Archived Forum Post

Index of archived forum posts

Question:

CkPrivateKey::LoadPkcs8Encrypted() failure in 9.5.0.41

Jul 31 '14 at 09:43

The following code fails in 9.5.0.41, but used to work fine (eg. in 9.5.0.36):

CkPrivateKey key1;
assert (key1.LoadRsaDerFile (“demo512.der”));  // ok, 512 bit rsa DER key loaded 
assert (key1.SavePkcs8EncryptedFile (“secret”, ”demo512.enc”)); // ok, saved an encrypted copy
CkPrivateKey key2;
assert (key2.LoadPkcs8EncryptedFile(“demo512.enc”, “secret”); // assertion fails with 9.5.0.41

The error text says:

algorithm; des
keyLength: 192
outputSize: 22
invalid ASN.1 for unencrypted PKCS8…
Password may be incorrect.
Error_Code: 64

The demo512.enc file created using 9.5.0.41 is too small; only 94 bytes vs 426 bytes when using the 9.5.0.36 library. (The original demo512.der file was 319 bytes.) So it seems :SavePkcs8EncryptedFile is to blame here.

Please take a look at this,

Thanks! /Sune


Answer

Thanks! I'm investigating...


Answer

This is fixed. What build do you need (programming language, operating system, 32-bit/64-bit, etc.)?

PS> Each time a problem is fixed, the test case is added to the internal QA suite, and all tests in the QA suite must pass prior to new version releases.

PS> Also, this error was caused by improvements in keeping private keys encrypted and non-exposed when in memory.


Answer

The fix is available in v9.5.0.43 here: http://www.chilkatsoft.com/downloads_vcpp.asp#downloads