Two questions actually. I've been able to read and write most objects using both the PEM bio and i2d/d2i functions. I know I can write an encrypted PKCS8 file with PEM_write_bio_PKCS8PrivateKey().
How do I read encrypted PKCS8 files? I can read unencrypted files with PKCS8_PRIV_KEY_INFO but have been stumped by the encrypted file. Obviously 'openssl pkcs8 ...' can do it but maybe I'm overlooking a source of documentation. Otherwise it's a dive into the source code. Second question - can I parse encrypted PKCS8 files without decrypting it? I know the traditional keys have to be decrypted (and thus parameter-less readers can't use encrypted files) but I thought PKCS8 was a container and it was possible to parse the object without the password. Does this involve X509_SIG? I noticed that the i2d/d2i PKCS8 functions work with X509_SIG objects. Thanks, Bear
_______________________________________________ openssl-users mailing list openssl-users@openssl.org https://mta.opensslfoundation.net/mailman/listinfo/openssl-users
