0

I have a DER-serialized private key. The tool I have to provide the key to gives me algid parse error, not a sequence, and it looks like the problem is that the key is not PKCS#8.

The command that the most popular comment to the answer suggests, worked for me - I got a PKCS#8 key and the tool accepts it.

Now I am curious how can I find out whether the key is PKCS#1, PKCS#8 or something else?

gicig
  • 101
  • You can check the ASN.1 structure of the file. `openssl asn1parse -inform der -in ` Alternatively a nice ANS.1 parser is https://lapo.it/asn1js Although it is a web site it parses the file locally using JavaScript (no transmission of the data to the server or somewhere else). – Robert Jun 17 '22 at 12:20
  • What should I look for in the output of that command? – gicig Jun 17 '22 at 14:35
  • You can compare the structure before and after conversion to pkcs#8. On other option would be to test `file` command. Or you could post the first part of the ASN.1 structure. Remove the content of bitstrings and numbers and some people here will still be able to tell you what file it is. – Robert Jun 17 '22 at 14:42
  • Ok, but I was thinking about having openssl tell me which syntax the file is. Not that I have to first try to convert the file and than compare those 2 versions – gicig Jun 17 '22 at 15:00
  • Unfortunately openssl and user friendly/simple are mutually exclusive to my experience. And I don't know a tool that could identify crypto ASN.1 data files, so I can only recommend to use the community as "detector". – Robert Jun 17 '22 at 17:15

0 Answers0