[openssl-users] can I parse PKCS8 file and decrypt it later?
Bear Giles
bgiles at coyotesong.com
Tue Dec 30 21:53:10 UTC 2014
Two questions actually.
I've been able to read and write most objects using both the PEM bio and
i2d/d2i functions. I know I can write an encrypted PKCS8 file
with PEM_write_bio_PKCS8PrivateKey().
How do I read encrypted PKCS8 files? I can read unencrypted files with
PKCS8_PRIV_KEY_INFO but have been stumped by the encrypted file. Obviously
'openssl pkcs8 ...' can do it but maybe I'm overlooking a source of
documentation. Otherwise it's a dive into the source code.
Second question - can I parse encrypted PKCS8 files without decrypting it?
I know the traditional keys have to be decrypted (and thus parameter-less
readers can't use encrypted files) but I thought PKCS8 was a container and
it was possible to parse the object without the password. Does this involve
X509_SIG? I noticed that the i2d/d2i PKCS8 functions work with X509_SIG
objects.
Thanks,
Bear
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.opensslfoundation.net/pipermail/openssl-users/attachments/20141230/65cdd28d/attachment.html>
More information about the openssl-users
mailing list