--- Nils Larsch <[EMAIL PROTECTED]> wrote: > the unencrypted key is stored in a plain pkcs8 PrivateKeyInfo > structure, whereas in the encrypted key the PrivateKeyInfo structure > is wrapped with the necessary encryption header. The problem is > that d2i_PKCS8PrivateKey_bio() tries to parse only the encrypted > format (and returns an error if it's unable to parse the X509_SIG > structure) instead of trying if the key is perhaps unencrypted. > Don't know if this behaviour is intended or if it's bug, in your > case the patch below might help, but the BIO_reset() in the patch > is somehow sub-optimal (better would be something like ftell()+ > fseek() to set the index to the position it was before the > d2i_PKCS8_bio() call).
The patch does resolve the issue. Thanks for the help. Is there an opinion on whether I should report this as a bug via rt so that it can be tracked and a decision can be made whether it is a bug or not? Duke __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
