-
Notifications
You must be signed in to change notification settings - Fork 595
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support reading ECDSA private keys in "openssl ecparam -genkey" output format #332
Comments
This would need support in ring |
I'm not familiar at all with rust, but looking at some examples, it looks as if a parsed ECDSA in principle would be supported? |
I am OK with adding support to ring to parse |
@briansmith, thanks for offering to include this in Ring. Is there a Ring issue I can follow for this? I tried to find one and I couldn't, apologies if my issue-fu wasn't up to scratch. |
The ring PR for this feature is briansmith/ring#1456. |
Running
openssl ecparam -genkey -name prime256v1
gives output like this:The contents of the
-----BEGIN EC PRIVATE KEY-----
block are defined in RFC 5915. The-----BEGIN EC PARAMETERS-----
block just contains the OID of the curve and is redundant with theparameters
field of the ECPrivateKey block.It would be helpful if rustls exposed a function that can parse this. Right now the user has to convert it to PKCS#8 (via
openssl pkcs8 -topk8 -nocrypt
) before rustls can consume it.The text was updated successfully, but these errors were encountered: