[erlang-questions] public_key:pem_decode/1 and public_key:verify/4

Ingela Andin <>
Mon Jan 24 10:48:00 CET 2011


Hi!

public_key:verify/4 is not broken, it is just that verifies signatures
created by the
algorithm implemented by  public_key:sign/3 and not the ones created by
the algorithm implemented by public_key:encrypt_private/2 as yours seems to be.
You should try public_key:decrypt_public/3 instead.

Regards Ingela Erlang/OTP team - Ericsson AB


2011/1/24 Joakim G. <>:
> On 2011-01-21 12:47, Joakim G. wrote:
>> With this patch public_key:pem_decode/1 returns a RSAPublicKey
>> record as defined in public_key.hrl (instead of just []).
>>
>> I haven't used the output yet though. :-)
>>
>> I will experiment with public_key:verify/4 over the weekend.
>
> To verify: my naive fix did what is was supposed to do, i.e. this
> works with the patch applied:
>
>    [PemEntry] = public_key:pem_decode(<<"-----BEGIN RSA PUBLIC
> KEY-----\nMIGJAoGBAKhhZ8RrKaA0RWhjXJlSpTHd7/h6Luww9qeyUkEqBQyiCooZZGCYNle5\nC9TfRVJDUuxzigvXuTh0tlba+9AyIe2hxAztjs43pSKy5VnnJlSjMBVDay8XmNjh\nlUxid/ZV2hDkKlwHDCnZjdZpeXqdtGbZ7o3N7wOBzJSRQ7kqzQHXAgMBAAE=\n-----END
> RSA PUBLIC KEY-----">>),
>    RSAPublicKey = public_key:pem_entry_decode(PemEntry),
>
> I could then call:
>
> ==
>
> verify(PlainText, Signature,
>       #'RSAPublicKey'{modulus = Mod, publicExponent = Exp}) ->
>    PlainText ==
>        crypto:rsa_public_decrypt(Signature,
>                                  [crypto:mpint(Exp), crypto:mpint(Mod)],
>                                  rsa_pkcs1_padding).
>
> ==
>
> to verify a signature.
>
> AFAICS public_key:verify/4 is broken.
>
> I'm happpy now. The work can continue. :-)
>
> /Jocke
>
>> Cheers
>> /Jocke
>>
>> On 2011-01-21 00:03, Seth Falcon wrote:
>>> 2011/1/20 Joakim G. <>:
>>>> I updated pubkey_pem.html a tiny little bit and it seems to
>>>> work:
>>>>
>>>> :~/installs/otp_src_R14B01/lib/public_key/src$ diff -bwt
>>>> pubkey_pem.erl.orig pubkey_pem.erl
>>>> 157a158,159
>>>>> join_entry([<<"-----END RSA PUBLIC KEY-----", _/binary>>| Lines],
>>>> Entry) ->
>>>>>     {lists:reverse(Entry), Lines};
>>>> 212a215,216
>>>>> pem_start('RSAPublicKey') ->
>>>>>     <<"-----BEGIN RSA PUBLIC KEY-----">>;
>>>> 221a226,227
>>>>> pem_end(<<"-----BEGIN RSA PUBLIC KEY-----">>) ->
>>>>>     <<"-----END RSA PUBLIC KEY-----">>;
>>>> 232a239,240
>>>>> asn1_type(<<"-----BEGIN RSA PUBLIC KEY-----">>) ->
>>>>>     'RSAPublicKey';
>>>>
>>>> Thanks
>>>
>>> Our mails crossed.  When you say "this seems to work", were you able
>>> to actually use the public key for verification/decryption?
>>>
>>> ________________________________________________________________
>>> erlang-questions (at) erlang.org mailing list.
>>> See http://www.erlang.org/faq.html
>>> To unsubscribe; mailto:
>>>
>>
>> ________________________________________________________________
>> erlang-questions (at) erlang.org mailing list.
>> See http://www.erlang.org/faq.html
>> To unsubscribe; mailto:
>>
>
> ________________________________________________________________
> erlang-questions (at) erlang.org mailing list.
> See http://www.erlang.org/faq.html
> To unsubscribe; mailto:
>
>


More information about the erlang-questions mailing list