You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
signing error: parse PKCS1 private key: x509: failed to parse private key (use ParsePKCS8PrivateKey instead for this key format)
this issue can be solved by manually converting the key to required PKCS1 format: openssl -in key.pkcs8 -out key.pkcs1 -traditional, but still, I believe the default can be changed.
I'll make a PR in case of successful time allocation, which is non-deterministic :/
Also, I'd like to mention that apk-tools developers are currently cooking some completely new binary format for their packages, with sha512 signatures and the like (apk v3, the current one is apk v2), so this will require more work in the future
Call correct parsing function for given RSA key depending on its PEM
header. So we can use both PKCS1 and PKCS8 keys to sign APK files.
Fixesgoreleaser#799
* support PKCS8 keys for APK signing
Call correct parsing function for given RSA key depending on its PEM
header. So we can use both PKCS1 and PKCS8 keys to sign APK files.
Fixes#799
* fix golangci-lint warnings
What happened?
Hello. I'm trying to sign an apk package with key generated by
abuild-keygen
, which is a standard tool for alpine linux distribution.It fails with the following message:
How can we reproduce this?
$ abuild-keygen -a -i
, it'll be saved to~/.abuild
and/etc/apk/keys
nfpm.yaml
(the exact key name will indeed be different):expected result: apk successfully generated
actual result: the aforementioned message
this issue can be solved by manually converting the key to required PKCS1 format:
openssl -in key.pkcs8 -out key.pkcs1 -traditional
, but still, I believe the default can be changed.nfpm version
Search
Code of Conduct
Additional context
openssl version, just in case:
Also, I verified that the key generated by
abuild-keygen
is indeed a PEM-encoded RSA-4096 private key.abuild-keygen version:
abuild-keygen 3.12.0-r4
The text was updated successfully, but these errors were encountered: