[openssl-dev] OpenSSL and certain PEM formats
Sean Leonard
dev+openssl at seantek.com
Thu Dec 18 06:48:23 UTC 2014
On 12/17/2014 11:04 AM, Salz, Rich wrote:
> Probably also worth documenting the legacy "RSA PRIVATE KEY" defined by openssl and used mainly in legacy pre-pkcs8 support
There is a paragraph on "algorithm agility"; the legacy labels (like RSA
PRIVATE KEY) are not mentioned because for interchange, PKCS #8 is
perfectly reasonable and is algorithm-agile.
IIRC, there are some implementations out there (by that I mean certain
well-known certification authorities that I will not name) that
specifically look for "RSA PRIVATE KEY", and measure key strength by
looking at the length of the blob. This method prevents other algorithms
(e.g., ECC) from being used, and when other algorithms (e.g., ECC) are
used, the key gets rejected for no other reason than because the key
appears to be too "small" and therefore weak.
Sean
More information about the openssl-dev
mailing list