[erlang-questions] public_key & OpenSSL format weirdness

zxq9 zxq9@REDACTED
Thu Feb 26 04:18:48 CET 2015

On 2015年2月26日 木曜日 11:01:22 zxq9 wrote:
> So it appears there are 24 extra bytes appended to the OpenSSL generated DER
> that are confusing the asn1 import function, but only in the case of public
> RSA keys, as private OpenSSL generated DER keys match what is expected.

Apparently OpenSSL adds an asn1 header, either on its own or because PKCS#1 
demands it (or PKCS#8? I haven't found a clear reference, but it should be one 
of those), and Erlang, iOS and a few other environments that expect a public 
RSA key in DER format do not expect this header.

The header is always

So I wonder if it wouldn't be better to either add a clause to 
public_key:der_decode/2 to catch this situation:

             Der>>) -> der_decode(Asn1Type, Der);

or (more properly) change the ASN.1 definition that generates OTP-PUB-KEY.erl 
in a way that makes 'dec_RSAPublicKey' derive from a CHOICE instead of a 
SEQUENCE type (or something along those lines -- I'm not sure where the asn1 
module definition is... ?).

In any case, this issue appears to be a persistent annoyance for folks using 
various RSA utilities:


More information about the erlang-questions mailing list