Details

    • Type: Bug Bug
    • Status: Open Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Affects Version/s: JRuby-OSSL 0.7.5, JRuby-OSSL 0.7.6
    • Fix Version/s: None
    • Component/s: OpenSSL
    • Labels:
      None
    • Environment:
      ubuntu rvm
    • Number of attachments :
      1

      Description

      file=File.open("encrypted_rsa_key")
      OpenSSL::PKey::RSA.new(file.read,"this would be my passphrase") => OpenSSL::PKey::RSAError: Neither PUB key nor PRIV key

      1. serverkey.pem
        1 kB
        John-Paul Sitarski

        Activity

        Hide
        Hiroshi Nakamura added a comment -

        Can you please upload the key you're using, or step-by-step way to generate it?

        Show
        Hiroshi Nakamura added a comment - Can you please upload the key you're using, or step-by-step way to generate it?
        Hide
        Hiroshi Nakamura added a comment -

        Removing Assignee while waiting for a response from original reporter.

        Show
        Hiroshi Nakamura added a comment - Removing Assignee while waiting for a response from original reporter.
        Hide
        John-Paul Sitarski added a comment -

        I am currently having the same issue.

        Offending line: OpenSSL::PKey::RSA.new(File.open("serverkey.pem").read, 'password')

        The key in encrypted PEM format with password of 'password':

        File.open("serverkey.pem").read
        => "----BEGIN ENCRYPTED PRIVATE KEY---\nMIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIaYgszaX31yECAggA\nMBQGCCqGSIb3DQMHBAij3LmXGCmB8wSCAoDcLnAeXiBugFmwXd3wrvznlKvwHkP2\n76lIrTiwDRZOLuaKHdBgNQDJ3NP+UPGdM7YEyNqdfdbN/3cLd0qfzeobuU+c/lGI\naE5pAwlWm5lK9boTsJnCqaDFEgJz2khZF+7RqYQVSG7MTM9SnIRNScLKjhTk7AaF\nPD2qSnMVtixw/VfwdzhUknuwP2monLY8Ip/l9abicmBp9HGQ+0WA/nKQLQ/egWG0\nS6rrXsH91exaxL7gcZL8jF+Ub7VDt4Hvx1RB/3r12k7AQGsK+TyIrKQFUllSnSq/\neFwBqpLSKWYyGJZlkJzW5MTHyeXqpTvav6T7e2mKZ4GG/a8THoWxLLrKeODFFoWn\nLQNOQZ2Axa15E0TdeSkaumsOWPJm5DgFxf/1cRNxhJqYdX68QjWXeNS2SXPZBwlx\nHCaAYo6OoCHZQ7O/3MpiT3rUAk30fbSa09VSvrenYi5s5lPieKFt3QZI44uGvi9j\nMXyN4fkjzzXasE0xZzf6bQLS6aM+ucyQ8CMv0oAgAndoeKu10Ha4KmdT5dZf3LHj\nBUXZDYp3Q5UF6ePyxKBdAqJf4PNKl4+VehYJ4eQ6CIQiSxSuWv9T+2b90PyDuRkz\nsB1XZpeDD6dhQuU9GjdwCTyatITcm97ZkbdZEoQiDpiWQB4parTvKLKbD4AbP/+E\n08btPFgXNocFUjLb5lB4Y/6RqaQxY7VoaFOPOfPpWPXF26X9Y5y3y+ymXdYFpkhp\nwGBGScH+dutQWHoRV1TWUjv9a7CuzUxCX2Hrjooz1BtOnG8CoPA7K43+kvire5jN\n529p6u+FtUZPUWLm5L5WHBUECEtJGw3ImjosX1HtoM/rW34XDmMHuN0u\n---END ENCRYPTED PRIVATE KEY----\n"

        Checking the key with openssl:

        openssl rsa -in server.key -check
        Enter pass phrase for server.key:password
        RSA key ok
        writing RSA key
        ----BEGIN RSA PRIVATE KEY----
        MIICXAIBAAKBgQDiLS2nkw7ggpwqS7sVSzxJpd78iMTk2KjpVJ3bxAFiwD3FJn5j
        GfY0domsMq01belvgSh+Fpyf6F2AXsWTn5at8JywemcRt0/nPJstzYnWs6O/YjBQ
        TiNX5Is0mAPbklVDpFWeGDsgt84+Md/cjGJTsbd7QYmDDfI/QiPnUlBmhwIDAQAB
        AoGBAN12VUzPPvLwkM8NZjtcdsS6aNQna3uU9he6ZfOpQZ4bFKC1p22MHzqRkw6M
        dHNrkvY+ppKHu4cMNHmc0qNQ0WzaebsvXEkXLwl4qZFd9mB3oUzzNM29AFlQ0b/i
        BT8e/egquur6ycOEUQKXo/vH3OY0VqztPmXQtr9S/ULcBMWZAkEA801Ceprgyy30
        1iMSQU5Hpl5hE4P2Ntlb0rHU+YFF+w0FNqAdQA0EL+ONYTtIsjNLRitFBM67PxKn
        WgutS2RGawJBAO37G7wRln9DUrVJUxG+tOgbcSzE0Zq7w2ylcQN83vxjUJ0Iwg0o
        2zSEeeUoYz8r0jpbCca+WckeWHcWE7deT1UCQGXnERX68nYG/IoHzGiP2dCjrPMY
        jTIx3ZSkqPgLnfzlWi6j5zxhd0R7gUadJviEJV3xV4oI8EIdlPxQ8bcm+5sCQBHI
        PqVJ5yXxQN/c78EWr+vcCRPgTQ0z1IFsx0oMbZkMTry9J8rV77M35ufRocDZpGbJ
        4KwiExFtHA0h8C02ddUCQHnUVXEG2QAJ46+LeIWoRPZAGR4b+BpgasDgP8paGHE6
        PPlrX0/KNeGmoGCjogHue4rUT7sr+UErckl2zv5KySQ=
        ----END RSA PRIVATE KEY----

        Using CRuby:

        1.9.2p318 :001 > require 'openssl'
        => true
        1.9.2p318 :002 > OpenSSL::PKey::RSA.new(
        1.9.2p318 :003 > File.open("serverkey.pem").read, 'password')
        => ----BEGIN RSA PRIVATE KEY----
        MIICXAIBAAKBgQDiLS2nkw7ggpwqS7sVSzxJpd78iMTk2KjpVJ3bxAFiwD3FJn5j
        GfY0domsMq01belvgSh+Fpyf6F2AXsWTn5at8JywemcRt0/nPJstzYnWs6O/YjBQ
        TiNX5Is0mAPbklVDpFWeGDsgt84+Md/cjGJTsbd7QYmDDfI/QiPnUlBmhwIDAQAB
        AoGBAN12VUzPPvLwkM8NZjtcdsS6aNQna3uU9he6ZfOpQZ4bFKC1p22MHzqRkw6M
        dHNrkvY+ppKHu4cMNHmc0qNQ0WzaebsvXEkXLwl4qZFd9mB3oUzzNM29AFlQ0b/i
        BT8e/egquur6ycOEUQKXo/vH3OY0VqztPmXQtr9S/ULcBMWZAkEA801Ceprgyy30
        1iMSQU5Hpl5hE4P2Ntlb0rHU+YFF+w0FNqAdQA0EL+ONYTtIsjNLRitFBM67PxKn
        WgutS2RGawJBAO37G7wRln9DUrVJUxG+tOgbcSzE0Zq7w2ylcQN83vxjUJ0Iwg0o
        2zSEeeUoYz8r0jpbCca+WckeWHcWE7deT1UCQGXnERX68nYG/IoHzGiP2dCjrPMY
        jTIx3ZSkqPgLnfzlWi6j5zxhd0R7gUadJviEJV3xV4oI8EIdlPxQ8bcm+5sCQBHI
        PqVJ5yXxQN/c78EWr+vcCRPgTQ0z1IFsx0oMbZkMTry9J8rV77M35ufRocDZpGbJ
        4KwiExFtHA0h8C02ddUCQHnUVXEG2QAJ46+LeIWoRPZAGR4b+BpgasDgP8paGHE6
        PPlrX0/KNeGmoGCjogHue4rUT7sr+UErckl2zv5KySQ=
        ----END RSA PRIVATE KEY----

        Show
        John-Paul Sitarski added a comment - I am currently having the same issue. Offending line: OpenSSL::PKey::RSA.new(File.open("serverkey.pem").read, 'password') The key in encrypted PEM format with password of 'password': File.open("serverkey.pem").read => "---- BEGIN ENCRYPTED PRIVATE KEY --- \nMIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIaYgszaX31yECAggA\nMBQGCCqGSIb3DQMHBAij3LmXGCmB8wSCAoDcLnAeXiBugFmwXd3wrvznlKvwHkP2\n76lIrTiwDRZOLuaKHdBgNQDJ3NP+UPGdM7YEyNqdfdbN/3cLd0qfzeobuU+c/lGI\naE5pAwlWm5lK9boTsJnCqaDFEgJz2khZF+7RqYQVSG7MTM9SnIRNScLKjhTk7AaF\nPD2qSnMVtixw/VfwdzhUknuwP2monLY8Ip/l9abicmBp9HGQ+0WA/nKQLQ/egWG0\nS6rrXsH91exaxL7gcZL8jF+Ub7VDt4Hvx1RB/3r12k7AQGsK+TyIrKQFUllSnSq/\neFwBqpLSKWYyGJZlkJzW5MTHyeXqpTvav6T7e2mKZ4GG/a8THoWxLLrKeODFFoWn\nLQNOQZ2Axa15E0TdeSkaumsOWPJm5DgFxf/1cRNxhJqYdX68QjWXeNS2SXPZBwlx\nHCaAYo6OoCHZQ7O/3MpiT3rUAk30fbSa09VSvrenYi5s5lPieKFt3QZI44uGvi9j\nMXyN4fkjzzXasE0xZzf6bQLS6aM+ucyQ8CMv0oAgAndoeKu10Ha4KmdT5dZf3LHj\nBUXZDYp3Q5UF6ePyxKBdAqJf4PNKl4+VehYJ4eQ6CIQiSxSuWv9T+2b90PyDuRkz\nsB1XZpeDD6dhQuU9GjdwCTyatITcm97ZkbdZEoQiDpiWQB4parTvKLKbD4AbP/+E\n08btPFgXNocFUjLb5lB4Y/6RqaQxY7VoaFOPOfPpWPXF26X9Y5y3y+ymXdYFpkhp\nwGBGScH+dutQWHoRV1TWUjv9a7CuzUxCX2Hrjooz1BtOnG8CoPA7K43+kvire5jN\n529p6u+FtUZPUWLm5L5WHBUECEtJGw3ImjosX1HtoM/rW34XDmMHuN0u\n --- END ENCRYPTED PRIVATE KEY ----\n" Checking the key with openssl: openssl rsa -in server.key -check Enter pass phrase for server.key:password RSA key ok writing RSA key ---- BEGIN RSA PRIVATE KEY ---- MIICXAIBAAKBgQDiLS2nkw7ggpwqS7sVSzxJpd78iMTk2KjpVJ3bxAFiwD3FJn5j GfY0domsMq01belvgSh+Fpyf6F2AXsWTn5at8JywemcRt0/nPJstzYnWs6O/YjBQ TiNX5Is0mAPbklVDpFWeGDsgt84+Md/cjGJTsbd7QYmDDfI/QiPnUlBmhwIDAQAB AoGBAN12VUzPPvLwkM8NZjtcdsS6aNQna3uU9he6ZfOpQZ4bFKC1p22MHzqRkw6M dHNrkvY+ppKHu4cMNHmc0qNQ0WzaebsvXEkXLwl4qZFd9mB3oUzzNM29AFlQ0b/i BT8e/egquur6ycOEUQKXo/vH3OY0VqztPmXQtr9S/ULcBMWZAkEA801Ceprgyy30 1iMSQU5Hpl5hE4P2Ntlb0rHU+YFF+w0FNqAdQA0EL+ONYTtIsjNLRitFBM67PxKn WgutS2RGawJBAO37G7wRln9DUrVJUxG+tOgbcSzE0Zq7w2ylcQN83vxjUJ0Iwg0o 2zSEeeUoYz8r0jpbCca+WckeWHcWE7deT1UCQGXnERX68nYG/IoHzGiP2dCjrPMY jTIx3ZSkqPgLnfzlWi6j5zxhd0R7gUadJviEJV3xV4oI8EIdlPxQ8bcm+5sCQBHI PqVJ5yXxQN/c78EWr+vcCRPgTQ0z1IFsx0oMbZkMTry9J8rV77M35ufRocDZpGbJ 4KwiExFtHA0h8C02ddUCQHnUVXEG2QAJ46+LeIWoRPZAGR4b+BpgasDgP8paGHE6 PPlrX0/KNeGmoGCjogHue4rUT7sr+UErckl2zv5KySQ= ---- END RSA PRIVATE KEY ---- Using CRuby: 1.9.2p318 :001 > require 'openssl' => true 1.9.2p318 :002 > OpenSSL::PKey::RSA.new( 1.9.2p318 :003 > File.open("serverkey.pem").read, 'password') => ---- BEGIN RSA PRIVATE KEY ---- MIICXAIBAAKBgQDiLS2nkw7ggpwqS7sVSzxJpd78iMTk2KjpVJ3bxAFiwD3FJn5j GfY0domsMq01belvgSh+Fpyf6F2AXsWTn5at8JywemcRt0/nPJstzYnWs6O/YjBQ TiNX5Is0mAPbklVDpFWeGDsgt84+Md/cjGJTsbd7QYmDDfI/QiPnUlBmhwIDAQAB AoGBAN12VUzPPvLwkM8NZjtcdsS6aNQna3uU9he6ZfOpQZ4bFKC1p22MHzqRkw6M dHNrkvY+ppKHu4cMNHmc0qNQ0WzaebsvXEkXLwl4qZFd9mB3oUzzNM29AFlQ0b/i BT8e/egquur6ycOEUQKXo/vH3OY0VqztPmXQtr9S/ULcBMWZAkEA801Ceprgyy30 1iMSQU5Hpl5hE4P2Ntlb0rHU+YFF+w0FNqAdQA0EL+ONYTtIsjNLRitFBM67PxKn WgutS2RGawJBAO37G7wRln9DUrVJUxG+tOgbcSzE0Zq7w2ylcQN83vxjUJ0Iwg0o 2zSEeeUoYz8r0jpbCca+WckeWHcWE7deT1UCQGXnERX68nYG/IoHzGiP2dCjrPMY jTIx3ZSkqPgLnfzlWi6j5zxhd0R7gUadJviEJV3xV4oI8EIdlPxQ8bcm+5sCQBHI PqVJ5yXxQN/c78EWr+vcCRPgTQ0z1IFsx0oMbZkMTry9J8rV77M35ufRocDZpGbJ 4KwiExFtHA0h8C02ddUCQHnUVXEG2QAJ46+LeIWoRPZAGR4b+BpgasDgP8paGHE6 PPlrX0/KNeGmoGCjogHue4rUT7sr+UErckl2zv5KySQ= ---- END RSA PRIVATE KEY ----
        Hide
        John-Paul Sitarski added a comment -

        A copy of the pem key that is not working with jruby openssl but is a good key.

        Show
        John-Paul Sitarski added a comment - A copy of the pem key that is not working with jruby openssl but is a good key.
        Hide
        John-Paul Sitarski added a comment -

        One thing I just tried. I decrypted the key and saved it to a file, then opened that and I can:
        OpenSSL::PKey::RSA.new(File.open("openserver.key").read)
        => ----BEGIN RSA PRIVATE KEY----
        MIICXAIBAAKBgQDiLS2nkw7ggpwqS7sVSzxJpd78iMTk2KjpVJ3bxAFiwD3FJn5j
        GfY0domsMq01belvgSh+Fpyf6F2AXsWTn5at8JywemcRt0/nPJstzYnWs6O/YjBQ
        TiNX5Is0mAPbklVDpFWeGDsgt84+Md/cjGJTsbd7QYmDDfI/QiPnUlBmhwIDAQAB
        AoGBAN12VUzPPvLwkM8NZjtcdsS6aNQna3uU9he6ZfOpQZ4bFKC1p22MHzqRkw6M
        dHNrkvY+ppKHu4cMNHmc0qNQ0WzaebsvXEkXLwl4qZFd9mB3oUzzNM29AFlQ0b/i
        BT8e/egquur6ycOEUQKXo/vH3OY0VqztPmXQtr9S/ULcBMWZAkEA801Ceprgyy30
        1iMSQU5Hpl5hE4P2Ntlb0rHU+YFF+w0FNqAdQA0EL+ONYTtIsjNLRitFBM67PxKn
        WgutS2RGawJBAO37G7wRln9DUrVJUxG+tOgbcSzE0Zq7w2ylcQN83vxjUJ0Iwg0o
        2zSEeeUoYz8r0jpbCca+WckeWHcWE7deT1UCQGXnERX68nYG/IoHzGiP2dCjrPMY
        jTIx3ZSkqPgLnfzlWi6j5zxhd0R7gUadJviEJV3xV4oI8EIdlPxQ8bcm+5sCQBHI
        PqVJ5yXxQN/c78EWr+vcCRPgTQ0z1IFsx0oMbZkMTry9J8rV77M35ufRocDZpGbJ
        4KwiExFtHA0h8C02ddUCQHnUVXEG2QAJ46+LeIWoRPZAGR4b+BpgasDgP8paGHE6
        PPlrX0/KNeGmoGCjogHue4rUT7sr+UErckl2zv5KySQ=
        ----END RSA PRIVATE KEY----

        Show
        John-Paul Sitarski added a comment - One thing I just tried. I decrypted the key and saved it to a file, then opened that and I can: OpenSSL::PKey::RSA.new(File.open("openserver.key").read) => ---- BEGIN RSA PRIVATE KEY ---- MIICXAIBAAKBgQDiLS2nkw7ggpwqS7sVSzxJpd78iMTk2KjpVJ3bxAFiwD3FJn5j GfY0domsMq01belvgSh+Fpyf6F2AXsWTn5at8JywemcRt0/nPJstzYnWs6O/YjBQ TiNX5Is0mAPbklVDpFWeGDsgt84+Md/cjGJTsbd7QYmDDfI/QiPnUlBmhwIDAQAB AoGBAN12VUzPPvLwkM8NZjtcdsS6aNQna3uU9he6ZfOpQZ4bFKC1p22MHzqRkw6M dHNrkvY+ppKHu4cMNHmc0qNQ0WzaebsvXEkXLwl4qZFd9mB3oUzzNM29AFlQ0b/i BT8e/egquur6ycOEUQKXo/vH3OY0VqztPmXQtr9S/ULcBMWZAkEA801Ceprgyy30 1iMSQU5Hpl5hE4P2Ntlb0rHU+YFF+w0FNqAdQA0EL+ONYTtIsjNLRitFBM67PxKn WgutS2RGawJBAO37G7wRln9DUrVJUxG+tOgbcSzE0Zq7w2ylcQN83vxjUJ0Iwg0o 2zSEeeUoYz8r0jpbCca+WckeWHcWE7deT1UCQGXnERX68nYG/IoHzGiP2dCjrPMY jTIx3ZSkqPgLnfzlWi6j5zxhd0R7gUadJviEJV3xV4oI8EIdlPxQ8bcm+5sCQBHI PqVJ5yXxQN/c78EWr+vcCRPgTQ0z1IFsx0oMbZkMTry9J8rV77M35ufRocDZpGbJ 4KwiExFtHA0h8C02ddUCQHnUVXEG2QAJ46+LeIWoRPZAGR4b+BpgasDgP8paGHE6 PPlrX0/KNeGmoGCjogHue4rUT7sr+UErckl2zv5KySQ= ---- END RSA PRIVATE KEY ----
        Hide
        Pedro Rolo added a comment -

        John Paul key shows well the problem that I have reported.

        Show
        Pedro Rolo added a comment - John Paul key shows well the problem that I have reported.
        Hide
        Hiro Asari added a comment -

        Nahi,

        Could you take a look?

        Show
        Hiro Asari added a comment - Nahi, Could you take a look?
        Hide
        Hiroshi Nakamura added a comment -

        Yes!

        Show
        Hiroshi Nakamura added a comment - Yes!
        Hide
        Hiroshi Nakamura added a comment -

        Note: The pem uses PBES2 instead of general PBKDF2 used in PKCS#12. We should support this.

        Show
        Hiroshi Nakamura added a comment - Note: The pem uses PBES2 instead of general PBKDF2 used in PKCS#12. We should support this.
        Hide
        Hiroshi Nakamura added a comment -
        commit ebf5545f302f185f89a9e059f2b77aca0a8c1159
        Author: Hiroshi Nakamura <nahi@ruby-lang.org>
        Date:   Sun May 13 14:09:33 2012 +0900
        
            JRUBY-6622: Support loading encrypted RSA key with PBES2
            
            Yet another BouncyCastle dependency.  Root cause is because we depend on
            BC for ASN.1.
        

        Can you try master branch of jruby-ossl? Our CI is likely stopping now.

        Show
        Hiroshi Nakamura added a comment - commit ebf5545f302f185f89a9e059f2b77aca0a8c1159 Author: Hiroshi Nakamura <nahi@ruby-lang.org> Date: Sun May 13 14:09:33 2012 +0900 JRUBY-6622: Support loading encrypted RSA key with PBES2 Yet another BouncyCastle dependency. Root cause is because we depend on BC for ASN.1. Can you try master branch of jruby-ossl? Our CI is likely stopping now.
        Hide
        Hiroshi Nakamura added a comment -

        Thanks to Hiro, Mr. Jenkins has woke up. Please grab the latest gem (0.7.7.dev) from http://ci.jruby.org/job/jruby-ossl/

        Show
        Hiroshi Nakamura added a comment - Thanks to Hiro, Mr. Jenkins has woke up. Please grab the latest gem (0.7.7.dev) from http://ci.jruby.org/job/jruby-ossl/
        Hide
        Gregory Manushkin added a comment - - edited

        hi! it seems this ticket repeat or bind with 6826. i've got the same problem with jruby-1.7.1 and jruby-openssl-0.8.2

        Show
        Gregory Manushkin added a comment - - edited hi! it seems this ticket repeat or bind with 6826. i've got the same problem with jruby-1.7.1 and jruby-openssl-0.8.2

          People

          • Assignee:
            Hiroshi Nakamura
            Reporter:
            Pedro Rolo
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated: