1

I have read the question Converting ECC Private key to PKCS#1 format. And I understood that the value of the version field of the traditional EC private key is 01.

We can use the command openssl pkcs8 -topk8 -nocrypt to convert the traditional key to unencrypted) PKCS#8 format. Once the key is converted the version field of the converted key is 00.

What is the meaning of these version field? If I see a version field value as 01, Does that confirm the key is not in PKCS#8 format?

Community
  • 1
Asif
  • 11
  • 1
  • 2
  • public static PrivateKey generatePrivate(String privateKeyPEM){ java.util.Base64.Decoder decoder = java.util.Base64.getDecoder(); byte [] decodedBytes = decoder.decode(privKeyPEM); KeySpec keySpec = new PKCS8EncodedKeySpec(decodedBytes); KeyFactory kf = KeyFactory.getInstance("EC","BC"); return kf.generatePrivate(keySpec); } – Asif Jun 04 '15 at 16:09

1 Answers1

1

You might be misinterpreting the message you link to.

The private key is represented as a structure that comes from SEC and includes a "version field" which always has value "1".

When the private key is encoded in PKCS#8, then the previous structure is "wrapped": PKCS#8 includes some identifier of the used algorithm ("this is an EC key") and an OCTET STRING that contains the whole of the private key structure as specified above, including the version field with the value "1".

The PKCS#8 wrapper also has a "version" field, normally with value "0". So, in PKCS#8, you get both.

When there is a "version" field, this is a mechanism to potentially support other layouts -- when such things are defined. Right now, no other layout is defined, so all you can do with another value is to make the object undecodable by some software.

Tom Leek
  • 168,808
  • 28
  • 337
  • 475
  • I am using Bouncycastle to generatePrivate, which throws InvalidKeySpecException if I pass the private key (with version 1), once the key is PKCS#8 wrapped (version 0) then Bouncycasle is able to generate the private key. Some where in the code Bouncycastle checks for version to be 0 for the PrivateKeyInfo. How should I interpret this? – Asif Jun 04 '15 at 16:13
  • The problem is not one of version. The problem is that BouncyCastle expects the private key as a PKCS#8 object. If what you provide is not a proper PKCS#8 object, then you get an exception. – Tom Leek Jun 04 '15 at 17:32
  • Understood. So is there a way that I can confirm that the private key stored in PEM is a proper PKCS#8 formatted key. Can I use openssl asn1parse -i -in mykep.pem and look into the version, if the version is not '0' does that confirm it is not a proper PKCS#8 formatted private key. During experiments I have observed that the version of the proper PKCS#8 wrapped private key always shown version 0. Is there a way to confirm this? – Asif Jun 04 '15 at 18:38
  • Use: `openssl pkcs8 -nocrypt -in mykep.pem` This will try to read the file as a PKCS#8 file. If it works, then it is a PKCS#8 file. – Tom Leek Jun 04 '15 at 18:56