search

status-im / nim-chronos

Chronos - An efficient library for asynchronous programming
https://status-im.github.io/nim-chronos/docs/chronos
Apache License 2.0
353 stars 51 forks source link

Private key parsing fails with zerossl header #317

Open Menduist opened 1 year ago

Menduist commented 1 year ago

zerossl provides files like this:

-----BEGIN RSA PRIVATE KEY-----
[the private key]
-----END RSA PRIVATE KEY-----

But at parsing, we only support BEGIN PRIVATE KEY: https://github.com/status-im/nim-chronos/blob/9df76c39df254c7ff0cec6dec5c9f345f2819c91/chronos/streams/tlsstream.nim#L698

cheatfate commented 1 year ago

This is not some parsing error, chronos do not have support for PKCS#1 PEM format.

Menduist commented 1 year ago

Weird, by just replacing with "PRIVATE KEY" in the key file it seemed to work

cheatfate commented 1 year ago

Its not that simple, when you put BEGIN PRIVATE KEY it means that binary representation could have RSA or EC-NIST private key inside. It is part of PKCS#8 standard and type of key is encoded in binary form. While BEGIN RSA PRIVATE KEY could/should have just simple binary encoded RSA private key.

cheatfate commented 1 year ago

Also there is such usage as BEGIN EC PRIVATE KEY...