On Wed, Nov 17, 2021 at 10:37:01PM -0500, Felipe Gasper wrote: > It came from my own (very incomplete) crypto implementation. > (https://github.com/FGasper/p5-Crypt-Perl) It looks like I just had > the wrong idea about EC public keys back-when. > > Funny thing is that the “EC PUBLIC KEY” that I was outputting is the > same structure as a normal SPKI ECC public key; I just had the wrong > header (and, when parsing, thought there were 2 formats to check for). OpenSSL source in include/openssl/pem.h contains: # define PEM_STRING_X509_OLD "X509 CERTIFICATE" # define PEM_STRING_X509 "CERTIFICATE" # define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE" # define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST" # define PEM_STRING_X509_REQ "CERTIFICATE REQUEST" # define PEM_STRING_X509_CRL "X509 CRL" # define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY" # define PEM_STRING_PUBLIC "PUBLIC KEY" # define PEM_STRING_RSA "RSA PRIVATE KEY" # define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY" # define PEM_STRING_DSA "DSA PRIVATE KEY" # define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY" # define PEM_STRING_PKCS7 "PKCS7" # define PEM_STRING_PKCS7_SIGNED "PKCS #7 SIGNED DATA" # define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY" # define PEM_STRING_PKCS8INF "PRIVATE KEY" # define PEM_STRING_DHPARAMS "DH PARAMETERS" # define PEM_STRING_DHXPARAMS "X9.42 DH PARAMETERS" # define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS" # define PEM_STRING_DSAPARAMS "DSA PARAMETERS" # define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY" # define PEM_STRING_ECPARAMETERS "EC PARAMETERS" # define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY" # define PEM_STRING_PARAMETERS "PARAMETERS" # define PEM_STRING_CMS "CMS" The PEM formats supported should be at most these. -- Viktor.
