The PEMDocument struct, which is required in order to be able to read PEM formatted document from the outside, as found in the unit tests, is not tagged as public. Leaving us with no ability to load PEM documents even if this feature is present in the code.

Hi,

in my current project we are generating certificates where the serial number can be negative. If that's the case, parsing the certificate fails with the following error:

backingCode	invalidASN1IntegerEncoding
reason	"INTEGER encoded with top bit set!"	

According to this specification negative integer values are valid though:

8.3 Encoding of an integer value
[...]
8.3.3 The contents octets shall be a two's complement binary number equal to the integer value, and consisting of
bits 8 to 1 of the first octet, followed by bits 8 to 1 of the second octet, followed by bits 8 to 1 of each octet in turn up to
and including the last octet of the contents octets.
NOTE – The value of a two's complement binary number is derived by numbering the bits in the contents octets, starting with bit1 of the last octet as bit zero and ending the numbering with bit 8 of the first octet. Each bit is assigned a numerical value of 2N, where N is its position in the above numbering sequence. The value of the two's complement binary number is obtained by summing the numerical values assigned to each bit for those bits which are set to one, excluding bit 8 of the first octet, and then reducing this value by the numerical value assigned to bit 8 of the first octet if that bit is set to one.

Is there a specific motivation to disallow negative integer values?

Thanks in advance!

I am implementing encryption/decryption using ECDH and want to generate PEM of Public key using Curve25519. AFAIK I need to convert public key rawRepresentation data into ASN1 and then convert it to PEM.

I am struggling with creating DER from Public key and then ASN1 from DER. Please help if its possible using swift-asn1 package.

The PEM parsing and generation implemented in PEMDocument doesn't fully support the PEM format as defined in RFC1421.

In particular, fields such as Proc-Type and DEK-INFO are not supported, which means that formats as defined in RFC5915 cannot be processed:

-----BEGIN EC PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,A4E9C3555C149C675E03B622A42500D2

<snip>
-----END EC PRIVATE KEY-----

It would be advantageous if the processing of these additional fields were supported by the PEMDocument, as otherwise some PEM files cannot be processed properly.

Hello,

I want to convert an RSA private key in PEM format to OpenSSH format.
I only got so far in converting the key to an ASN1 object:

import SwiftASN1
import CryptoKit

let key = """
-----BEGIN RSA PRIVATE KEY-----
MIIG4wIBAAKCAYEAnUx+3ufsDbhhsF5bE40YYhZdPI7UDLx6zWaC0Fa7ogEbTOkx
…
arMB2W/9HFE9zPvQbt5Dk0r1XUxnwnKhIQgLkPc67WSFMgEGM9/H
-----END RSA PRIVATE KEY-----
"""
let pemObject = try PEMDocument(pemString: key)
let asn1node = try DER.parse(pemObject.derBytes)

(the key was specifically generated for this example and deleted afterwards)

Is that possible by using this library? If this is the case, can you give me some hints?