proposal: crypto/x509: add support for PBES2 private keys #39241
Labels
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Proposal
Milestone
What version of Go are you using (
go version
)?1.14.3
Does this issue reproduce with the latest release?
Yes.
What operating system and processor architecture are you using (
go env
)?linux/amd64
What did you do?
I generated ECDSA private key with OpenSSL 1.1.1g using
req -newkey
. It asked for a password and encrypted the key. However, it didn't add headers like "Proc-Type" and "DEK-Info". If I decrypt the key using OpenSSL, it is usable for Go TLS, but Go itself cannot decrypt it.https://play.golang.org/p/cU7jBbRIHt9
What did you expect to see?
IsEncryptedPEMBlock: true
key type: *ecdsa.PrivateKey
What did you see instead?
IsEncryptedPEMBlock: false
x509: no DEK-Info header in block
The text was updated successfully, but these errors were encountered: