Skip to content

Support decrypting PKCS1 keys #4

New issue
New issue
Open
Open
Support decrypting PKCS1 keys#4
Labels
enhancementNew feature or request
@jadamcrain

Description

@jadamcrain
jadamcrain
opened on Mar 3, 2024

We're decrypting the pkcs8 keys using a crate designed to only handle pkcs8:

https://crates.io/crates/pkcs8

I don't see anything in the Rust ecosystem that can decrypt pkcs1 "out of the box". That said, the PEM file parser we're using can parse and expose the headers in the encrypted pcks1 PEM section....

Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,C335117F818B9FB719C75798A9063CDB

...which declares the content as encrypted and tells you the algorithm and initialization vector.

To implement it, we'd have to do our own password -> key derivation using those cryptographic primitives and support a number of common algorithms (e.g. AES-128-CBC).

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions