Last active
September 6, 2018 16:57
-
-
Save manifest/c027d0fcf14fcc8b646743aa4615a251 to your computer and use it in GitHub Desktop.
Generating elliptic-curve key pair in PKCS8 DER format
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
extern crate env_logger; | |
extern crate failure; | |
#[macro_use] extern crate log; | |
extern crate pem; | |
extern crate yasna; | |
#[macro_use] extern crate quicli; | |
use std::path::PathBuf; | |
use quicli::prelude::*; | |
#[derive(Debug, StructOpt)] | |
struct Args { | |
#[structopt(subcommand)] | |
cmd: Command, | |
#[structopt(flatten)] | |
verbosity: Verbosity, | |
} | |
#[derive(Debug, StructOpt)] | |
enum Command { | |
#[structopt(name = "convert")] | |
/// Converts a key to a specified format | |
Convert { | |
#[structopt(long = "input", short = "i", parse(from_os_str))] | |
/// An input file | |
input: PathBuf, | |
#[structopt(long = "output", short = "o", parse(from_os_str))] | |
/// An output file | |
output: PathBuf, | |
} | |
} | |
main!(|args: Args, log_level: verbosity| { | |
match args.cmd { | |
Command::Convert { input, output } => { | |
use std::fs::File; | |
use std::io::Read; | |
use std::io::Write; | |
let mut regular_pem = String::new(); | |
File::open(input)?.read_to_string(&mut regular_pem)?; | |
let pkcs8_der = parse_pem(regular_pem.as_bytes())?; | |
info!("{:?}", &pkcs8_der); | |
File::create(output)?.write_all(pkcs8_der.as_ref())?; | |
} | |
} | |
}); | |
fn parse_pem(input: &[u8]) -> Result<Vec<u8>> { | |
use failure::SyncFailure; | |
let pem_contents = pem::parse(input).map_err(SyncFailure::new)?.contents; | |
let asn_contents = yasna::parse_der(&pem_contents, |reader| { | |
reader.read_sequence(|reader| { | |
reader.next().read_sequence(|reader| { | |
reader.next().read_oid()?; | |
reader.next().read_oid()?; | |
Ok(()) | |
})?; | |
let bytes = reader.next().read_bitvec()?; | |
return Ok(bytes) | |
}) | |
}).map_err(SyncFailure::new)?; | |
Ok(asn_contents.to_bytes()) | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Generating a private key in traditional PEM and PKCS8 DER formats | |
openssl ecparam -name prime256v1 -genkey -noout -out private_key.pem | |
openssl pkcs8 -in private_key.pem -topk8 -nocrypt -outform DER -out private_key.p8.der | |
## Generating a public key in traditional PEM and PKCS8 DER formats | |
openssl ec -in private_key.pem -pubout -out public_key.pem | |
cargo run -- -vvv convert -i public_key.pem -o public_key.p8.der | |
## Generating a public key in PKCS8 DER formats using 'openssl asn1parse' | |
openssl asn1parse -in public_key.pem | |
0:d=0 hl=2 l= 89 cons: SEQUENCE | |
2:d=1 hl=2 l= 19 cons: SEQUENCE | |
4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey | |
13:d=2 hl=2 l= 8 prim: OBJECT :prime256v1 | |
23:d=1 hl=2 l= 66 prim: BIT STRING | |
openssl asn1parse -in public_key.pem -offset $((23 + 2)) -out public_key.p8.der | |
0:d=0 hl=2 l= 4 prim: EOC |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment