enable pkcs#8 encrypted RSA keys (supported by the latest libtomcrypt)
Karel Miko
5 years ago
127 | 127 |
elsif ($data =~ /-----BEGIN PRIVATE KEY-----(.*?)-----END/sg) {
|
128 | 128 |
# PKCS#8 PrivateKeyInfo (PEM header: BEGIN PRIVATE KEY)
|
129 | 129 |
$data = pem_to_der($data, $password);
|
130 | |
return $self->_import_pkcs8($data, $password) if $data;
|
|
130 |
return $self->_import_pkcs8($data, $password);
|
131 | 131 |
}
|
132 | 132 |
elsif ($data =~ /-----BEGIN ENCRYPTED PRIVATE KEY-----(.*?)-----END/sg) {
|
133 | |
# XXX-TODO: PKCS#8 EncryptedPrivateKeyInfo (PEM header: BEGIN ENCRYPTED PRIVATE KEY)
|
134 | |
croak "FATAL: encrypted pkcs8 RSA private keys are not supported";
|
|
133 |
# PKCS#8 PrivateKeyInfo (PEM header: BEGIN ENCRYPTED PRIVATE KEY)
|
|
134 |
$data = pem_to_der($data, $password);
|
|
135 |
return $self->_import_pkcs8($data, $password);
|
135 | 136 |
}
|
136 | 137 |
elsif ($data =~ /^\s*(\{.*?\})\s*$/s) {
|
137 | 138 |
# JSON Web Key (JWK) - http://tools.ietf.org/html/draft-ietf-jose-json-web-key
|
|
417 | 418 |
fyoy4t3yHT+/nw==
|
418 | 419 |
-----END PRIVATE KEY-----
|
419 | 420 |
|
420 | |
=item * PKCS#8 encrypted private keys ARE NOT SUPPORTED YET!
|
|
421 |
=item * PKCS#8 encrypted private keys - password protected keys (supported since: CryptX-0.062)
|
421 | 422 |
|
422 | 423 |
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
423 | 424 |
MIICojAcBgoqhkiG9w0BDAEDMA4ECCQk+Rr1yzzcAgIIAASCAoD/mgpUFjxxM/Ty
|
0 | 0 |
use strict;
|
1 | 1 |
use warnings;
|
2 | |
use Test::More tests => 12;
|
|
2 |
use Test::More tests => 14;
|
3 | 3 |
|
4 | 4 |
use Crypt::PK::RSA;
|
5 | 5 |
use Crypt::PK::ECC;
|
|
35 | 35 |
ok($rsa->is_private, "RSA is_private $f");
|
36 | 36 |
}
|
37 | 37 |
|
38 | |
### XXX-FIXME password protected pkcs8 private keys are not supported
|
39 | |
### for my $f (qw/pkcs8.rsa-priv-pass.der pkcs8.rsa-priv-pass.pem/) {
|
40 | |
### $rsa->import_key("t/data/$f", "secret");
|
41 | |
### ok($rsa->is_private, "RSA is_private $f");
|
42 | |
### }
|
|
38 |
for my $f (qw/pkcs8.rsa-priv-pass.der pkcs8.rsa-priv-pass.pem/) {
|
|
39 |
$rsa->import_key("t/data/$f", "secret");
|
|
40 |
ok($rsa->is_private, "RSA is_private $f");
|
|
41 |
}
|
43 | 42 |
|
44 | 43 |
for my $f (qw/pkcs8.ec-short-priv-nopass.der pkcs8.ec-short-priv-nopass.pem pkcs8.ec-priv-nopass.der pkcs8.ec-priv-nopass.pem/) {
|
45 | 44 |
$ec->import_key("t/data/$f");
|