Uploaded image for project: 'Kudu'
  1. Kudu
  2. KUDU-3207

Standardize RSA private key format

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • None
    • 1.15.0
    • None

    Description

      Currently, Kudu stores RSA private keys in PEM format using PEM_write_bio_RSAPrivateKey(), which doesn't specify the format in which the key is stored. It expects it to be PKCS #1 (BEGIN/END RSA PRIVATE KEY), but it seems there are some OpenSSL versions (CryptoComply) that use PKCS #8 instead (BEGIN/END PRIVATE KEY). CryptoTest.RsaPrivateKeyInputOutputPEM fails due to this, as it compares the private key to an expected string, which is in PKCS #1 format. The read functions are explicitly said to handle any known format, so this shouldn't cause any issues, but it would still be nice to standardize on a single format (probably PKCS #8).

      Attachments

        Activity

          People

            abukor Attila Bukor
            abukor Attila Bukor
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: