Python-Crypto

Add support for "AES-256-CBC" encrypted private RSA key

Bug #1328073 reported by Joern Heissler on 2014-06-09

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Python-Crypto	New	Undecided	Unassigned

Bug Description

Hi,
I created my private RSA key with openssl, it starts with:

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,339DF1FA512279796DA0E92CC5EA41F9

Can you please add support for AES-256 encryption?

elif algo==b("AES-256-CBC"):
    key = PBKDF1(passphrase, salt[0:8], 16, 1, Crypto.Hash.MD5)
    key += PBKDF1(key+passphrase, salt[0:8], 16, 1, Crypto.Hash.MD5)
    keyobj = AES.new(key, Crypto.Cipher.AES.MODE_CBC, salt)

Or, as the code looks quite similar, make it more generic to work with all (?) algorithms:
key = b('')
while len(key) < keysize:
key += PBKDF1(key+passphrase, salt[0:8], min(16, keysize - len(key)), 1, Crypto.Hash.MD5)
keyobj = cipher.new(key, cipher.MODE_CBC, salt)

Cheers!

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.