From mboxrd@z Thu Jan  1 00:00:00 1970
MIME-Version: 1.0
In-Reply-To: <20131217231653.144dbc37@zinc.9fans.fr>
References: <CALWH6ND9Knanchn28a2N8Vx37F3+ceSiHRo8ZkaWHNAXrgYhKQ@mail.gmail.com>
	<20131217231653.144dbc37@zinc.9fans.fr>
Date: Thu, 19 Dec 2013 02:31:30 +0100
Message-ID: <CALWH6NB4DwcFKJGgKNQu_+b14X78Y9qXYrsc_=pEMfNJxSWSJA@mail.gmail.com>
From: =?ISO-8859-1?Q?Jean=2DAndr=E9_Santoni?= <jean.andre.santoni@gmail.com>
To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net>
Content-Type: multipart/alternative; boundary=20cf303bf4a0f8f48204edd91e2d
Subject: Re: [9fans] Encoding private RSA key to PEM with p9p
Topicbox-Message-UUID: a04b54c0-ead8-11e9-9d60-3106f5b1d025

--20cf303bf4a0f8f48204edd91e2d
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Thanks, I managed to convert the key this way and added it to factotum.

I think I also need to add the server's CA's certificate, so factotum can
check the server identity. Right?

I converted the CA crt to DER like this:
openssl x509 -in ca.crt.pem -inform PEM -out ca.crt.der -outform DER

Not I'm trying to convert this DER to the factotum format :
asn12rsa -t 'proto=3Drsa service=3Dtls owner=3D*' ca.crt.der > ca.crt.plan9

but asn12rsa complains :
asn12rsa: couldn't parse asn1 key


2013/12/17 David du Colombier <0intro@gmail.com>

> > I tried to do the opposite : generating keys as PEM using linux's
> > openssl, then convert them to plan9 format using pemdecode without
> > success.
>
> You have to convert the key from PEM to DER with OpenSSL,
> then convert it to the Factotum format using auth/asn12rsa:
>
> openssl rsa -in key.pem -inform PEM -out key.der -outform DER
> auth/asn12rsa -t 'proto=3Drsa service=3Dtls owner=3D*' key.der >key
>
> --
> David du Colombier
>
>


--=20
Jean-Andr=E9 Santoni

--20cf303bf4a0f8f48204edd91e2d
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Thanks, I managed to convert the key this way and added it=
 to factotum.<div><br></div><div>I think I also need to add the server&#39;=
s CA&#39;s certificate, so factotum can check the server identity. Right?</=
div>
<div><br></div><div>I converted the CA crt to DER like this:</div><div>open=
ssl x509 -in ca.crt.pem -inform PEM -out ca.crt.der -outform DER<br></div><=
div><br></div><div>Not I&#39;m trying to convert this DER to the factotum f=
ormat :</div>
<div><div>asn12rsa -t &#39;proto=3Drsa service=3Dtls owner=3D*&#39; ca.crt.=
der &gt; ca.crt.plan9</div><div><br></div><div>but asn12rsa complains :</di=
v><div>asn12rsa: couldn&#39;t parse asn1 key</div></div></div><div class=3D=
"gmail_extra">
<br><br><div class=3D"gmail_quote">2013/12/17 David du Colombier <span dir=
=3D"ltr">&lt;<a href=3D"mailto:0intro@gmail.com" target=3D"_blank">0intro@g=
mail.com</a>&gt;</span><br><blockquote class=3D"gmail_quote" style=3D"margi=
n:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class=3D"im">&gt; I tried to do the opposite : generating keys as PEM =
using linux&#39;s<br>
&gt; openssl, then convert them to plan9 format using pemdecode without<br>
&gt; success.<br>
<br>
</div>You have to convert the key from PEM to DER with OpenSSL,<br>
then convert it to the Factotum format using auth/asn12rsa:<br>
<br>
openssl rsa -in key.pem -inform PEM -out key.der -outform DER<br>
auth/asn12rsa -t &#39;proto=3Drsa service=3Dtls owner=3D*&#39; key.der &gt;=
key<br>
<span class=3D"HOEnZb"><font color=3D"#888888"><br>
--<br>
David du Colombier<br>
<br>
</font></span></blockquote></div><br><br clear=3D"all"><div><br></div>-- <b=
r>Jean-Andr=E9 Santoni
</div>

--20cf303bf4a0f8f48204edd91e2d--