[erlang-questions] Generate RSA private key (writing letsencrypt client)

Ingela Andin ingela.andin@REDACTED
Wed Jan 20 18:02:49 CET 2016 

Hi!

2016-01-20 14:34 GMT+01:00 Andreas Schultz <aschultz@REDACTED>:

> Hi,
>
> otp/lib/ssl/test/erl_make_certs.erl has the complete code in Erlang
> to generate RSA, DSA and EC certificates including their private keys.
>
> I'm not sure whether the generate primes and keys are safe for real
> certificates. You should check that before (re)using the code.
>
>
That code was only written for testing purposes and should not be relied on
for cryptographic safety  The public_key application generates EC and DH
keys
using the crypto application, this function could easily be extende to
generate
RSA and DSA keys  too if the crypto application is extended to call the
approriate functions
in the openSSL cryptolib. This is acctually the long term plan, but not the
top priority. So PR anyone?

Regards Ingela Erlang/OTP team - Ericsson AB


> Andreas
>
> On 01/20/2016 01:59 PM, Serge Aleynikov wrote:
>
>> I faced the same issue and had to resort to the RSA_generate_key call in
>> C.
>>
>> On Wed, Jan 20, 2016 at 5:04 AM, Max Lapshin <max.lapshin@REDACTED
>> <mailto:max.lapshin@REDACTED>> wrote:
>>
>>
>>     Hi.  I cannot find a way to generate RSA private (and public) key
>> from erlang.
>>
>>     I've looked through public_key sources and have found Yuri's cutkey:
>>     https://github.com/yrashk/cutkey/blob/master/src/cutkey.erl
>>
>>     I haven't found any code in public_key sources that does something
>> like cutkey does.
>>
>>     But I don't want to add extra dependency, maybe something has changed
>> and it is
>>     possible to generate RSAPrivateKey.
>>
>>     I'm writing client for letsencrypt and want fully automate all things
>> without calling openssl via command line.
>>
>>     _______________________________________________
>>     erlang-questions mailing list
>>     erlang-questions@REDACTED <mailto:erlang-questions@REDACTED>
>>     http://erlang.org/mailman/listinfo/erlang-questions
>>
>>
>>
>>
>> _______________________________________________
>> erlang-questions mailing list
>> erlang-questions@REDACTED
>> http://erlang.org/mailman/listinfo/erlang-questions
>>
>> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20160120/558f3ac3/attachment.htm>

More information about the erlang-questions mailing list