Skip Menu |

This queue is for tickets about the Convert-PEM CPAN distribution.

Report information
The Basics
Id: 79927
Status: new
Priority: 0/
Queue: Convert-PEM

Owner: Nobody in particular
Requestors: tlhackque [...]

Bug Information
Severity: Important
Broken in: 0.08
Fixed in: (no value)

Subject: Needs more encryption algorithm support
Download (untitled) / with headers
text/plain 1.4k
I was hoping to use Convert::PEM with openSSL's RSA private key files. (Specifically to decrypt/extract a key to pass to utilities like Crypt::SMIME, which requires decrypted PEM.) Works fine with DES3, but not the increasingly-used modern encryption algorithms. It looks like the %CTYPES hash only has one entry - for DES-EDE3-CBC. Simply adding an entry for, e.g. AES-256-CBC => Crypt::OpenSSL::AES isn't sufficient; decryption fails with "bad password". I noticed that the initialization vector is longer, so perhaps the md5 hash of the password has changed. I couldn't find documentation for what openSSL is doing, and my (usually lucky) guesses didn't work out. So, this is a request that you add support for current ciphers. as of today, openssl rsa xx includes: -des, -des3, -seed, -aes{128,192,256}, -camellia{128,192,256} Only des3 appears to be supported by Convert::PEM To generate test data, openssl genrsa -<encryption> will produce a suitable file, where the choices are listed above. To verify correct decryption, compare your output to openssl rsa -in <file> -out <file>. By default, this will decrypt. Also, a minor request: It would be nice to have a method to return the header information from the PEM file. (Specifically, the block type from the header and encryption type.) Currently, I parse the file to find these, so I can look up the correct Name and ASN. But Convert::PEM already knows how to parse the file & headers... Thanks for your consideration.

This service is sponsored and maintained by Best Practical Solutions and runs on infrastructure.

Please report any issues with to