PEM RSA keys vs DER DSA keys?
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Barbican |
Won't Fix
|
Undecided
|
Rajat Sharma |
Bug Description
Steps to reproduce:
1. Generate a DSA key:
openstack secret order create --bit-length 1024 --algorithm DSA --name "DSA key" asymmetric
2. Generate an RSA key:
openstack secret order create --bit-length 1024 --algorithm RSA --name "RSA key" asymmetric
There's a bit of trouble accessing the DSA key by using the container href in the order because of: https:/
However, if you find the secret href another way, try to do:
openstack secret get --payload <RSA key href>
and
openstack secret get --payload <DSA key href>
The RSA key will print out ok in PEM format, but the DSA key will likely get some sort of error, like:
'utf8' codec can't decode byte 0x82 in position 1: invalid start byte
which will give you a clue that it's not in PEM format.
It doesn't seem right that key generation should return two different formats for the keys that were generated essentially the same way?
Changed in barbican: | |
status: | New → Confirmed |
Changed in barbican: | |
assignee: | nobody → Rajat Sharma (tajar29) |
Changed in barbican: | |
status: | Confirmed → In Progress |
I have tested this with "Store_crypto" plugin and as per my understanding the reason behind this is that it is not converting der to pem like it do in "KMIP" plugin.