I have been banging my head against this wall for a week now. I need to take an existing PrivateKey and store it in a PKCS#8 container using Triple DES. The only "successful" attempt I have had so far creates a container using pbeWithSHA1And3-KeyTripleDES-CBC wich is not even close to the same thing as des-ede3-cbc. I have a before/after dump using "openssl asn1parse ..." as a reference:
Non-working one:
0:d=0 hl=4 l= 682 cons: SEQUENCE
4:d=1 hl=2 l= 36 cons: SEQUENCE
6:d=2 hl=2 l= 10 prim: OBJECT :pbeWithSHA1And3-KeyTripleDES-CBC
18:d=2 hl=2 l= 22 cons: SEQUENCE
20:d=3 hl=2 l= 16 prim: OCTET STRING [HEX DUMP]:9950B90483C58D10807A8A4BEE7E6199
38:d=3 hl=2 l= 2 prim: INTEGER :0800
42:d=1 hl=4 l= 640 prim: OCTET STRING [HEX DUMP]:FB5130BAA93B217C3D9CC157B48A3A470C
Existing one (made using "openssl pkcs8 -topk8 -in temp.key -v2 des3"):
0:d=0 hl=4 l= 710 cons: SEQUENCE
4:d=1 hl=2 l= 64 cons: SEQUENCE
6:d=2 hl=2 l= 9 prim: OBJECT :PBES2
17:d=2 hl=2 l= 51 cons: SEQUENCE
19:d=3 hl=2 l= 27 cons: SEQUENCE
21:d=4 hl=2 l= 9 prim: OBJECT :PBKDF2
32:d=4 hl=2 l= 14 cons: SEQUENCE
34:d=5 hl=2 l= 8 prim: OCTET STRING [HEX DUMP]:56E20E2561891C26
44:d=5 hl=2 l= 2 prim: INTEGER :0800
48:d=3 hl=2 l= 20 cons: SEQUENCE
50:d=4 hl=2 l= 8 prim: OBJECT :des-ede3-cbc
60:d=4 hl=2 l= 8 prim: OCTET STRING [HEX DUMP]:903C92209EBA0B3A
70:d=1 hl=4 l= 640 prim: OCTET STRING [HEX DUMP]:0C6033115F1AEF6724E1
I just need some basic help on getting from the PrivateKey to the output that will work with openssl.