OpenSSL and Key Passphrases

Discussion in 'Ruby' started by Jamis Buck, Jul 28, 2004.

  1. Jamis Buck

    Jamis Buck Guest

    OpenSSL question:

    I know you can create new keys easily using Ruby's OpenSSL module:

    require 'openssl'

    key = OpenSSL::pKey::DSA.new( 1024 )

    However, is there a way to generate a new key that is protected by a
    passphrase? I've picked through the ossl source code and don't see an
    obvious answer to this question, so I figure it's either not possible,
    or the procedure for doing it is non-obvious.

    Thanks for any advice!

    - Jamis

    --
    Jamis Buck

    http://www.jamisbuck.org/jamis

    "I use octal until I get to 8, and then I switch to decimal."
     
    Jamis Buck, Jul 28, 2004
    #1
    1. Advertising

  2. Jamis Buck

    Jamis Buck Guest

    Jamis Buck wrote:
    > OpenSSL question:
    >
    > I know you can create new keys easily using Ruby's OpenSSL module:
    >
    > require 'openssl'
    >
    > key = OpenSSL::pKey::DSA.new( 1024 )
    >
    > However, is there a way to generate a new key that is protected by a
    > passphrase? I've picked through the ossl source code and don't see an
    > obvious answer to this question, so I figure it's either not possible,
    > or the procedure for doing it is non-obvious.
    >
    > Thanks for any advice!
    >
    > - Jamis
    >


    Duh. It always happens that way. I get desperate, ask the question, and
    then discover the answer:

    require 'openssl'

    key = OpenSSL::pKey::DSA.new( 1024 )
    puts key.export( OpenSSL::Cipher::DES.new, "howdy howdy" )

    *sigh* Sorry for the noise.

    --
    Jamis Buck

    http://www.jamisbuck.org/jamis

    "I use octal until I get to 8, and then I switch to decimal."
     
    Jamis Buck, Jul 28, 2004
    #2
    1. Advertising

  3. Jamis Buck

    Eric Hodel Guest

    --Rn7IEEq3VEzCw+ji
    Content-Type: text/plain; charset=us-ascii
    Content-Disposition: inline
    Content-Transfer-Encoding: quoted-printable

    Jamis Buck () wrote:

    > Jamis Buck wrote:
    > >OpenSSL question:
    > >
    > >I know you can create new keys easily using Ruby's OpenSSL module:
    > >
    > > require 'openssl'
    > >
    > > key =3D OpenSSL::pKey::DSA.new( 1024 )
    > >
    > >However, is there a way to generate a new key that is protected by a=20
    > >passphrase? I've picked through the ossl source code and don't see an=20
    > >obvious answer to this question, so I figure it's either not possible,=

    =20
    > >or the procedure for doing it is non-obvious.
    > >
    > >Thanks for any advice!
    > >
    > >- Jamis
    > >

    >=20
    > Duh. It always happens that way. I get desperate, ask the question, and=

    =20
    > then discover the answer:
    >=20
    > require 'openssl'
    >=20
    > key =3D OpenSSL::pKey::DSA.new( 1024 )
    > puts key.export( OpenSSL::Cipher::DES.new, "howdy howdy" )
    >=20
    > *sigh* Sorry for the noise.


    I've written an SSL certificate generator tool called QuickCert that
    handles a surprising amount of SSL-foo. (More than even I know it does,
    probably, since its a compilation of support scripts I found lying
    about.) I wrote it to help with DRb over SSL, but it is equally
    suitable for use anywhere an SSL certificate or key is needed. You can
    download it from:

    http://segment7.net/projects/ruby/QuickCert/

    --=20
    Eric Hodel - - http://segment7.net
    All messages signed with fingerprint:
    FEC2 57F1 D465 EB15 5D6E 7C11 332A 551C 796C 9F04


    --Rn7IEEq3VEzCw+ji
    Content-Type: application/pgp-signature
    Content-Disposition: inline

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.2 (FreeBSD)

    iD8DBQFBCILhMypVHHlsnwQRAkgPAKCRQXnqNpDQHxefnLoFscet89I3hgCglXYP
    E2p6Cld4ODta5hH7yCqAUbk=
    =9Fea
    -----END PGP SIGNATURE-----

    --Rn7IEEq3VEzCw+ji--
     
    Eric Hodel, Jul 29, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. John Bergstrom
    Replies:
    0
    Views:
    1,277
    John Bergstrom
    Aug 3, 2003
  2. Replies:
    4
    Views:
    5,896
    Thomas J. Gritzan
    Sep 22, 2006
  3. M P
    Replies:
    1
    Views:
    543
  4. Redd Vinylene
    Replies:
    6
    Views:
    335
    Jakub Pawlowicz
    Nov 18, 2008
  5. Markus Steinborn

    openssl compatible key and IV calculation

    Markus Steinborn, Aug 13, 2013, in forum: Perl Misc
    Replies:
    26
    Views:
    383
    Jim Gibson
    Aug 20, 2013
Loading...

Share This Page