Encapsulation of AES_KEY

Firstly, I tried a search first and saw some topics that were related but nothing directly addressing what I am looking for. If my search skills are sub-par, I apologize .

I am using openssl and have an AES_KEY structure (AES 256-bit) in memory that is used for encrypting some data. I would very much like to store the AES key to a file. While I can do that pretty easily by hand in an ad hoc manner, I was wondering if there was a standard way of storing this to a file and encrypting them with a passphrase. I was under the impression that PKCS#12 supported the storing of private (symmetric) keys, but all references to storing pkcs12 (e.g. the PKCS12_create() function) seem to want an EVP_PKEY structure, which I think only works with public (asymmetric) key types. So my question has two parts:

1. Is there any way to go from AES_KEY to EVP_PKEY or some other overload of the PKCS12_create() that can take AES_KEYs?

2. Is there another standard file format that I can store an AES_KEY in, and that openssl supports?

3. Bonus question: if the answer to #2 is no, any suggestions on how to do this while still using an aes256 key (32-byte/256-bit) would be appreciated whether that means using another lib for the key storage part of it.

Thanks!

On Tue, Nov 10, 2009 at 04:03:46PM -0800, SSDwellah wrote:

> I am using openssl and have an AES_KEY structure (AES 256-bit) in memory
> that is used for encrypting some data. I would very much like to store the
> AES key to a file.

Do you want to encrypt the file?

    - If not, just write out the 32-byte key into a file and you are
    done. There is no need for any fancy encapsulation. If you really
    want to avoid "raw binary" data, you could use a base64 BIO to
    write/read the file.

    - If you do, you need a symmetric key to encrypt/decrypt your
    symmetric key, and where do store that? This "makes sense" if
    you are going to prompt a user to decrypt the file each time your
    application starts-up. In that case you can encrypt/decrypt the
    key from a user-supplied password using the same method as enc(1)
    (user password uses PBKDF2 with a salt that is saved with the ciphertext).

Bottom line, there is no need for fancy encapsulation of symmetric keys,
they are just opaque binary data, and can be stored verbatim, or encrypted
via a password-based key when appropriate.

--
        Viktor.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@...
Automated List Manager                           majordomo@...