openssl icon indicating copy to clipboard operation
openssl copied to clipboard
verified publisher icon ruby

PKey.read only tries PEM

Open mcr opened this issue 7 years ago • 2 comments

https://github.com/ruby/openssl/blob/01b23fa8eee2ff9cc4ef5f6fabca6d999e0979c2/ext/openssl/ossl_pkey.c#L152

This code says that it will load DER encoded keys, but it does not work when provided with DER, and looking at the code it seems to try only PEM encodings. I suggest that rather than try to guess all sorts of encodings, that we have a read_der() routine.

mcr avatar Nov 06 '18 09:11 mcr

Just made some tests yesterday on this, the code does read DER-encoded private key, but not DER-encoded-and-encrypted (pkcs8 der).

For what i'm able to see rsa = d2i_RSAPrivateKey_bio(in, NULL);

would need to be replaced by d2i_PKCS8_bio p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass)); rsa = EVP_PKCS82PKEY(p8inf)

Modulo required free() and all

bplessis avatar Nov 23 '18 08:11 bplessis

Benoit Plessis [email protected] wrote: > Just made some tests yesterday on this, the code does read DER-encoded > private key, but not DER-encoded-and-encrypted (pkcs8 der).

It promises to read DER encoded public keys, but it does not.

mcr avatar Nov 23 '18 14:11 mcr