OpenSSL in ruby: PKCS # 8 format for private key

Question

OpenSSL in ruby: PKCS # 8 format for private key

I created the RSA private key in ruby with:

require 'openssl'
key = OpenSSL::PKey::RSA.generate(1024)

I can get the key in PEM or DER formats:

key.to_pem
key.to_der

But there seems to be no way to get it in PKCS # 8 format. The best thing I've come up with is to call opensl in another process:

require 'open3'
Open3.popen3('openssl pkcs8 -topk8 -inform PEM -outform PEM -passout pass:password') do |stdin,  stdout, stderr|
  stdin.write(key.to_pem)
  unless (err = stderr.read).empty? then raise err end
  stdout.read
end

There must be a better way that I just can't find. Is there a mechanism for this in the OpenSSL class library in ruby?

+3

ruby openssl

grourk Feb 21 '10 at 3:53

source share

1 answer

tadman · Answer 1 · 2012-01-16T21:56:51+0000

I think I found a way to do this by hacking a new method for the OpenSSL :: PKey :: RSA class, which is displayed in PKCS # 8 format. It's pretty ugly and can use some cleanup, but I can create valid entries:

key = OpenSSL::PKey::RSA.new(1024)

key.to_pem_pkcs8
# => "-----BEGIN PRIVATE KEY----- ..."

to_pem, OpenSSL.

OpenSSL in ruby: PKCS # 8 format for private key

More articles: