解析加密的私钥key失败

[zhangzhigang12345]

当前有加密的密钥11000000002090000001_SIGN.key文件，当前解析不了，使用gmssl 3.0的代码解，发现直接报错，请问这个是什么原因？谢谢 /usr/local/src/code/gmssl_git_hub/GmSSL-3.1.1/src/pkcs8.c:367:pbes2_algor_from_der(): /usr/local/src/code/gmssl_git_hub/GmSSL-3.1.1/src/pkcs8.c:431:pkcs8_enced_private_key_info_from_der(): /usr/local/src/code/gmssl_git_hub/GmSSL-3.1.1/src/sm2_key.c:628:sm2_private_key_info_decrypt_from_der(): /usr/local/src/code/gmssl_git_hub/GmSSL-3.1.1/src/sm2_key.c:687:sm2_private_key_info_decrypt_from_pem(): ./cus_test_cert_sm2_4_for_clq: load private key failure by sm2_private_key_info_decrypt_from_pem

GmSSL3.1.1用到的解密接口

include <gmssl/sm2.h>

    #include <gmssl/error.h>
    #include <stdio.h>
    #include <errno.h>
    #include <string.h>
    char *prog = argv[0];
    char *srv_ca_sign_key_file_full_name = "11000000002090000001_SIGN_clq.key";
    FILE *srv_keyfp = NULL;
    SM2_KEY srv_sm2_key_2;
if (!(srv_keyfp = fopen(srv_ca_sign_key_file_full_name, "rb"))) { // 打开密钥文件
    fprintf(stderr, "%s: open '%s' failure : %s\n", prog, srv_ca_sign_key_file_full_name, strerror(errno));
    return -1;
}

if (sm2_private_key_info_decrypt_from_pem(&srv_sm2_key_2, "12345678", srv_keyfp) != 1) { // 解密密钥文件
    fprintf(stderr, "%s: load private key failure by sm2_private_key_info_decrypt_from_pem\n", prog);
    return -1;
}

11000000002090000001_SIGN.key如下图：

11000000002090000001_SIGN.key文件内容如下： -----BEGIN ENCRYPTED PRIVATE KEY----- MIGwMBsGCSqGSIb3DQEFAzAOBAhsKeK+cnfdjAICCAAEgZAE5GZMjPQCLLifGK0r ytlpt23Qas1KI6x7qmIP6oeYflCWT0Iv7AqK2cT8YK7s5Yy3j21YiHEG5FCr8Qb+ GMlgQsRGkeU5y0I9zLZrhH9qOVJEuDLckCjMKbFXUEwx5YeBhQKTosB/quA5v9Lp 6SSLtKShYgx/MDJDarcAuj0whmNyTXijDGAMImltuqwsIUg= -----END ENCRYPTED PRIVATE KEY-----

https://the-x.cn/encodings/Asn1.aspx 解析该11000000002090000001_SIGN.key

[emmansun]

目前这个项目的pkcs#8只支持pkcs#5 v2(pbkdf2和pbes2), 不支持老旧的pkcs#5 v1.5(pbeWithMD5AndDES-CBC属于pbes1)。你可以先用诸如openssl先对自己的当前私钥文件转换一下。