-
Notifications
You must be signed in to change notification settings - Fork 4.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow PKI backend to use PKCS#8 format instead of (in addition to?) PKCS#1 for private keys #1978
Comments
The backend supports reading PKCS8, but what exactly is the use-case here? Are you seeing software in the wild that is only able to read PKCS8 but not PKCS1? PKCS8 is only more secure if you're encrypting the data. Vault doesn't generate encrypted PEM blobs (there would be no point, since it'd have to send the password in the same JSON blob over the wire). |
Yes, exactly. We certainly have workarounds (make a call to |
Can I just ask what, so I can file it away into my knowledge-hole? It's good to be aware of this kind of thing. |
Oh, sorry! Didn't mean to be vague. It's, uh, Java. All of it ;) The Java SE API has a |
…and, more specifically, we're working with gRPC, which wants a "private key PEM file," but it turns out that under the hood, it'll only work with PKCS#8 keys. I emphasize again that we have workarounds and gRPC's internals are definitely not your problem, but offer it for context. |
I don't think gRPC is the problem here; more likely that you're using gRPC on Java. gRPC tends to use language-specific methods of acquiring certs and other information. Good on Java for ignoring widely-supported standards in favor of something random. |
FWIW, you don't even need to use openssl to convert. You literally just need to do a string replacement on the PEM header. |
With respect, I'm not sure if that's true in the general case. To test, I generated a private key with
Trying to read it as a PKCS8 file doesn't work right off the bat, as expected:
Then I replaced
So there's definitely something structural about the content that's different. If we ask OpenSSL to convert to a PKCS8 private key, everything is fine:
Taking it one step further, if we run the two private keys through an ASN.1 decoder, we see that the PKCS1 data looks like this:
…while the PKCS8 data looks like this:
So it's the same key, but nested deeper inside a more complicated data structure. There may be tools smart enough to infer the format of a key, but it looks like OpenSSL isn't one of them. |
Yeah, I misspoke, I forgot that it's a different function call in the Go libraries. |
Missing PKCS8 support makes it really painful to work with Vault keys on the Java platform. Looks like a |
Closing as Vault has supported this for four months now (see #3518) |
Unless I'm missing something (which is very possible!), it seems like the PKI backend is always going to send private keys to clients as PEM-encoded PKCS#1 (or "traditional format") files. It seems that PKCS#8 is actually the hip new thing. OpenSSL's docs recommend using PKCS#8 instead of PKCS#1:
Additionally, Java (and probably others?) includes support for PKCS#8-encoded keys, but not PKCS#1. I'd like to request a feature where the PKI backend can return PEM-encoded PKCS#8 private keys in addition to or instead of PEM-encoded PKCS#1 keys.
Some additional background for readers who may not already be knee-deep in this stuff: we'd still be using the same key, it'd just be formatted a little differently. PEM-encoded PKCS#1 keys begin with
-----BEGIN RSA PRIVATE KEY-----
, while PEM-encoded PKCS#8 keys begin with-----BEGIN PRIVATE KEY-----
.Thanks!
The text was updated successfully, but these errors were encountered: