12

I think my problem comes down to the fact something is wrong with the key but I cannot just decrypt it, for further investigation, with out parsing it. But I am not sure.

I am trying to use standard method:

openssl rsa -in ./id_rsa -out ./id_rsa.decrypted

I think I know the passphrase, because when I input a wrong one I get:

Enter pass phrase for ./id_rsa:
unable to load Private Key
140256774473360:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:544:
140256774473360:error:0906A065:PEM routines:PEM_do_header:bad decrypt:pem_lib.c:483

"bad decrypt" is pretty clear. Now, when I input my seemingly good passphrase I get back:

Enter pass phrase for ./id_rsa:
unable to load Private Key
139662870623888:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:153:
139662870623888:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object header:tasn_dec.c:1314:
139662870623888:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=RSA
139662870623888:error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib:rsa_ameth.c:115:
139662870623888:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:153:
139662870623888:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object header:tasn_dec.c:1314:
139662870623888:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=PKCS8_PRIV_KEY_INFO
139662870623888:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 lib:pem_pkey.c:132:

It also failed to load key, but now it failed on asn1 parser, nothing about passphrase.

Can I somehow get unencrypted version of key and use other tools to see what is wrong with?

I have seen some posts that something changed and possible causes for seemingly good keys fail to parse, but they all worked on unencrypted version. But they only method I have seen to dercypt key is the above one.

Bob Ortiz
  • 442
  • 4
  • 21
luk32
  • 233
  • 1
  • 3
  • 7
  • The name hints that the file may have been generated by `ssh-keygen`. Have you tried using `ssh-keygen` to decrypt it as well? `ssh-keygen -p -f keyfile` will change the passphrase on a keyfile (it will overwrite the file, so create a copy first). By specifying an empty passphrase as the new passphrase, it will decrypt the file. – kasperd Mar 24 '15 at 21:35
  • @kasperd Yes, it says bad passphrase. Every other tool says it's a badphrase, except openssl. But from the openssl behaviour I think it's good one, I haven't use they key for some time, but it's one of my "standard" passwords, so it would fit. Doesn't `ssh-keygen` use openssl under the hood? – luk32 Mar 24 '15 at 21:40
  • @dawud I tried it, but I think this tool assumes the input is already decoded, doesn't ask for passphrase and says "header too long" right away. I think it's the next step to see what is wrong with they key, *after* I get the decrypted version. – luk32 Mar 24 '15 at 21:43
  • The SSH protocol is not building upon SSL, they are two independent protocols. But OpenSSH certainly makes use of OpenSSL. And it looks like the keyfiles are similar if not identical. I was certainly able to generate a keyfile with `ssh-keygen` and decrypt it with `openssl`. But even though I tried corrupting such a file in various ways, I was unable to reproduce your symptoms. – kasperd Mar 24 '15 at 21:45
  • 1
    I could have asked for a copy of the file and the correct passphrase in order to reproduce the symptoms. But I could see some problems in that approach. So I am just guessing here, and I have no good way to test whether my guesses are going to work other than by asking you. – kasperd Mar 24 '15 at 21:47
  • @kasperd I wouldn't mind at all if the passphrase was something "stupid", the key is not imporant too much, passphrase is more. If you are interested enough we can go to chat and I can work with your ideas, if we figure it out. You can post the answer =). I think it would heck a lot easier, if I could get raw unencrypted version and use `asn1parse` but it doesn't seem possible =/ – luk32 Mar 24 '15 at 21:51
  • I don't have lots of ideas. The ideas I have in mind right now are: `1.` Try to remember which version of which OS you last used the key on and try to decrypt it with the exact same software. `2.` Start dissecting the openssl code in order to figure out what it is doing in the decryption and parsing steps. – kasperd Mar 24 '15 at 21:54
  • 1
    When testing your openssl decryption command on a deliberately corrupted file, I got the same error with both a correct and an invalid password. This lead me to doubt the possibility of this being a case of the encrypted file having been corrupted over time due to random bitflips. – kasperd Mar 24 '15 at 21:56
  • It may be useful to know which version of openssl you have been testing with. I have been testing with the latest version in Ubuntu 14.04. – kasperd Mar 24 '15 at 21:57

2 Answers2

10

I believe your private key was modified, as i was able to duplicate the same error message by changing a single character in a sample pass phrase protected key i just created.

You can reproduce this as follows -

  1. Create pass phrase protected private key
  2. Decrypt the private key to make sure it works.
  3. Change a single character inside the file containing the encrypted private key.
  4. Try to decrypt it now.
[testuser@whitehat .ssh]$ openssl rsa -in id_rsa -out id_rsa.decrypted
Enter pass phrase for id_rsa:
writing RSA key
[testuser@whitehat .ssh]$ ls -al id_rsa*
-rw-------. 1 testuser testuser 951 Mar 24 15:01 id_rsa
-rw-rw-r--. 1 testuser testuser 887 Mar 24 15:02 id_rsa.decrypted
-rw-r--r--. 1 testuser testuser 236 Mar 24 14:52 id_rsa.pub
[testuser@whitehat .ssh]$ vim id_rsa
[testuser@whitehat .ssh]$ openssl rsa -in id_rsa -out id_rsa.decrypted
Enter pass phrase for id_rsa:
unable to load Private Key
139900595279688:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:150:
139900595279688:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object header:tasn_dec.c:1306:
139900595279688:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=RSA
139900595279688:error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib:rsa_ameth.c:115:
139900595279688:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:150:
139900595279688:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object header:tasn_dec.c:1306:
139900595279688:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=PKCS8_PRIV_KEY_INFO
139900595279688:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 lib:pem_pkey.c:132:
[testuser@whitehat .ssh]$

OS and openssl version info

[testuser@whitehat /]$ lsb_release -a
LSB Version:    :core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch
Distributor ID: Scientific
Description:    Scientific Linux release 6.2 (Carbon)
Release:    6.2
Codename:   Carbon
[testuser@whitehat /]$ rpm -q openssl
openssl-1.0.1e-30.el6_6.5.x86_64
Daniel t.
  • 9,061
  • 1
  • 32
  • 36
1

I ended up here because I had the same problem, but mine was caused by the AWS ACM certificate export interface. (Private CA certificates can be exported with a passphrase)

Something about the particular passphrase I used... Not sure exactly what caused the issue, but it was likely the length, or symbols used.

The end result was I had a key with a different/shortened passphrase to what I expected.

Hope that helps someone...

comfytoday
  • 183
  • 1
  • 7