-
Notifications
You must be signed in to change notification settings - Fork 122
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pkcs8: DER file decryption failure migrating from 0.7.6
to latest
#1221
Comments
0.7.6
0.7.6
to latest
0.7.6
to latest0.7.6
to latest
Where did you get the original key in I'm unable to decrypt it with OpenSSL, for example:
|
The original |
I'm not entirely sure what's happening, but if you can't get OpenSSL to decrypt the key, it's in some way malformed |
@tarcieri this is the code block responsible for encoding/encrypting for |
All of the test vectors in the The To really figure out what's happening I'd need to see the decryption of If you can create a minimal reproduction that uses the |
I'm a colleague of @mkatychev debugging this same issue. I have a repo here: https://github.com/knox-networks/pkcs8-error-example that reproduces the failure to decrypt an ed25519 secret key generated with The README has run instructions, and references the code in
Note that the |
That's actually the expected PKCS#8 encoding for an Ed25519 key per RFC8410 Section 7 Here's a decoded version of this example from the RFC:
https://lapo.it/asn1js/#MC4CAQAwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp-K06_nwoy_HU--CXqI9EdVhC
As you can see, the encoding is (perhaps somewhat bizarrely) a nested OCTET STRING, always 34-bytes long, and always containing the leading bytes The For that, you can use the PKCS#8 support in the https://docs.rs/ed25519/latest/ed25519/pkcs8/struct.KeypairBytes.html This handles decoding/encoding that nested Or failing that, just strip the |
It looks like if I generate a secret key with the above-mentioned I'm still having trouble using openssl to generate and read in a valid public key. E.g. if I have a pkcs8
this yields, when the password is input, output like:
which appears to be a base64-encoded public key. However when I try to decode the bytes of this key and use it with our ed25519 rust types, it fails. I wonder if I'm using the wrong set of |
Take a look at the example here: https://github.com/RustCrypto/signatures/blob/fb866b4/ed25519/tests/pkcs8.rs#L50-L60 You need to use this type: https://docs.rs/ed25519/latest/ed25519/pkcs8/struct.PublicKeyBytes.html use ed25519::pkcs8::{DecodePublicKey, PublicKeyBytes};
const PUBLIC_KEY_PEM: &str = "-----BEGIN PUBLIC KEY-----\n\
MCowBQYDK2VwAyEAt9M7XBE/Pdk1laYgyZbsrUy8hjGv2zHvNE8YMlJQs8o=\n\
-----END PUBLIC KEY-----";
fn main() {
let pk = PublicKeyBytes::from_public_key_pem(PUBLIC_KEY_PEM).unwrap();
dbg!(pk);
}
|
Also all of this seems to be working as intended, so closing this issue |
Hello, after upgrading my pkcs8 version from
0.7.6
to0.10.2
, I get an error about DER metadata whenstoring a pkcs5 wrapped pkcs8 document:
I have created a repo with the issue reproduced:
https://github.com/mkatychev/pkcs_8_breaking_example
cargo run --example
can be used to regen the der file and reproduce successful decryption witk pkcs80.7
and the error that is shown with0.10
:Running
openssl asn1parse
produces an identical schema for both:This is the decryption pattern used in the old
0.7
withoutSecretDocument
:And this is the new one that produces the
CONTEXT-SPECIFIC
tag error:Inlining the
decrypt_key
example produces this panic suggestingsecret.decode_msg()
is the source of the incompatibility:Any advice on how to allow the new
SecretDocument
would be greatly appreciatedThe text was updated successfully, but these errors were encountered: