Have you tried exporting with PK11_ExportDERPrivateKeyInfo? That's what WebCrypto uses to export keys in PKCSD#8 format: <http://dxr.mozilla.org/mozilla-central/source/dom/crypto/CryptoKey.cpp?#333>
On Jul 13, 2014, at 10:48 PM, Chuck Lee <chu...@mozilla.com> wrote: > Hi all, > I am now working on supporting PKCS#12 format key on Firefox OS's Wifi > module [1]. > Because current PSM/NSS API doesn't fit the requirement of UX(assigning > nickname of imported certificates) and gonk(wpa_supplicant needs to read > private key in RSA format), I have to do some hack to NSS API and implement > the function on my own. > > Now I can import PKCS#12 format correctly, as described in bug comment, > but can't export the private key in the format wpa_supplicant requires - I > can only get encrypted private key PKCS#8 format(by > PK11_ExportEncryptedPrivKeyInfo), but can't in RSA format(by > PK11_ExportPrivKey, it said lack of some attributes like private exponent) > And I fount that, by using openssl, that I can get expected RSA private > key by decrypting the PKCS#8 private key. > I tried to decrypte it by PK11_Decrypt() but it doesn't work so far. > > So I like to ask how to decrypt a PKCS#8 private key by NSS API? > Or is there anther way to get private key in RSA format from NSS? > > Thanks. > > [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1012549 > -- > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
