Re: gnome-keyring Format of private key file

From: Stef Walter <stef-list memberwebs com>
To: Johan Groth <johan groth linux-grotto org uk>
Cc: gnome-keyring-list gnome org
Subject: Re: gnome-keyring Format of private key file
Date: Thu, 03 Dec 2009 20:37:12 -0600

Johan Groth wrote:
> Hi all, I managed to import a certificate (pkcs#12 file with password
> protected private key) with gnome-keyring import command. The files
> where stored in .gnome2/keyrings/ and the private key was stored in a
> separate file. I wonder what format that file is in? The extension
> says pkcs8 but I couldn't read the file with openssl.

Works for me:

$ openssl pkcs8 -inform DER -in \
~/.gnome2/keyrings/55582086079836F01B29F6E16D527E7C680D0EA7.pkcs8
Enter Password:
-----BEGIN RSA PRIVATE KEY-----
...

openssl expects it's input in textual PEM format by default.
gnome-keyring supports that format but doesn't save it like that by
default. When you specify -inform DER openssl understands what's going on.

openssl's 'PEM' format is just the DER encoded with base64 and a header
and footer slapped on it.

Cheers,

Stef

References:
- gnome-keyring Format of private key file
  - From: Johan Groth

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]