Open zhangzhigang12345 opened 4 months ago
当前有加密的密钥11000000002090000001_SIGN.key文件,当前解析不了,使用gmssl 3.0的代码解,发现直接报错,请问这个是什么原因?谢谢 /usr/local/src/code/gmssl_git_hub/GmSSL-3.1.1/src/pkcs8.c:367:pbes2_algor_from_der(): /usr/local/src/code/gmssl_git_hub/GmSSL-3.1.1/src/pkcs8.c:431:pkcs8_enced_private_key_info_from_der(): /usr/local/src/code/gmssl_git_hub/GmSSL-3.1.1/src/sm2_key.c:628:sm2_private_key_info_decrypt_from_der(): /usr/local/src/code/gmssl_git_hub/GmSSL-3.1.1/src/sm2_key.c:687:sm2_private_key_info_decrypt_from_pem(): ./cus_test_cert_sm2_4_for_clq: load private key failure by sm2_private_key_info_decrypt_from_pem
GmSSL3.1.1用到的解密接口
#include <gmssl/error.h> #include <stdio.h> #include <errno.h> #include <string.h> char *prog = argv[0]; char *srv_ca_sign_key_file_full_name = "11000000002090000001_SIGN_clq.key"; FILE *srv_keyfp = NULL; SM2_KEY srv_sm2_key_2; if (!(srv_keyfp = fopen(srv_ca_sign_key_file_full_name, "rb"))) { // 打开密钥文件 fprintf(stderr, "%s: open '%s' failure : %s\n", prog, srv_ca_sign_key_file_full_name, strerror(errno)); return -1; } if (sm2_private_key_info_decrypt_from_pem(&srv_sm2_key_2, "12345678", srv_keyfp) != 1) { // 解密密钥文件 fprintf(stderr, "%s: load private key failure by sm2_private_key_info_decrypt_from_pem\n", prog); return -1; }
11000000002090000001_SIGN.key如下图:
11000000002090000001_SIGN.key文件内容如下: -----BEGIN ENCRYPTED PRIVATE KEY----- MIGwMBsGCSqGSIb3DQEFAzAOBAhsKeK+cnfdjAICCAAEgZAE5GZMjPQCLLifGK0r ytlpt23Qas1KI6x7qmIP6oeYflCWT0Iv7AqK2cT8YK7s5Yy3j21YiHEG5FCr8Qb+ GMlgQsRGkeU5y0I9zLZrhH9qOVJEuDLckCjMKbFXUEwx5YeBhQKTosB/quA5v9Lp 6SSLtKShYgx/MDJDarcAuj0whmNyTXijDGAMImltuqwsIUg= -----END ENCRYPTED PRIVATE KEY-----
https://the-x.cn/encodings/Asn1.aspx 解析该11000000002090000001_SIGN.key
目前这个项目的pkcs#8只支持pkcs#5 v2(pbkdf2和pbes2), 不支持老旧的pkcs#5 v1.5(pbeWithMD5AndDES-CBC属于pbes1)。你可以先用诸如openssl先对自己的当前私钥文件转换一下。
当前有加密的密钥11000000002090000001_SIGN.key文件,当前解析不了,使用gmssl 3.0的代码解,发现直接报错,请问这个是什么原因?谢谢 /usr/local/src/code/gmssl_git_hub/GmSSL-3.1.1/src/pkcs8.c:367:pbes2_algor_from_der(): /usr/local/src/code/gmssl_git_hub/GmSSL-3.1.1/src/pkcs8.c:431:pkcs8_enced_private_key_info_from_der(): /usr/local/src/code/gmssl_git_hub/GmSSL-3.1.1/src/sm2_key.c:628:sm2_private_key_info_decrypt_from_der(): /usr/local/src/code/gmssl_git_hub/GmSSL-3.1.1/src/sm2_key.c:687:sm2_private_key_info_decrypt_from_pem(): ./cus_test_cert_sm2_4_for_clq: load private key failure by sm2_private_key_info_decrypt_from_pem
GmSSL3.1.1用到的解密接口
include <gmssl/sm2.h>
11000000002090000001_SIGN.key如下图:![image](https://github.com/guanzhi/GmSSL/assets/159012717/a4060fde-debe-458e-9d20-b4e411699c99)
11000000002090000001_SIGN.key文件内容如下: -----BEGIN ENCRYPTED PRIVATE KEY----- MIGwMBsGCSqGSIb3DQEFAzAOBAhsKeK+cnfdjAICCAAEgZAE5GZMjPQCLLifGK0r ytlpt23Qas1KI6x7qmIP6oeYflCWT0Iv7AqK2cT8YK7s5Yy3j21YiHEG5FCr8Qb+ GMlgQsRGkeU5y0I9zLZrhH9qOVJEuDLckCjMKbFXUEwx5YeBhQKTosB/quA5v9Lp 6SSLtKShYgx/MDJDarcAuj0whmNyTXijDGAMImltuqwsIUg= -----END ENCRYPTED PRIVATE KEY-----
https://the-x.cn/encodings/Asn1.aspx 解析该11000000002090000001_SIGN.key![image](https://github.com/guanzhi/GmSSL/assets/159012717/ca149e10-3d01-484a-8189-173d8a5a8e83)