On 8/17/2021 9:47 PM, Sands, Daniel via openssl-users wrote:
The dump you show below is:
Attributes (set, tagged with a 0, optional)
Version
privateKeyAlgorithm
privateKey
This is a PKCS#8 packet for a key. The encapsulated data is the RSA public key
in PKCS1 format. I know OpenSSL has built-in PKCS#8 capability, though I do
note that the optional attribute set is out of sequence.
Either way, you could look at the PKCS8 source code and simply move the
attribute to the beginning and otherwise duplicate the ASN1 parts and structure
there, even if OpenSSL fails to parse this not-quite-spec packet.
For the record, it was an inconsistency - ASN1_SIMPLE requires a pointer,
ASN1_EMBED does not.
I used the example in x_x509.c, which uses EMBED, but I could not find the
corresponding typedef.
(I have no opportunity to change the input. It comes from a standard HSM.)
