Use PEM format RSA private key with eap_example

It looks like GnuTLS does not know how to parse the previously used DER-formatted PKCS#1 private key (server.key). To work around this, use a PEM-formatted version of the same key. This format can now be used by OpenSSL, GnuTLS, and the internal TLS implementation.
15 years ago · 79ec5264ed
parent c91231c912
commit 79ec5264ed
2 changed files with 18 additions and 2 deletions
--- a/eap_example/eap_example_server.c
+++ b/eap_example/eap_example_server.c
@ -84,8 +84,9 @@ static int eap_example_server_init_tls(void)
 	os_memset(&tparams, 0, sizeof(tparams));
 	tparams.ca_cert = "ca.pem";
 	tparams.client_cert = "server.pem";
-	tparams.private_key = "server.key";
-	tparams.private_key_passwd = "whatever";
+	/* tparams.private_key = "server.key"; */
+	tparams.private_key = "server-key.pem";
+	/* tparams.private_key_passwd = "whatever"; */

 	if (tls_global_set_params(eap_ctx.tls_ctx, &tparams)) {
 		printf("Failed to set TLS parameters\n");
--- a/eap_example/server-key.pem
+++ b/eap_example/server-key.pem
@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDToYuDPmjEWu+/Aj0RVWTSb07sX6dAkPnrTaUjZAG5AhjRqJWz
+zD50kFmVKi+R7GgS5tlGzLUtokdwjuSUAmz8tMXwIwmVeS0HluFDVSi94XbVRczE
+nyoDigg1RGyy1mc3t5RG84bvNatq98OceJag4ngh8L8I4k1qTLRMlyBJwIDAQAB
+AoGAP+v0asDn/h8FeSkg7uJfIJyUNxsxNnRTuHnsXkMvrgTvICyOgw828hhDpqVm
+VuoUCVmG2Tatpsn0UBApBHezGRh0u1syWoGM8fiDvZmoYmhFe5FxKnftg3KNXhDf
+Agk4OxwNNPBXpQFQP+GNxh6Qs7FEkYHLRh/J7vC0+wp3UWECQQDzcTQZXqYPow5M
+uinL819HKfh1n2257w1HGvw8cMCiYbKRyR74Q18TJcxuEyEwnPrg5ZGpMPDKiIOU
+SlgAMLBXAkEA3oxBpRue1Kqb2+Fq6lhZ7PQiZC5F69upIb/wxbk8ByImEl1pUKFW
+rV+YoKujbnj77PmMq1+R0dFkT1ai3zDzsQJBAMa3CUgMMpFhEDMhYyzQJF36rI2W
+7gJwV+5K4MqVXyktho3qFhWhKOKAYDcZ9mWwPjmGKzhocqVgecd6SAsfs1ECQA7r
+xHL3eRy1G6IQaQSxS8YxUCT7XUDFB3/1yITZOIcZ6QeOL8NyLceOA0OyflCn1+w5
+hw7uZ25z5Y/UNTNVquECQEgto3zPneEW06qkEnRz9EbLtWR3nRBS/QGrjOFNUuln
+pNhVUH4RB17Kk35xveUTz4U/Iw/WRfGNjFLHrtR/5xk=
+-----END RSA PRIVATE KEY-----