<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
code
{mso-style-priority:99;
font-family:"Courier New";}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style></head><body lang=EN-US link="#0563C1" vlink="#954F72"><div class=WordSection1><p class=MsoNormal>Hi,<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>I’m trying to use passphrase-protected keys with BC-FIPS, but whatever I do, I get an exception complaining about not enough salt.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'>Exception in thread "main" org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: salt must be at least 128 bits<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'> at org.bouncycastle.crypto.fips.FipsPBKD$Parameters.<init>(Unknown Source)<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'> at org.bouncycastle.crypto.fips.FipsPBKD$Parameters.withSalt(Unknown Source)<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'> at org.bouncycastle.jcajce.provider.ProvPBEPBKDF2$BasePBKDF2.engineGenerateSecret(Unknown Source)<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'> …<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'> at org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo.decryptPrivateKeyInfo(PKCS8EncryptedPrivateKeyInfo.java:75)<o:p></o:p></span></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>I’ve tried several ways to create the keys:<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'>openssl genrsa -out ~/.oci/oci_api_key_passphrase.pem -aes128 2048<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'>openssl pkcs8 -topk8 -v2 aes128 -in ~/.oci/oci_api_key_passphrase.pem -out ~/.oci/oci_api_key_passphrase_pk8.pem<o:p></o:p></span></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>or <o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'>openssl genpkey -aes-256-cbc -algorithm RSA-PSS -pkeyopt rsa_keygen_bits:2048 \<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'> -pkeyopt rsa_keygen_pubexp:65537 -pkeyopt rsa_pss_keygen_md:sha256 \<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'> -pkeyopt rsa_pss_keygen_mgf1_md:sha256 -pkeyopt rsa_pss_keygen_saltlen:32 \<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'> -out oci_api_key_passphrase.pem<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'>openssl pkcs8 -topk8 -v2 aes128 -in ~/.oci/oci_api_key_passphrase.pem -out ~/.oci/oci_api_key_passphrase_pk8.pem<o:p></o:p></span></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>or<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><code><span style='font-size:8.0pt'>openssl genrsa -out oci_api_key_passphrase.pem -aes128 2048</span></code><span style='font-size:8.0pt'> </span><code><span style='font-size:8.0pt'>-S 123456789012345678901234567890<o:p></o:p></span></code></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'>openssl pkcs8 -topk8 -v2 aes128 -in ~/.oci/oci_api_key_passphrase.pem -out ~/.oci/oci_api_key_passphrase_pk8.pem<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:8.0pt'><o:p> </o:p></span></p><p class=MsoNormal>or<o:p></o:p></p><p class=MsoNormal><span style='font-size:8.0pt'><o:p> </o:p></span></p><p class=MsoNormal><code><span style='font-size:8.0pt'>openssl genrsa -out oci_api_key_passphrase.pem -aes128 2048</span></code><span style='font-size:8.0pt'> </span><code><span style='font-size:8.0pt'>-salt -s 123456789012345678901234567890</span></code><span style='font-size:8.0pt'><o:p></o:p></span></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'>openssl pkcs8 -topk8 -v2 aes128 -in ~/.oci/oci_api_key_passphrase.pem -out ~/.oci/oci_api_key_passphrase_pk8.pem<o:p></o:p></span></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>But no matter what I do, when I try to use the key with BC-FIPS, I get the error about not enough salt, and when I use <span style='font-size:8.0pt;font-family:"Courier New"'>openssl asn1parse</span>, I can see that the octet string is only 64 bit:<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'>openssl asn1parse -in oci_api_key_passphrase2_pk8.pem<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'>…<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'> 21:d=4 hl=2 l= 9 prim: OBJECT :PBKDF2<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'> 32:d=4 hl=2 l= 28 cons: SEQUENCE<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'> 34:d=5 hl=2 l= 8 prim: OCTET STRING [HEX DUMP]:65A4890CBC5ED23C<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Courier New"'>…<o:p></o:p></span></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>and when I set a breakpoint in BC-FIPS, I see that 65A4890CBC5ED23C is the octet string that is being loaded as salt, and it’s 8 bytes = 64 bits.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>I’ve tried this both with<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>$ openssl version<o:p></o:p></p><p class=MsoNormal>LibreSSL 2.8.3<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>and<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>$ /usr/local/opt/openssl@1.1/bin/openssl version<o:p></o:p></p><p class=MsoNormal>OpenSSL 1.1.1i 8 Dec 2020<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>How do I sell openssl to use more salt when generating the private key?<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Thanks,<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>--Mathias<o:p></o:p></p></div></body></html>