subject:"\[openssl.org #3167\] openssl pkcs8 does not convert from PKCS8 to traditional format private key"

[openssl-dev] [openssl.org #3167] openssl pkcs8 does not convert from PKCS8 to "traditional format private key"

2016-02-01 Thread Rich Salz via RT

This is an issue reported against 0.9.x/1.0.0 If still an issue with current
release, please open a new ticket.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl.org #3167] openssl pkcs8 does not convert from PKCS8 to "traditional format private key"

2013-11-07 Thread Michael Slass via RT

[slass@jenkins01 ~]$ openssl version
OpenSSL 1.0.0-fips 29 Mar 2010
[slass@jenkins01 ~]$ uname -a
Linux jenkins01 2.6.32-358.18.1.el6.x86_64 #1 SMP Wed Aug 28 17:19:38
UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
[slass@jenkins01 ~]$

According to the docs:
http://www.openssl.org/docs/apps/pkcs8.html

=
DESCRIPTION

The pkcs8 command processes private keys in PKCS#8 format. It can
handle both unencrypted PKCS#8 PrivateKeyInfo format and
EncryptedPrivateKeyInfo format with a variety of PKCS#5 (v1.5 and
v2.0) and PKCS#12 algorithms.



COMMAND OPTIONS

-topk8

Normally a PKCS#8 private key is expected on input and a traditional
format private key will be written. With the -topk8 option the
situation is reversed: it reads a traditional format private key and
writes a PKCS#8 format key.



*
BUG: The "Normally" behavior, that is "PKCS8 in, traditional format
private key out" does not work.
The actual behavior is "PKCS8 in, PKCS8 out."
**

Transcript showing unexpected behavior:

# generate a 2048 bit RSA key
[slass@jenkins01 ~]$ openssl genrsa -out bogus.key 2048
Generating RSA private key, 2048 bit long modulus
.+++
.+++
e is 65537 (0x10001)
[slass@jenkins01 ~]$ cat bogus.key
-BEGIN RSA PRIVATE KEY-
MIIEowIBAAKCAQEAq6cIq+H9v08l0660A8zi5wr4rVevIMZaazw7mdOcHwwuRECH
3u77bMULhwdXlbL9OhDmq1NcUlM183ymCnAldv1xoSmdvx1greHOpIOgJ7wJOWkh
F86EFNJaDgl59U6KZqJ4/4rShrrYtvyREzEzBGtwhB5vzLFzuCEAF6akWPSIPv51
l46DW+110BVbDKf9iHW3TudaqWQA6wrH+4t7ry+sqXPSt3vtDMK+mMwNLOf7DC6R
ynbSDXk2IbEsE5TFy0uvAQyi1jENuU4l69l/CvPabjCMEOah5mKeAgat1fulLvsK
XmeivUZpZYSH22tHWqfylPVwoHspb3MMfclOTQIDAQABAoIBAGKPMB1xT3+PdIrN
HzOnawl6dTsiw72v5q74EMjMhjIVjmNGIj3RPrA/m9TWVGXyNhAnMCtjW/kxKiM6
iSQpLHncIGiHOrpHpgFxTHON2GG4SBucz5GZ1KEX/vlcW5iMlk9ELvGbxjHyCwlW
j/5TG5YIErzptQv1QBqTaDgsSOWB4Tcy/m9v+6c8P47ZOKBlALBsHJG0ktLreacB
prRI8/rRPALxe6vw7dcjs6h9GzQqRKcJrj4bcYqIwD9qjDV9MOjFk8Yr7aLPNWX5
tbwOrUPyleAveOeUR56FI0LVR9Dgq6QrATGFNBlACGxFs5zr23dNkzH4oEMfISGB
EAt0SIECgYEA5D7wvUyMsJzot6lUe9dAoFnPWpN1i6cRA0RDUzFC2EP359Vz6shj
CfPUf5J7HN5yZyjQdV0GrAuZY36EVCjuLvf0FIqT11Fg6cbYZrdYUkmMidhjVzhp
9qLtdur0vqt89EuTciDkuwe7FSYSu8zxoDUeoAlja/DMi8J8G0oa430CgYEAwIZm
QfiJjQiS+epyEY3VL4KfJOvEEWImfqlv447zGDc4bg92RoOsJeqzNB/1ZgS0MA0D
iimkBH7YTo+sEEllATZgz5+v3EbN03HqOzMdLJMI5x5YCUx8L0PcVGmWd6zyjrsq
tiEjyXkhyc2S3GE0TLZQAofKAY79mRYHtUNhbxECgYAAjqbHz4gIZlmrGR67rqrZ
uV5oOjPvQ1knSONhMJ2ZKZFRX5QI3rRfMdky9oiWaXSeC9t2beO2R9D4DTcFfZQX
SUOvSSdTPz+dUn70wT3V9ZgCPiT/8YNQttUdlTVDwedsMUMK5Emqqzopsw4Yp0dv
vLF2co9rlArrzG3BI00tgQKBgCNoVGQrpniGrClEYegykpOjTUuIBM5Bo9zFoqtS
PgklFr6/HzyGuOFcUcrzWbmCgfUYX59IWz7saTHBoJ56MRZQ/usQblJvvyj1GWP7
2ZC6FfgTj5NeOrSioWHw7VhjOVTgvVEztRY3rewkX68iPXEiUoK0oIU63A8Miyxe
EQxRAoGBAL590zYRB8UZmj6KwNrHKoKgmqDa8N7YbmQnyTPvtjbNd/O3ZDKOj7Fw
8R8H51oIjDiyprQvVSICggJpdq59V8mA/oHISxL/ZGC9CH2XTQPDH9+Lne9ZJeTz
BzGfQmNQ/2VkeAOhPdALPonypencNTMY8+4VY6ygME/sAVpg8EQS
-END RSA PRIVATE KEY-

# create an (unencrypted) PKCS8 object from the private key
[slass@jenkins01 ~]$ openssl pkcs8 -nocrypt -topk8 -in bogus.key -out
bogus.key.pkcs8
[slass@jenkins01 ~]$ cat bogus.key.pkcs8
-BEGIN PRIVATE KEY-
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCrpwir4f2/TyXT
rrQDzOLnCvitV68gxlprPDuZ05wfDC5EQIfe7vtsxQuHB1eVsv06EOarU1xSUzXz
fKYKcCV2/XGhKZ2/HWCt4c6kg6AnvAk5aSEXzoQU0loOCXn1Topmonj/itKGuti2
/JETMTMEa3CEHm/MsXO4IQAXpqRY9Ig+/nWXjoNb7XXQFVsMp/2IdbdO51qpZADr
Csf7i3uvL6ypc9K3e+0Mwr6YzA0s5/sMLpHKdtINeTYhsSwTlMXLS68BDKLWMQ25
TiXr2X8K89puMIwQ5qHmYp4CBq3V+6Uu+wpeZ6K9RmllhIfba0dap/KU9XCgeylv
cwx9yU5NAgMBAAECggEAYo8wHXFPf490is0fM6drCXp1OyLDva/mrvgQyMyGMhWO
Y0YiPdE+sD+b1NZUZfI2ECcwK2Nb+TEqIzqJJCksedwgaIc6ukemAXFMc43YYbhI
G5zPkZnUoRf++VxbmIyWT0Qu8ZvGMfILCVaP/lMblggSvOm1C/VAGpNoOCxI5YHh
NzL+b2/7pzw/jtk4oGUAsGwckbSS0ut5pwGmtEjz+tE8AvF7q/Dt1yOzqH0bNCpE
pwmuPhtxiojAP2qMNX0w6MWTxivtos81Zfm1vA6tQ/KV4C9455RHnoUjQtVH0OCr
pCsBMYU0GUAIbEWznOvbd02TMfigQx8hIYEQC3RIgQKBgQDkPvC9TIywnOi3qVR7
10CgWc9ak3WLpxEDRENTMULYQ/fn1XPqyGMJ89R/knsc3nJnKNB1XQasC5ljfoRU
KO4u9/QUipPXUWDpxthmt1hSSYyJ2GNXOGn2ou126vS+q3z0S5NyIOS7B7sVJhK7
zPGgNR6gCWNr8MyLwnwbShrjfQKBgQDAhmZB+ImNCJL56nIRjdUvgp8k68QRYiZ+
qW/jjvMYNzhuD3ZGg6wl6rM0H/VmBLQwDQOKKaQEfthOj6wQSWUBNmDPn6/cRs3T
ceo7Mx0skwjnHlgJTHwvQ9xUaZZ3rPKOuyq2ISPJeSHJzZLcYTRMtlACh8oBjv2Z
Fge1Q2FvEQKBgACOpsfPiAhmWasZHruuqtm5Xmg6M+9DWSdI42EwnZkpkVFflAje
tF8x2TL2iJZpdJ4L23Zt47ZH0PgNNwV9lBdJQ69JJ1M/P51SfvTBPdX1mAI+JP/x
g1C21R2VNUPB52wxQwrkSaqrOimzDhinR2+8sXZyj2uUCuvMbcEjTS2BAoGAI2hU
ZCumeIasKURh6DKSk6NNS4gEzkGj3MWiq1I+CSUWvr8fPIa44VxRyvNZuYKB9Rhf
n0hbPuxp

[openssl-dev] [openssl.org #3167] openssl pkcs8 does not convert from PKCS8 to "traditional format private key"

[openssl.org #3167] openssl pkcs8 does not convert from PKCS8 to "traditional format private key"

2 matches

Site Navigation

Mail list logo

Footer information