On Tue May 07 15:01:11 2013, [email protected] wrote: > * > * libcrypto's d2i_PKCS8PrivateKey_bio function is unable to read data > that is > * generated using it's own i2d_PKCS8PrivateKey_bio function, this > also limits > * functionality tremendously in that i2d_PrivateKey can not take any > callbacks > * or information for a password, and thus can't encrypt the end > result, which > * the PKCS8 functions are able to do. > *
The problem is that d2i_PKCS8PrivateKey_bio can't handle unencrypted private key format automatically. If you specify a private key encryption algorithm in i2d_PKC8PrivateKey_bio it should work. Due to the way the code works i2d_PKCS8PrivateKey_bio uses the ASN1 format for unencrypted PKCS#8 private keys when the cipher parameter is NULL. This isn't compatible with the encrypted form used (when the cipher is not NULL) and so you get that error. That is a bug, I agree and it should detect the unencrypted format automatically and use it. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
