CkPrivateKey->GetPkcs8Pem problem

[DevSidious]

Testing with a secp256r1 elliptic curve key, loaded from a Java key store . When exported to PKCS8 PEM from the key store, the output looks like this:

-----BEGIN PRIVATE KEY-----
MIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgsX79T3NCPmkl7OLM
gLjXN5e8+9ZAgGYvfPtFMdNwzy+gCgYIKoZIzj0DAQehRANCAAS6tUlQ58fswzy2
TXFX+gj8Gtn0UVC8UYb56yxLxvuVpxAYuxR+c/4XhL9hASXW4jg9MJMstarwDQFc
+8nGvmas
-----END PRIVATE KEY-----

Loading this key in XCA (a GUI around OpenSSL) and then exporting it to PKCS8 PEM results in this:

-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgsX79T3NCPmkl7OLM
gLjXN5e8+9ZAgGYvfPtFMdNwzy+hRANCAAS6tUlQ58fswzy2TXFX+gj8Gtn0UVC8
UYb56yxLxvuVpxAYuxR+c/4XhL9hASXW4jg9MJMstarwDQFc+8nGvmas
-----END PRIVATE KEY-----

However, when loading this key from the key store via Chilkat APIs and calling CkPrivateKey->GetPkcs8Pem, the output looks like this:

-----BEGIN PRIVATE KEY-----
MDECAQEEILF+/U9zQj5pJezizIC41zeXvPvWQIBmL3z7RTHTcM8voAoGCCqGSM49
AwEH
-----END PRIVATE KEY-----

Attempting to load this output in XCA errors out with: "Unable to load private key in file... . Tried PEM and DER private, public, PKCS#8 key types and SSH2 format."

This also errors out when attempting to import the output of GetPkcs8Pem with a key store manager app (Key Store Explorer): "Could not load the unencrypted PKCS #8 private key file. Possible reasons include: a) The file is not in PKCS #8 format b) The PKCS #8 private key file is corrupted."

However, walking the same procedure with a RSA key works as expected. I suspect GetPkcs8Pem does not export domain parameters, which would make this data useless.

What am I missing here?

[Chilkat]

Chilkat is providing the PKCS1 PEM.  I made the fix so that PKCS8 is produced.  If you would like a new build, please let me know the exact programming language, operating system, and anything else I'd need to know (.NET Framework, Java JDK version, Perl version, etc.)

[DevSidious]

I'm static linking against Chilkat C/C++ libs. Momentarily building on Windows (MSVC) and Linux X86_64 (GCC) so I could get away with Windows and Linux X86_64 builds. At some point I will have to be able to build on Mac OS X and Linux ARM.

Do you know when the fix is going to be available in the official Chilkat downloads?

Thanks.

[Chilkat]

The fix will be in the next version.

If you tell me the version of MSVC, I can provide a pre-release build.  I'll create a Linux x86_64 build sometime today and will post the link here..

[Chilkat]

Here's a 64-bit Linux pre-release:  https://chilkatdownload.com/prerelease/chilkat-9.5.0-x86_64-linux-gcc-463.tar.gz

(The number "463" is just a counter number to create a unique URL to avoid caching issues..)