1

When I run:

openssl genrsa -aes-256-gcm -out rootca.key 4096

Then I get the following output:

$ openssl genrsa -aes-256-gcm -out rootca.key 4096
Generating RSA private key, 8192 bit long modulus (2 primes)
..........................................................+++
..........................................................................+++
e is 65537 (0x010001)
Enter pass phrase for rootca.key:
Verifying - Enter pass phrase for rootca.key:

And when I run:

openssl req -sha512 -new -x509 -days 1000 -key rootca.key -out rootca.crt

I get the following error:

$ openssl req -sha512 -new -x509 -days 1000 -key rootca.key -out rootca.crt
Enter pass phrase for rootca.key:
unable to load Private Key
140287193601344:error:0906A065:PEM routines:PEM_do_header:bad decrypt:../crypto/pem/pem_lib.c:461:

For the above, I used OpenSSL 1.1.1f (provided by apt.
I even tried using the latest 3.0.0-alpha version of OpenSSL. But I get a different error when generating the private key first of all:

Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
4067E7A7827F0000:error:0300007A:digital envelope routines:evp_cipher_param_to_asn1_ex:cipher parameter error:crypto/evp/evp_lib.c:160:
4067E7A7827F0000:error:06800072:asn1 encoding routines:PKCS5_pbe2_set_iv:error setting cipher params:crypto/asn1/p5_pbev2.c:81:
4067E7A7827F0000:error:1188000D:PKCS12 routines:PKCS8_encrypt:ASN1 lib:crypto/pkcs12/p12_p8e.c:32:

How can I make this work?? Is AES-256-GCM not supported by OpenSSL? If so, is there an alternative to OpenSSL that can generate this type of key?

Btw, AES-256-CBC works perfectly. But, no luck with GCM.

Example person
  • 163
  • 9
  • If you use an encrypted RSA key you will need to enter the decryption key whenever you start your server. –  Jan 16 '21 at 20:53
  • @MechMK1?? What? I am unable to understand. Where should I enter the decryption key? – Example person Jan 17 '21 at 05:22
  • If you use openssl to generate an RSA key with `-aes-256`, what openssl does is generate an RSA private key and encrypt this file with AES. If you then wish to create an x.509 certificate for the public key this private key belongs to, and use that certificate in a web server, then you will need to decrypt this private key on every start of the web server. That means the decrypted key will hang around in RAM anyways - giving you very little benefit over leaving the key decrypted. –  Jan 17 '21 at 13:39

1 Answers1

3

WRT, "I am unable to generate and use an aes-256-gcm key in openssl": Understand that openssl genrsa is used to generate an asymmetric RSA key pair. openssl genrsa is not used to generate a symmetric AES key.

The -aesxxx option that you are trying to use with the openssl genrsa command does not change the type of key that openssl genrsa generates. This option is simply used to encrypt the RSA private key that openssl genrsa generates (using a key derived from a password that it prompts you for).

As for why you are getting the error that you show in your question, it may be related to the fact that -aes-256-gcm does not seem to be a supported option for 'openssl genrsa` according to the documentation for openssl 1.1.1 at https://www.openssl.org/docs/man1.1.1/man1/openssl-genrsa.html. However, -aes256 is supported.

FWIW, An AES-256 key (regardless of which mode of AES is used, e.g. AES-256-CBC, AES-256-GCM, etc) is just 256 bits. It's easy to generate a random 256 bit AES key, without even using openssl. You can do:

head /dev/urandom | sha256sum
mentallurg
  • 8,536
  • 4
  • 26
  • 41
mti2935
  • 19,868
  • 2
  • 45
  • 64