Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20210928131128.GA31631@openwall.com>
Date: Tue, 28 Sep 2021 15:11:28 +0200
From: Solar Designer <solar@...nwall.com>
To: Ben Calegari <bencalegari@...il.com>
Cc: john-users@...ts.openwall.com
Subject: Re: Cracking CSR Private Key

On Sun, Sep 26, 2021 at 02:14:40PM +0200, Solar Designer wrote:
> On Wed, Sep 22, 2021 at 12:19:00AM -0400, Ben Calegari wrote:
> > I'm having trouble cracking a key I created in the following way:
> > 
> > openssl req -newkey rsa:2048 -keyout keynamehere.key -out csrnamehere.key
> > 
> > I don't see a corresponding xxx2john utility to convert this sort of key to
> > a hash that john can understand. Is it impossible or am I just missing
> > something?
> 
> The corresponding utility is pem2john.py.

This works for keys generated by OpenSSL up to 1.0.2* inclusive.
However, it turns out that we have a shortcoming preventing cracking of
keys generated by OpenSSL 1.1+.  We're tracking this issue here:

https://github.com/openwall/john/issues/4834

> Maybe we need to improve openssl2john.py so that it would redirect
> people to pem2john.py (at least) when its input looks like PEM.  Would
> that have helped you?

Jannik Vieten has just implemented this here:

https://github.com/openwall/john/pull/4835

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.