1

I'm using openssl for a project and came across two options: -k passphrase and -K raw_key (hex). What's the difference between the two options? I've been attempting to port something from openssl to Python, and the openssl command I'm using for my basis uses -k [32-bytes_of_hex_data], which yields an entirely different key is I use the -p switch to see the key being used.

crypto_help123
  • 13
  • 2

1 Answers1

1

A quick look at either the enc man page or the enc wiki page tells you the answer:

-k password

The password to derive the key from. This is for compatibility with previous versions of OpenSSL. Superseded by the -pass argument.

-K key

The actual key to use: this must be represented as a string comprised only of hex digits. If only the key is specified, the IV must additionally specified using the -iv option. When both a key and a password are specified, the key given with the -K option will be used and the IV generated from the password will be taken. It does not make much sense to specify both key and password.

The key is the raw key used for encryption and should be combined with the -iv flag to specify the IV as well.

On the other hand, a password is used to derive the key and IV. How it does so can also be configured through various flags (see -iter, -pbkdf2, -salt). You should also read the Notes section of the man page for more details and recommendations.

The default digest used to generate the key is sha256 as of openssl 1.1.0 (see history section of the man page) but used to be md5.

Marc
  • 4,091
  • 1
  • 17
  • 23
  • So how does the raw key get computed from the passphrase? I'm trying to replicate the key generation portion of `openssl`. It looks like a SHA256 hash, so I assumed it was a hash of the passphrase + salt, but that doesn't seem to be the case. ā€“ crypto_help123 Sep 30 '20 at 15:31
  • Update: turns out the version of `openssl` I was using actually uses `md5` by default, but still manages to generate a 32 byte key. To implement it, I needed to follow this answer: https://security.stackexchange.com/questions/29106/openssl-recover-key-and-iv-by-passphrase ā€“ crypto_help123 Sep 30 '20 at 15:59
  • Iā€™m cringing reading that you want to make your own implementation of battle tested library. This is exactly how good crypto goes wrong (implementation pitfall). You can actually read source code of openssl to see how it is done. ā€“ nethero Sep 30 '20 at 21:08