We have the following bug reported to the Debian package of
Crypt-OpenSSL-RSA, c.f. https://bugs.debian.org/1142014
It doesn't seem to be a bug in the packaging, so you may want to take
a look. Thanks!
------8<-----------8<-----------8<-----------8<-----------8<-----
Package: libcrypt-openssl-rsa-perl
Version: 0.41-1
Severity: important
Tags: upstream
Greetings,
it seems Crypt::OpenSSL::RSA::new_private_key can no longer handle a
private key in the PEM format with additional text - like it used to
since possibly the last ten years.
How to repeat:
Generate an according key. Using GnuTLS that's
certtool --generate-privkey --outfile /tmp/privkey.pem
Or, using OpenSSL and an exsting key:
openssl rsa -text </path/to/some-private-key >/tmp/privkey.pem
Then run
perl parse-key /tmp/privkey.pem
where parse-key:
#!/usr/bin/perl
use 5.010;
use strict;
use warnings;
use Crypt::OpenSSL::RSA;
use File::Slurp;
use Test::More;
diag ("Version: $Crypt::OpenSSL::RSA::VERSION");
my $rsa = eval {
my $content = read_file ($ARGV[0]);
Crypt::OpenSSL::RSA->new_private_key ($content);
};
ok (defined ($rsa)) or diag ($@);
done_testing;
Expected (using Debian 14, "forky"):
# Version: 0.35
ok 1
1..1
Got (using Debian unstable):
# Version: 0.41
not ok 1
# Failed test at parse-key line 18.
# unrecognized key format: expected PEM-encoded key (starting with '-----BEGIN') or DER-encoded key (binary ASN.1 data) at parse-key line 15.
1..1
# Looks like you failed 1 test of 1.
To be honest, I didn't spend much time in investigation. It seems the
new_private_key method exists in the newer version only - perhaps it
used to be pure XS code in the past that was more flexible in that
regard?
This however fixes the issue for me:
[ RSA.pm:61 ]
- if ( $p_key_string =~ /^-----/ ) {
+ if ( $p_key_string =~ /^-----/m ) {
Cheers,
Christoph
------8<-----------8<-----------8<-----------8<-----------8<-----
Thanks for considering,
gregor herrmann,
Debian Perl Group
We have the following bug reported to the Debian package of
Crypt-OpenSSL-RSA, c.f. https://bugs.debian.org/1142014
It doesn't seem to be a bug in the packaging, so you may want to take
a look. Thanks!
------8<-----------8<-----------8<-----------8<-----------8<-----
Package: libcrypt-openssl-rsa-perl
Version: 0.41-1
Severity: important
Tags: upstream
Greetings,
it seems Crypt::OpenSSL::RSA::new_private_key can no longer handle a
private key in the PEM format with additional text - like it used to
since possibly the last ten years.
How to repeat:
Generate an according key. Using GnuTLS that's
Or, using OpenSSL and an exsting key:
Then run
where parse-key:
Expected (using Debian 14, "forky"):
Got (using Debian unstable):
To be honest, I didn't spend much time in investigation. It seems the
new_private_key method exists in the newer version only - perhaps it
used to be pure XS code in the past that was more flexible in that
regard?
This however fixes the issue for me:
Cheers,
Christoph
------8<-----------8<-----------8<-----------8<-----------8<-----
Thanks for considering,
gregor herrmann,
Debian Perl Group