GNOME Bugzilla – Bug 672137
Research: ASN.1 definitions for ECDSA
Last modified: 2021-06-18 10:40:31 UTC
Research the ASN.1 definitions for ECDSA public and private keys. In particular we want the ASN.1 definitions for: * ECDSA as used in openssh private keys. * ECDSA as used in the subjectPublicKeyInfo of X.509 certificates. These definitions would need to be added to egg/pkix.asn in gnome-keyring.
Created attachment 268612 [details] [review] Changes to pkix.asn and regenerated .asn.h files
Does this help? It appears that openssh uses PKCS #8 for private keys. RFC 5915 describes the ASN.1 for ECDSA in PKCS #8. A mix of RFC 5480 and RFC 5758 appears to cover the ECDSA PKIX structures/types.
Created attachment 274738 [details] [review] asn1: Added updates to ASN.1 from RFCs 5480 & 5758 & 5915 Signed-off-by: Stef Walter <stefw@gnome.org> * Fixed conflicts and combined into one commit * Moved to pk.asn since it's EXPLICIT tags by default
Comment on attachment 274738 [details] [review] asn1: Added updates to ASN.1 from RFCs 5480 & 5758 & 5915 Attachment 274738 [details] pushed as 81ede79 - asn1: Added updates to ASN.1 from RFCs 5480 & 5758 & 5915 Pushed to gcr initially.
GNOME is going to shut down bugzilla.gnome.org in favor of gitlab.gnome.org. As part of that, we are mass-closing older open tickets in bugzilla.gnome.org which have not seen updates for a longer time (resources are unfortunately quite limited so not every ticket can get handled). If you can still reproduce the situation described in this ticket in a recent and supported software version, then please follow https://wiki.gnome.org/GettingInTouch/BugReportingGuidelines and create a new ticket at https://gitlab.gnome.org/GNOME/gnome-keyring/-/issues/ Thank you for your understanding and your help.