Hi everybody, I have a p12 certificate file and I would like to extract the private key from it and export it as a pem file in plain pkcs#1 format.
I was able to do that from openssl whith the following commands: openssl pkcs12 -in test.p12 -out testkey.pem -nodes -nocerts and afterwards ... openssl rsa -in testkey.pem -out testkey_pkcs1.pem Now when I open the file testkey_pkcs1.pem from a ASN.1 Editor some private key's elements (modulus, p, q, ...) have a 0 byte value at the beginning of the number and others don't. Example (offset, length in bytes) (0, 606) SEQUENCE (4, 1) INTEGER : 0 -- version (7, 129) INTEGER : 00 ED F2 D9 E0 17 86 19 AE 49 3A ... -- modulus (there is a zero-byte at the beginning) (139, 3) INTEGER : 01 00 01 -- exponent (144,128) INTEGER : 66 E8 F9 41 E9 EA 9D 80 -- D (275, 65) INTEGER : 00 F2 47 20 50 68 86 46 -- P (there is a zero-byte at the beginning) (342, 65) INTEGER : 00 FB 6C F4 47 AB CD -- Q (there is a zero-byte at the beginning) .................... Why is it like that? Is there any padding rule that must be consider for INTEGER types in ASN.1? The point is that I am trying to do the same decodification with another tool and I am getting some mismatch between the .pem file generated by openssl and the one generated by the other tool and the diference are only those zeros. Thanks in advance for your help. Many greetings, Adrian
