-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson Sent: Friday, February 16, 2007 11:50 AM To: openssl-users@openssl.org Subject: Re: Convert pvt to pem
On Fri, Feb 16, 2007, Novick, Jeffrey [Contr (Chugach)] wrote: > > Hi all, > > I've been searching on how to convert MS .pvk to .pem format for > 3eti's wireless crypto client. > I've searched and came up with the pvk tool, which works, on 32 bit > Linux only. > > On a 64 bit box, which is where I'd like to run this, I get: > > ./pvk -in user.pvk -out user.pem > Error reading key > 30532:error:80068064:lib(128):pvk_read:bad magic number:pvkread.c:122: > > I read the thread about stripping of the first 15 bytes, but that > didn't work. > > Also, I'd like to be able to script it so our users (there's a lot of > them) can upload their existing file to a secure web server, have it > convert it, send it back to them and delete it from the web server. > > I am using 64 bit Gentoo Linux on an Intel box with Apache/2.0.58, PHP > 5.1.6-pl6-gentoo, perl, v5.8.8 built for x86_64-linux and openssl-0.9.8d. > > Can pvk be patched (I'm not a C coder) to accept a password parameter? > Then I can wrap it with php? > ie: pvk -in user.pvk -out user.pem -inpass 123456 -outpass 123456 > > Has anyone been down this path, should I be going down this path, or > can anyone please provide pointers to where I should be looking? > I'd suggest you look at a recent OpenSSL 0.9.9 snapshot. The PVK functionality is now built into the relevant utilities. There is an -inform PVK option in the rsa and dsa utilities. The OpenSSL PVK functionality is a superset of that provided by my old pvk utility. Let me know if that works on 64 bit linux, if not I'll look into fixing it. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] Hi, Steve, Thank you, this appears to work without prompting with openssl-SNAP-20070216.tar.gz using openssl rsa -inform PVK -outform PEM -in user.pvk -out user.pem -passin pass:123456 -passout pass:123456 I believe this is the proper syntax for what I am trying to accomplish. Please confirm. I'm new to OpenSSL, so if left out anything just let me know what I need to provide to help you help me. Meanwhile, my next step is to test it with the wireless client and see if it really worked. I will report my results. Thank you, Jeff ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
