Duke Arber wrote: ...
I sent this to the user list a few days ago, but no response. If this message is not appropriate for the development list, please let me know.
I'm attempting to write an RSA private key in DER format and then read
it back. A sample program is below.
An error occurs reading the DER file back in when no password is used. If I use a password in the read/write functions, the operations are
successful.
the unencrypted key is stored in a plain pkcs8 PrivateKeyInfo structure, whereas in the encrypted key the PrivateKeyInfo structure is wrapped with the necessary encryption header. The problem is that d2i_PKCS8PrivateKey_bio() tries to parse only the encrypted format (and returns an error if it's unable to parse the X509_SIG structure) instead of trying if the key is perhaps unencrypted. Don't know if this behaviour is intended or if it's bug, in your case the patch below might help, but the BIO_reset() in the patch is somehow sub-optimal (better would be something like ftell()+ fseek() to set the index to the position it was before the d2i_PKCS8_bio() call).
Cheers, Nils
Duke Arber wrote: ... > I sent this to the user list a few days ago, but no response. If this > message is not appropriate for the development list, please let me > know. > > I'm attempting to write an RSA private key in DER format and then read > it back. A sample program is below. > > An error occurs reading the DER file back in when no password is used. > If I use a password in the read/write functions, the operations are > successful.
the unencrypted key is stored in a plain pkcs8 PrivateKeyInfo structure, whereas in the encrypted key the PrivateKeyInfo structure is wrapped with the necessary encryption header. The problem is that d2i_PKCS8PrivateKey_bio() tries to parse only the encrypted format (and returns an error if it's unable to parse the X509_SIG structure) instead of trying if the key is perhaps unencrypted. Don't know if this behaviour is intended or if it's bug, in your case the patch below might help, but the BIO_reset() in the patch is somehow sub-optimal (better would be something like ftell()+ fseek() to set the index to the position it was before the d2i_PKCS8_bio() call).
Cheers, Nils
--- openssl-SNAP-20041104/crypto/pem/pem_pk8.c 2002-11-28 10:00:49.000000000 +0100
+++ openssl-test/crypto/pem/pem_pk8.c 2004-11-04 10:55:37.197824512 +0100
@@ -158,16 +158,21 @@
EVP_PKEY *ret;
char psbuf[PEM_BUFSIZE];
p8 = d2i_PKCS8_bio(bp, NULL);
- if(!p8) return NULL;
- if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u);
- else klen=PEM_def_callback(psbuf,PEM_BUFSIZE,0,u);
- if (klen <= 0) {
- PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_BIO, PEM_R_BAD_PASSWORD_READ);
+ if (!p8) {
+ /* try unencrypted */
+ BIO_reset(bp);
+ p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(bp, NULL);
+ } else {
+ if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u);
+ else klen=PEM_def_callback(psbuf,PEM_BUFSIZE,0,u);
+ if (klen <= 0) {
+ PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_BIO, PEM_R_BAD_PASSWORD_READ);
+ X509_SIG_free(p8);
+ return NULL;
+ }
+ p8inf = PKCS8_decrypt(p8, psbuf, klen);
X509_SIG_free(p8);
- return NULL;
}
- p8inf = PKCS8_decrypt(p8, psbuf, klen);
- X509_SIG_free(p8);
if(!p8inf) return NULL;
ret = EVP_PKCS82PKEY(p8inf);
PKCS8_PRIV_KEY_INFO_free(p8inf);
______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
