Hi list,
I have RSA encrypted private key as byte sequence, and I need to export
it as ASN.1 type EncryptedPrivateKeyInfo (RFC5958 section 3.)
Currently I use the following code (shortened):
unsigned char *pkey; //assigned encrypted primary key
priv_key_info = PKCS8_PRIV_KEY_INFO_new();
aobj = OBJ_nid2obj(NID_id_aes128_wrap);
PKCS8_pkey_set0(priv_key_info, aobj, 0 /*version*/, 0/*param type*/,
NULL /*param val*/, pkey, pkey_len);
i2d_PKCS8_PRIV_KEY_INFO_fp(f, priv_key_info);
The output is:
# openssl asn1parse -in privkeyinfo.out -inform der -i
0:d=0 hl=4 l=1244 cons: SEQUENCE
4:d=1 hl=2 l= 1 prim: INTEGER :00
7:d=1 hl=2 l= 11 cons: SEQUENCE
9:d=2 hl=2 l= 9 prim: OBJECT :id-aes128-wrap
20:d=1 hl=4 l=1224 prim: OCTET STRING [HEX DUMP]: ....
Which is not ASN.1 type EncryptedPrivateKeyInfo, due the INTEGER value
(version). Output seems to be the OneAsymmetricKey type (RFC5958 section
2).
Is there any way, how to export encrypted key as EncryptedPrivateKeyInfo
DER?
--
Martin Basti
