How to decrypt PKCS8 DER encrypted private key using the password, in crypto++
I'm trying to sign a message using a private key that is encrypted, I of course have the password to it, so I'm trying to decrypt the key so I can the use it to sign.
I'm using C++ library crypto++
, this is the code I'm trying to use to read the key fro开发者_Go百科m file
string keyString;
FileSource fs(keyFileName.c_str(), true, new DefaultDecryptorWithMAC(passphrase, new StringSink(keyString)));
When doing this, it rises a CryptoPP::DefaultDecryptor::KeyBadErr
, I know that I have the correct password because I managed to decrypt the key using openssl with the following command line:
openssl pkcs8 -inform DER -passin pass:PASSPHRASE < emisor.key
This is my first post, I'm not sure if I'm following all the rules to ask the question, but any help or tip will be appreciated.
Regards,
heavy
PKCS #8 uses a specific encryption format that has nothing to do with Crypto++'s DefaultDecryptorWithMAC
. You can find the details in the specification here - http://www.rsa.com/rsalabs/node.asp?id=2130
Unfortunately Crypto++ does not currently support encrypted PKCS #8 keys natively. With the ASN.1 and crypto support in the library you can certainly implement it yourself, but it may be easier to simply decrypt the key using the openssl command line tool. Or you could use openssl in your program, or another library that supports encrypted PKCS #8 keys.
精彩评论