Hello,
This post relates to using openssl with an Entrust User Profile EPF file.
I had some success using openssl to extract certificates and keys from an EPF file.
This may be 18 to 21 years too late, but I successfully extracted the certificate and keys from the EPF file listed in the post:
https://marc.info/?l=openssl-users&m=94888973208299&w=2 Entrust User Profile (again)
and the info is likely useful for posts:
https://marc.info/?l=openssl-users&m=101302596808738&w=2 RE: Entrust EPF File
https://marc.info/?l=openssl-users&m=92251200512812&w=2 Entrust User Profile
I wrote a bash script to extract the Signing Certificate and Signing Key from the EPF file and the script includes the openssl commands which were used.
Included here are some sections of that script which I think might be useful for the old posts and the sections show the use of openssl.
...
# Using the password and the salt, generate the encryption key and
# IV (initialization vector). Note that the salt is used in its
# base64 encoded form.
# The Password Based Encryption (PBE) Key Derivation Function (KDF)
# does not exactly match any option from RFC8018
# https://tools.ietf.org/html/rfc8018
# although there are similarities.
# Entrust uses SHA1 (and possibly MD5 in some versions) and an
# iteration count on the password and salt
# in order to generate the key and IV.
# Since SHA1 does not generate enough bytes for both the key and IV,
# (at least not for CAST5)
# the process is repeated, but this time the byte 0x01 is appended to
# the password and salt.
# The key and half of the IV come from the first pass. The rest of
# the IV comes from the second pass.
...
# pass 1 to generate the key and part of the IV
echo "pass 1 to generate the key and part of the IV"
declare -i index
index=1
tmp_to_hash=$(echo -n "${epf_password}""${epf_salt}" | xxd -p -c 256)
while [ $index -lt $(($epf_hashcount + 1)) ]
do
tmp_to_hash2="${tmp_to_hash}"
tmp_to_hash=$(echo -n ${tmp_to_hash2} | xxd -p -r -c 256 | openssl dgst -sha1 -binary | xxd -p -c 256)
((index++))
done
pbe_partial=${tmp_to_hash}
echo "Treat the next line of output as a secret."
echo "pbe_partial = " ${pbe_partial}
...
# At this stage we have the full Key and part of the IV.
encryption_key_in_hex=$(echo -n ${pbe_partial} | head --bytes=32)
encryption_iv_in_hex=$(echo -n ${pbe_partial} | tail --bytes=-8)
...
# pass 2 to generate the rest of the IV
echo "pass 2 to generate the rest of the IV"
declare -i index
index=1
tmp_to_hash=$(echo -e -n "${epf_password}""${epf_salt}""\x01" | xxd -p -c 256)
while [ $index -lt $(($epf_hashcount + 1)) ]
do
tmp_to_hash2="${tmp_to_hash}"
tmp_to_hash=$(echo -n ${tmp_to_hash2} | xxd -p -r -c 256 | openssl dgst -sha1 -binary | xxd -p -c 256)
((index++))
done
pbe_partial=${tmp_to_hash}
echo "Treat the next line of output as a secret."
echo "pbe_partial = " ${pbe_partial}
...
# Complete the IV.
encryption_iv_in_hex=$(echo -n ${encryption_iv_in_hex}; echo -n ${pbe_partial} | head --bytes=8)
echo "Treat the next line of output as a secret."
echo "encryption_key_in_hex = " ${encryption_key_in_hex}
echo "Treat the next line of output as a secret."
echo "encryption_iv_in_hex = " ${encryption_iv_in_hex}
...
# Check if the generated key and IV are what we expect for this EPF file.
# Encrypting 8 bytes of all zeros should produce the Token found
# in the Password Token section in the EPF file.
test_token=$(echo -ne "\x00\x00\x00\x00\x00\x00\x00\x00" | openssl enc -cast5-cbc -nosalt -K ${encryption_key_in_hex} -iv ${encryption_iv_in_hex} | head --bytes=8 | od -A n -t x1 | tr -d '[:space:]')
echo "test_token = " ${test_token^^}
if [ ${epf_token} = ${test_token^^} ]
then
echo "The tokens match. The supplied password is correct."
else
echo "The tokens don't match. The supplied password is incorrect."
echo "Exiting."
exit 1
fi
...
With the key and IV you should be able to get your certificates, keys and other information from the EPF file (the full script in question does this for you for the Signing Cert and Key). You'll want to use the decryption command (e.g. openssl enc -d -cast5-cbc -nosalt -K ${encryption_key_in_hex} -iv ${encryption_iv_in_hex}) again for the cert and the key, plus something like an "openssl x509 -inform DER" for the cert and an "openssl pkcs8 -topk8 -inform DER" for the key. This combined with some non openssl commands such as base64, sed, head and tail (e.g. to remove some non standard headers and footers) and even a little python to verify the CRC.
I hope this helps someone out there although I realize the original posts are quite a while ago.
Thanks,
Deric
