> [aleksander.adamow...@olo.org.pl - Thu Jul 23 14:45:58 2009]:
>
> When reading the manual page of the RSA utility ("man rsa"), one
> cannot easily determine whether the output will be in PKCS#1 or PKCS#8
> format and whether that format depends on other options. The only
> thing that is specified is the DER/PEM encoding of the output, which
> is not a format per se.
>
> It should be stated clearly, whether the output is in PKCS#1 or PKCS#8
> format
>
> On a similar note, the man page for the pkcs8 utility states that
> depending on option values, the input and output formats may be PKCS#8
> or in the traditional format - this should be clarified, what
> "traditional" format is - is it PKCS#1?
>
I agree this could be made a little clearer. The "traditional" format is
mentioned in a few places and is the old SSLeay format, see for example
the -inform option of the rsa utility.
In OpenSSL before 1.0 the output format is that "traditional" form for
private keys and SubjectPublicKeyInfo for public keys. In 1.0 and later
private keys are encrypted using the more standard PKCS#8 format.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
