ERROR: fail get idrsa, x509: failed to parse private key (use ParsePKCS8PrivateKey instead for this key format)

[frecinatjc]

Hello,

Issue on decrypr file

❯ ./medusa decrypt encrypted-export.txt --private-key private-key.pem

2023/04/02 13:16:27 ERROR: fail get idrsa, x509: failed to parse private key (use ParsePKCS8PrivateKey instead for this key format)

I fixed this issue on rsa.go files

from

    privateKey, err := x509.ParsePKCS1PrivateKey(keyBlock.Bytes)
    if err != nil {
        log.Printf("ERROR: fail get idrsa, %s", err.Error())
        os.Exit(1)
    }
       return privateKey

to

    privateKey, err := x509.ParsePKCS8PrivateKey(keyBlock.Bytes)
    if err != nil {
        log.Printf("ERROR: fail get idrsa, %s", err.Error())
        os.Exit(1)
    }
    // bugfix jcf
    rsaPrivateKey, ok := privateKey.(*rsa.PrivateKey)
    if !ok {
        log.Printf("ERROR: fail get idrsa, invalid key format")
        os.Exit(1)
    }
    return rsaPrivateKey

Can you fix it ?

[nao2001]

@jonasvinther are you able to merge this issue as we need it also

[frjcf]

@jonasvinther can you show us your openssl command that are used for decrypt file.

[jonasvinther]

It's documented here: https://github.com/jonasvinther/medusa#key-generation

I looked into this issue yesterday and realized that the suggested code won't fix this issue. In order to support ECDSA etc. the code needs to be changed to handle the different formats.

[jsnouffer]

I found a workaround to generating a key pair that will correctly parse during decryption. I was using openssl 3.0.1 to generate the keys, which resulted in the above parsing error.

For these steps to work: https://github.com/jonasvinther/medusa#key-generation, I switched to using openssl 1.0.2.