Yes, but it doesn't work because it also calls PK11_ExportPrivKeyInfo() to get the RSA private key info.
Now I am trying to decrypt key exported by PK11_ExportEncryptedPrivKeyInfo() with method SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4 directly, which seems to be the most simple method to decrypt.
於 2014/7/16 上午 01:59, Richard Barnes 提到:
Have you tried exporting with PK11_ExportDERPrivateKeyInfo? That's what WebCrypto uses to export keys in PKCSD#8 format: <http://dxr.mozilla.org/mozilla-central/source/dom/crypto/CryptoKey.cpp?#333> On Jul 13, 2014, at 10:48 PM, Chuck Lee <chu...@mozilla.com> wrote:Hi all, I am now working on supporting PKCS#12 format key on Firefox OS's Wifi module [1]. Because current PSM/NSS API doesn't fit the requirement of UX(assigning nickname of imported certificates) and gonk(wpa_supplicant needs to read private key in RSA format), I have to do some hack to NSS API and implement the function on my own. Now I can import PKCS#12 format correctly, as described in bug comment, but can't export the private key in the format wpa_supplicant requires - I can only get encrypted private key PKCS#8 format(by PK11_ExportEncryptedPrivKeyInfo), but can't in RSA format(by PK11_ExportPrivKey, it said lack of some attributes like private exponent) And I fount that, by using openssl, that I can get expected RSA private key by decrypting the PKCS#8 private key. I tried to decrypte it by PK11_Decrypt() but it doesn't work so far. So I like to ask how to decrypt a PKCS#8 private key by NSS API? Or is there anther way to get private key in RSA format from NSS? Thanks. [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1012549 -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
