Hello,
[EMAIL PROTECTED] wrote on 04/11/2008 09:45:12 AM:
>
>
> Victor Duchovni wrote:
> >
> > The success of "SSL_CTX_use_certificate" seems to point to it being
> > a certificate. Which is it? Did the OP misreport what worked? Which
> > was it:
> >
>
> Sorry, i misstyped the 2nd function. Once again:
> * i have binary private key 610 bytes long
> fp = fopen("../keys/prkey.der", "r");
> len = fread(in_buf, sizeof(char), 1000, fp);
> * i try to load it to ctx with:
> if (!SSL_CTX_use_PrivateKey_ASN1(SSL_FILETYPE_ASN1, ctx, (unsigned
> char*)in_buf, len))
> ERR_print_errors_fp(stdout);
> and getting error
> 9329:error:0D09A0A3:asn1 encoding routines:d2i_PrivateKey:unknown public
key
> type:d2i_pr.c:125:
> 9329:error:140AF00D:SSL routines:SSL_CTX_use_PrivateKey_ASN1:ASN1
> lib:ssl_rsa.c:690:
> *then i convert binary key to .pem format with
> openssl asn1parse -in prkey.der -inform der -out pkey.pem -outform pem
> *read it (810 bytes)
> fp = fopen("../keys/prkey.pem", "r");
> len = fread(in_buf, sizeof(char), 1000, fp);
> * and load it with
> SSL_CTX_use_PrivateKey_file(ctx, in_buf, SSL_FILETYPE_PEM)
> *it works perfectly
>
> It seems that SSL_FILETYPE_ASN1 is not correct type, since respond is
> "unknown public key type". But it is also interesting why OpenSSL thinks
it
> is a pub key, when i use SSL_CTX_use_PrivateKey_ASN1 function. Maybe it
is a
> bug?
Yes, this is bug, in any case when key type is not recognized (not
RSA/DSA/EC)
error with information of unknown public key will be printed.
This should be corrected.
EVP_PKEY_RSA instead of SSL_FILETYPE_ASN1 should be used.
> The output of openssl asn1parse -in prkey.der -inform der is:
> 0:d=0 hl=4 l= 606 cons: SEQUENCE
> 4:d=1 hl=2 l= 1 prim: INTEGER :00
> 7:d=1 hl=3 l= 129 prim: INTEGER
>
:DD2E6F1862C4FF07C45EC56EC2D8460AC887FAD49524D4B5B9774D2DD275E2073CF7AE72B47626E615D9870506E4B00480F15A0A4738E8C1C101B233C202BB7D000449E080A507B0714476620FBA43A5D076BDA82D30ED392E4345F542533D152D892E02A6F3C976CE4FE1530958786E7FAC0B42DB3FA5B899039DA414FAF69B
> 139:d=1 hl=2 l= 3 prim: INTEGER :010001
> 144:d=1 hl=3 l= 129 prim: INTEGER
>
:CF5B95F9B5B75C24EAFBB27AE99E9AE3C7267C88CA1E5270E024B1AD90CEC58DE5A18AE1ACBFCC2E0F33F53A484123A7C53F001BFCB3A4BAE8F86F19C8FC88C9A3D3F6E4CB943BFCF9BECB5164B28699FAAB88ABCEE444C4B7DDECD76EFCEECC9D6CCF8E76CFA6C25811EAA2595EACFC398C23EB7283900BC0C88293E33054D9
> 276:d=1 hl=2 l= 65 prim: INTEGER
>
:FBD2B89E9ECED114FEC8431A8C90F6275CE5E2F5C68497D9742839E50249F1E8FC4F32A3271A499073C5BA1EAECBFE93A0DE10EA32075EC11C261E8B5C67D78F
> 343:d=1 hl=2 l= 65 prim: INTEGER
>
:E0D99A743BCA12DA4E3DA9DF59FAA091D5542A95F8531C821C7C1591F613E0B05180DC2A00BF3D4480BAC86255050181E0BD9495421AD45BE52994CB68144A35
> 410:d=1 hl=2 l= 65 prim: INTEGER
>
:AF4AFBE0CEC3409FD0CB2E8AE8967002EE93C7ED36074E7CBC72D3FA2A21B7176BAAE5A0D4B363C9FE0D0186223F363325A3EF3A5720F240928BA66F741F84D9
> 477:d=1 hl=2 l= 64 prim: INTEGER
> :
>
6C3249D084B4C83DA448A7E58236C7ED64EA0B53FF1A7F2D5CE798B993E01CCEBB697687FFB40697601A813250170892A6C2932CFF92497DAED843715DB3E5C1
> 543:d=1 hl=2 l= 65 prim: INTEGER
>
:F63374004B31D79C5B13BBADB1E4F18784ACE883A74DEDE041E0926838A4D7C2A92D96FAD5A4E4024EF47D562A3614F23E46158036302A5FC00631A80EA468F8
>
> and if i do openssl asn1parse -in prkey.pem -inform pem for the
converted
> pem key, the result is the same:
>
> 0:d=0 hl=4 l= 606 cons: SEQUENCE
> 4:d=1 hl=2 l= 1 prim: INTEGER :00
> 7:d=1 hl=3 l= 129 prim: INTEGER
>
:DD2E6F1862C4FF07C45EC56EC2D8460AC887FAD49524D4B5B9774D2DD275E2073CF7AE72B47626E615D9870506E4B00480F15A0A4738E8C1C101B233C202BB7D000449E080A507B0714476620FBA43A5D076BDA82D30ED392E4345F542533D152D892E02A6F3C976CE4FE1530958786E7FAC0B42DB3FA5B899039DA414FAF69B
> 139:d=1 hl=2 l= 3 prim: INTEGER :010001
> 144:d=1 hl=3 l= 129 prim: INTEGER
>
:CF5B95F9B5B75C24EAFBB27AE99E9AE3C7267C88CA1E5270E024B1AD90CEC58DE5A18AE1ACBFCC2E0F33F53A484123A7C53F001BFCB3A4BAE8F86F19C8FC88C9A3D3F6E4CB943BFCF9BECB5164B28699FAAB88ABCEE444C4B7DDECD76EFCEECC9D6CCF8E76CFA6C25811EAA2595EACFC398C23EB7283900BC0C88293E33054D9
> 276:d=1 hl=2 l= 65 prim: INTEGER
>
:FBD2B89E9ECED114FEC8431A8C90F6275CE5E2F5C68497D9742839E50249F1E8FC4F32A3271A499073C5BA1EAECBFE93A0DE10EA32075EC11C261E8B5C67D78F
> 343:d=1 hl=2 l= 65 prim: INTEGER
>
:E0D99A743BCA12DA4E3DA9DF59FAA091D5542A95F8531C821C7C1591F613E0B05180DC2A00BF3D4480BAC86255050181E0BD9495421AD45BE52994CB68144A35
> 410:d=1 hl=2 l= 65 prim: INTEGER
>
:AF4AFBE0CEC3409FD0CB2E8AE8967002EE93C7ED36074E7CBC72D3FA2A21B7176BAAE5A0D4B363C9FE0D0186223F363325A3EF3A5720F240928BA66F741F84D9
> 477:d=1 hl=2 l= 64 prim: INTEGER
> :
>
6C3249D084B4C83DA448A7E58236C7ED64EA0B53FF1A7F2D5CE798B993E01CCEBB697687FFB40697601A813250170892A6C2932CFF92497DAED843715DB3E5C1
> 543:d=1 hl=2 l= 65 prim: INTEGER
>
:F63374004B31D79C5B13BBADB1E4F18784ACE883A74DEDE041E0926838A4D7C2A92D96FAD5A4E4024EF47D562A3614F23E46158036302A5FC00631A80EA468F8
Ok. So we have correct RSA private key.
Best regards,
--
Marek Marcola <[EMAIL PROTECTED]>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
