2

I am trying to decrypt my private key in python using cryptodome. Under raw_cipher_data is my password to encrypt the private key. But I get the error message "ValueError: PEM is encrypted, but no passphrase available"

MY IMPORT

from Cryptodome.Signature import PKCS1_v1_5
from Cryptodome.Hash import SHA
from Cryptodome.PublicKey import RSA
from base64 import b64decode

CODE

rsa_key = RSA.importKey(open('pem file location', "rb").read())
verifier = PKCS1_v1_5.new(rsa_key)
raw_cipher_data = b64decode(<your cipher data>)
phn = rsa_key.decrypt(raw_cipher_data)

MY ERROR MSG

  File ".\app.py", line 24, in <module>
    rsa_key = RSA.importKey(f.read(), passphrase="CNt3wiSY3Sjn0fEh2fsq")
  File "C:\Users\xx\AppData\Local\Programs\Python\Python37-32\lib\site-packages\Cryptodome\PublicKey\RSA.py", line 733, in import_key
    (der, marker, enc_flag) = PEM.decode(tostr(extern_key), passphrase)
  File "C:\Users\xx\AppData\Local\Programs\Python\Python37-32\lib\site-packages\Cryptodome\IO\PEM.py", line 163, in decode
    data = unpad(objdec.decrypt(data), objdec.block_size)
  File "C:\Users\xx\AppData\Local\Programs\Python\Python37-32\lib\site-packages\Cryptodome\Util\Padding.py", line 90, in unpad
    raise ValueError("Padding is incorrect.")
ValueError: Padding is incorrect.
TeslaXba
  • 347
  • 4
  • 22

2 Answers2

4

I think your RSA key is encrypted. As per the documentation, you should provide the passphrase like this rsa_key = RSA.importKey(open('pem file location', "rb").read(), passphrase="yourpasswordhere")

Uku Loskit
  • 40,868
  • 9
  • 92
  • 93
  • Dear @Uku Loskit, yes the file is encrypted. I found the above code in a documentation. Thank you! I will try out with passphrase. – TeslaXba Nov 05 '18 at 13:54
  • 1
    I get now the error msg: "ValueError: Padding is incorrect." – TeslaXba Nov 05 '18 at 13:56
  • 1
    it's really important to know for which line this is produced – Uku Loskit Nov 05 '18 at 13:58
  • 1
    a sry @uku loskit : rsa_key = RSA.importKey(f.read(), passphrase="mykey") – TeslaXba Nov 05 '18 at 13:59
  • File "C:\Users\xx\AppData\Local\Programs\Python\Python37-32\lib\site-packages\Cryptodome\PublicKey\RSA.py", line 733, in import_key (der, marker, enc_flag) = PEM.decode(tostr(extern_key), passphrase) File "C:\Users\xx\AppData\Local\Programs\Python\Python37-32\lib\site-packages\Cryptodome\IO\PEM.py", line 163, in decode data = unpad(objdec.decrypt(data), objdec.block_size) File "C:\Users\rifatbegovic\AppData\Local\Programs\Python\Python37-32\lib\site-packages\Cryptodome\Util\Padding.py", line 90, in unpad raise ValueError("Padding is incorrect.") – TeslaXba Nov 05 '18 at 14:00
  • 1
    are you sure this is the correct passphrase? how was the key produced? does this work using the same password: `openssl rsa -in `? – Uku Loskit Nov 05 '18 at 14:05
  • Actually yes. I generated the key for my rsa.pem (private key) - with keystore explorer. When I print it out, I get the correct string. " File "C:\Users\xx\AppData\Local\Programs\Python\Python37-32\lib\site-packages\Cryptodome\PublicKey\RSA.py", line 750, in import_key if bord(extern_key[0]) == 0x30: IndexError: index out of range" | that's what I get after printing the string. He prints my private key and than that.. :S – TeslaXba Nov 05 '18 at 14:10
1

This helps in decrypting pem.

Crypto.IO.PEM.decode(pem_data, passphrase="yourpasswordhere")
Sidd_Tim
  • 41
  • 4