[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: [iaik-jce] IAIK => OpenSSL



Hello,

class SSLeayPrivateKey is able to read private keys encoded in special
SSLeay format. This is because of being interoperable with keys generate by
SSLeay. However, we do not support the reverse way of encoding private keys
in special SSLeay format because newer OpenSSL versions sould also be able
to handle standard PKCS#8.

Regards,
Dieter Bratko

-----Ursprüngliche Nachricht-----
Von: iaik-jce-owner@iaik.tu-graz.ac.at
[mailto:iaik-jce-owner@iaik.tu-graz.ac.at]Im Auftrag von Tobias Demuth
Gesendet: Freitag, 18. August 2000 15:10
An: iaik-jce@iaik.tu-graz.ac.at
Betreff: [iaik-jce] IAIK => OpenSSL



hello,

we're about to create certificates with an
(iaik enabled:) java application.

these certs should be used by an netssleay/openssl
PERL application, too.

following the "openssl" diskussion here,
the problem seems to be, that openssl
did an implementation bug in the underlying ASN.1 structure.

we found the class "SSLeayPrivateKey" to read
openssl-generated privatekeys.
(the class seems to transform the corrupted asn.1 struct)

but we cannot find the "other direction", as
Util.toPemString(PrivateKey) generates
"correct" RSA PrivateKeys
(not SSLeay Private Keys)

has anyone an idea, how (the missing) ASN.1 tranformation works ?
(or is it just easier to
 export it via pkcs12 and transform it via native openssl
 to cert.pem and key.pem
 (as some guys forgot to implement pkcs12-features
  in the netssleay-perl interface above openssl ...:-(
)



thanks for some ASN.1 transformation hints.


(what a friday noon ... :-)


greetings.


Tobias Demuth
com.in.to GmbH
Klosterstr. 49
D-40211 Düsseldorf
eMail: demuth@cominto.de
Tel:  +49 211 / 6000 166 -77
Fax:  +49 211 / 6000 166 -89



--
Mailinglist-archive at
http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content:
UNSUBSCRIBE iaik-jce




smime.p7s