[gnutls-help] Get cipher used to encrypt key

MK mk at cognitivedissonance.ca
Wed Apr 17 22:39:45 CEST 2013

This is derived from my previous problem with a password encrypted key
but does not rely upon it.  The context is, I have a password encrypted
private key for which I have the password, and gnutls (certtool, etc.)
will read it (eg. via gnutls_x509_privkey_import2()).  I would
like to find out what cipher was used to encrypt the key; the gnutls
functions "auto-detect" the format, but do not report it. If I read it
with "certtool -k -V", there is information about what public key
encryption scheme this key is for:

Public Key Info:
	Public Key Algorithm: RSA
	Key Security Level: Legacy (2048 bits)

But not how the key itself was encrypted with a password.  "openssl rsa"
similarly will decrypt and print information about the key, but not
the cipher it was encrypted with.  It seems to me this is useful
information that has no reason to be secret if I have the password
anyway.  For example, if someone else is using my software and
complains their key doesn't work, but doesn't know or can't remember
the cipher used, it would be nice to have a commonplace tool (such as
certtool) that I could refer them to ("Find out via certtool what form
of password encryption is used.").

I am pretty ignorant about all this, so hopefully my question makes

Sincerely, MK.

"Enthusiasm is not the enemy of the intellect." (said of Irving Howe)
"The angel of history[...]is turned toward the past." (Walter Benjamin)

More information about the Gnutls-help mailing list