-
Notifications
You must be signed in to change notification settings - Fork 595
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Loading ECC PKCS8 keys generated by go #245
Comments
Please generate a dummy PKCS#8 key from Go that fails to parse in Rustls and post the PEM here. |
Also, read the documentation here at https://briansmith.org/rustdoc/ring/signature/struct.EcdsaKeyPair.html#method.from_pkcs8 and see if that narrows down the issue. For example, does the PKCS#8 document contain the public key? Is it using named curve AlgorithmIdentifiers or the other kind? |
-----BEGIN EC PRIVATE KEY----- |
"EC PRIVATE KEY" introduces a SEC1-style private key (its the encoding You can convert these to PKCS#8 with |
Ah, thank you! |
We have been having lots of problems and have been unable to get ECC to work. First off the PEM lines are subtly different: go includes EC PRIVATE KEY, but rustls expects only PRIVATE KEY. I don't think it pays to be pedantic about that. But after changing that by hand we get errors about the private key being invalid due to ASN.1 issues. I'm not sure which part actually has the bug between go and this project but I am not an ASN.1 expert enough to figure that out.
The text was updated successfully, but these errors were encountered: