PKCS #8 defines a standard syntax for storing private key information. PKCS #8 is one of the family of standards called Public-Key Cryptography Standards (PKCS) published by RSA Laboratories.
Questions tagged [pkcs8]
10 questions
19
votes
3 answers
Converting ECC Private key to PKCS#1 format
Is there any way to convert an ECC private key to RSA PKCS#1 format?
I have tried converting it to PKCS#8 first using OpenSSL:
openssl pkcs8 -topk8 -nocrypt -in EC_key.pem -out pkcs8_key.pem
This results in a pem file that is in (what i am…
Sid Said
- 193
- 1
- 1
- 5
3
votes
1 answer
Extract the content of PKCS7 file in Java
I have a PKCS#7 signature that have the content‐type signed data and it embeds an XML document, and I have to extract the xml document from this PKCS7 file.
Anyone know how to do that in java ??
Hakim
- 619
- 3
- 9
- 14
3
votes
6 answers
Good way to protect lots of private keys
I'm working on a software which deals with lots (several millions) of RSA private keys. Keysize is 2048, I'm going to store them in database in PEM format.
I want keys to be encrypted to mitigate risks of hostile access to database. Naturally,…
Serhii Yakovenko
- 131
- 1
2
votes
1 answer
OpenSSL encrypt DER format private key
When converting a password-protected PEM/PKCS1-encoded private key to DER format one is not able to encrypt the key, OpenSSL automagically asks for the password and writes the plain-text key in the output file.
However, I understand that…
Rob
- 131
- 4
1
vote
1 answer
What does the EC Private key version field mean?
I have read the question Converting ECC Private key to PKCS#1 format. And I understood that the value of the version field of the traditional EC private key is 01.
We can use the command openssl pkcs8 -topk8 -nocrypt to convert the traditional key…
Asif
- 11
- 1
- 2
1
vote
1 answer
How to encode a public key in PKCS#8?
RFC5958 defines a set of enhancements to the PKCS#8 key serialization format, bumping the version field up to 1 and additionally permitting serialization of public keys for arbitrary asymmetric cryptographic algorithms.
OneAsymmetricKey ::= SEQUENCE…
JamesTheAwesomeDude
- 581
- 4
- 15
1
vote
0 answers
Root CA key generation compliant with WebTrust and HSM independent
I'm trying to figure out how to generate private key for the Root CA according the principles of WebTrust.
One additional requirement I have that the generate private key should be then imported to any HSM, independent of the vendor.
I have never…
user1563721
- 1,099
- 11
- 22
1
vote
1 answer
What password based key derivation does PKCS #12 use?
I would like to make a note that I have read all of rfc 7292.
I am trying to decrypt encrypted private key in a pkcs#12 pfx file.
The private key is enveloped within pkcs#8 shrouded key bag.
The OID preceding encrypted private key represented as…
user45979
- 11
- 2
0
votes
0 answers
Is it possible to check private key syntax using openssl?
I have a DER-serialized private key. The tool I have to provide the key to gives me algid parse error, not a sequence, and it looks like the problem is that the key is not PKCS#8.
The command that the most popular comment to the answer suggests,…
gicig
- 101
0
votes
0 answers
Specification of AES-based PKCS#5 Password-Based Encryption (PBE)
recently I had a look at the capabilities of the Java keytool to create PKCS#12 containers with a protected private key. According to the standard a private key is protected using a PKCS#8 shrouded key bag applying a PKCS#5 password-based…
moritz1895
- 3
- 2