[openssl-users] Creating PKCS#8 from pvk format

zhongju li zhongju_li at yahoo.com
Wed Dec 5 03:05:21 UTC 2018

 Hi Wim,Thank you for your quick response.1. Yes. I called EVP_PKEY_new() before calling EVP_PKEY_assign_RSA(pEvpkey, rsa);
2. For your second quetion: no. I have not checked there is anything in the openssl error stack. 
I will check the openssl error stack.
3. (1). If it works, is EVP_PKEY_assign_RSA(pEvpkey, rsa) the correct function to call to get pEvpkey (EVP_PKEY) from a rsa private key?Is there any other alternative function to get pEvpkey (EVP_PKEY) from a rsa private key?(2), Once getting pEvpkey, can I call the following functions to get PKC#8 der format:(a). PKCS8_PRIV_KEY_INFO *p8 = EVP_PKEY2PKCS8(pEvpkey); 
(b). int der_len = i2d_PKCS8_PRIV_KEY_INFO(p8, &der);

Do you expect the above function call work? If not, what are the correct way to get pkcs#8 der  from pvk format?
Thank you
    On Tuesday, December 4, 2018, 7:40:19 PM EST, Wim Lewis <wiml at omnigroup.com> wrote:  
On 4. des. 2018, at 4:00 e.h., zhongju li via openssl-users <openssl-users at openssl.org> wrote:
> Now I need to convert the key in RSA format to EVP_PKEY, then to PKCS#8. I have tried the following functions, all of these functions return 0 (failure) without any further debugging information/clues:
> EVP_PKEY_assign_RSA(pEvpkey, rsa);

Is it possible that pEvpkey or rsa is NULL? (You need to create a EVP_PKEY with EVP_PKEY_new() before putting a specific key into it.)

Otherwise, have you checked whether there is anything in the openssl error stack (using ERR_get_error(), ERR_print_errors_fp(), or similar)?

> I did google searching, but have not figured out why the about functions failed (one posting mentions “export version” vs. domestic version??).

There used to be different versions because of US export laws but I don't think that has been the case for many years.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20181205/d0e36408/attachment-0001.html>

More information about the openssl-users mailing list