Comments (2)
Change BEGIN RSA PUBLIC KEY
to BEGIN PUBLIC KEY
and same with the END
.
There are two popular binary formats for RSA public keys: the PKCS1 format that's specifically about for keys, and the SubjectPublicKeyInfo format that can encode other key types such as ECC. Mbed TLS supports both transparently for DER. For PEM, you need to have the correct BEGIN/END descriptor.
This also happens with RSA private keys (PKCS1 vs PKCS8) and ECC private key (SEC1 vs PKCS8). Transparent for DER parsing, but a PEM file needs to have the correct header.
Did some popular tool produce that PEM encoding with a mismatched header? We could make the Mbed TLS parsing code sloppier, I don't think it would be harmful except for making the code messier, but I don't remember this being requested before.
from mbedtls.
Change
BEGIN RSA PUBLIC KEY
toBEGIN PUBLIC KEY
and same with theEND
.There are two popular binary formats for RSA public keys: the PKCS1 format that's specifically about for keys, and the SubjectPublicKeyInfo format that can encode other key types such as ECC. Mbed TLS supports both transparently for DER. For PEM, you need to have the correct BEGIN/END descriptor.
This also happens with RSA private keys (PKCS1 vs PKCS8) and ECC private key (SEC1 vs PKCS8). Transparent for DER parsing, but a PEM file needs to have the correct header.
Did some popular tool produce that PEM encoding with a mismatched header? We could make the Mbed TLS parsing code sloppier, I don't think it would be harmful except for making the code messier, but I don't remember this being requested before.
Sorry for the oversight. I manually edited the key header based on what I saw in the code. After changing it to the standard PEM format, importing it worked fine. Additionally, regarding storing PEM format in an array, are there any special requirements for newline characters like '\r', '\n' or spaces?
from mbedtls.
Related Issues (20)
- Replace `MBEDTLS_MD_CAN_SHA512` with its `PSA_WANT` counterpartart
- Replace `MBEDTLS_MD_CAN_SHA3_*` with its `PSA_WANT` counterpartarts
- Client certificate verify HOT 1
- mbedtls_pk_sign_ext() returned -16000 (-0x3e80) HOT 1
- Do not perform adjustments on legacy crypto from PSA, when MBEDTLS_PSA_CRYPTO_CLIENT && !MBEDTLS_PSA_CRYPTO_C HOT 2
- Can't disable certificate verification with TLSv1.3 HOT 2
- MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET breaks backwards-compatibility? HOT 1
- Clean up psk_list in ssl-opt.sh
- Support the `crypto_config.h` usage in depends.py
- Update the `cipher_id` domain to use PSA macros in `depends.py`
- Update the `cipher_chaining` domain to use PSA macros in `depends.py`
- Update the `curves` domain to use PSA macros in `depends.py`
- Update the `hashes` domain to use PSA macros in `depends.py`
- Update the `pkalgs` domain to use PSA macros in `depends.py`
- Guidance to remove check_config.h inclusion from mbedtls_config.h
- CMake: Dependency scope HOT 3
- Remove hkdf.c HOT 2
- Protect against spurious definitions of derived symbols
- 2.28 only: build broken when `check_config.h` is not included
- Missing include stdlib.h and stdio.h in some platform configurations
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from mbedtls.