Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 28 Sep 2021 15:11:28 +0200
From: Solar Designer <>
To: Ben Calegari <>
Subject: Re: Cracking CSR Private Key

On Sun, Sep 26, 2021 at 02:14:40PM +0200, Solar Designer wrote:
> On Wed, Sep 22, 2021 at 12:19:00AM -0400, Ben Calegari wrote:
> > I'm having trouble cracking a key I created in the following way:
> > 
> > openssl req -newkey rsa:2048 -keyout keynamehere.key -out csrnamehere.key
> > 
> > I don't see a corresponding xxx2john utility to convert this sort of key to
> > a hash that john can understand. Is it impossible or am I just missing
> > something?
> The corresponding utility is

This works for keys generated by OpenSSL up to 1.0.2* inclusive.
However, it turns out that we have a shortcoming preventing cracking of
keys generated by OpenSSL 1.1+.  We're tracking this issue here:

> Maybe we need to improve so that it would redirect
> people to (at least) when its input looks like PEM.  Would
> that have helped you?

Jannik Vieten has just implemented this here:


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.