEGDFZHRfcPjCfhsuCypy8
mguMMD0wITAJBgUrDgMCGgUABBQgDu58G+qclCVipEhL46upNrwnogQUdK25NXkz
gkVa/200kVt7Svcg1F8CAgQA
dave_thompson_085
  • 9,759
  • 1
  • 24
  • 28