[erlang-questions] reading RSA public key files (PEM)

Ingela Anderton Andin ingela@REDACTED
Thu Feb 26 16:28:13 CET 2009 

Hi!

Files named  <something>_rsa.pub are usually generated by openssh  ( 
usally called only ssh)
and are not PEM-files.  If you have access to the private key in a a 
PEM-file the public key
is part of the private key and can be extracted from it.

public_key:decode_private_key/[1, 2] will return the record 

#'RSAPrivateKey'{
          version,         % two-prime | multi
          modulus,         % integer()
          publicExponent,  % integer()
          privateExponent, % integer()
          prime1,          % integer() 
          prime2,          % integer()
          exponent1,       % integer()
          exponent2,       % integer()
          coefficient,     % integer()
          otherPrimeInfos  % [#OtherPrimeInfo{}] | asn1_NOVALUE
         }.

if called with the output from public_key:pem_to_der used to read a
private rsa private key.

If the public_key API should provide a function to read ssh-files
is not something that we have decided or even considered yet. 
public_key is a pretty new application that we created in
the process of creating the new ssl-implementation. And it also
will be used by our ssh-application to handle PEM-files in the future, but
as you may have noticed it is not officially documented yet.
Ssh does not have any API functions for reading the ssh public-key files
as this is normally done by the ssh-application itself. But as it is opensource
you can always peek on how it is done. I do however strongly recommend that you
do not use undocumented functions. When it comes to the module public_key it
is a little safer as we intend to make it a documented API in the future but
you should be aware that we do not promise it will not change before we document it. 

Regards Ingela Erlang/OTP - Ericsson

> Hi!
>
> With Erlang R12B5 I can read RSA private keys but not public:
>
> Eshell V5.6.5  (abort with ^G)
>1> public_key:pem_to_der("test_rsa").
>{ok,[{rsa_private_key,<<48,130,4,160,2,1,0,2,130,1,1,0,
>                        161,19,65,96,102,199,220,63,184,
>                        182,224,110,...>>,
>                      not_encrypted}]}
>2> public_key:pem_to_der("test_rsa.pub").
>{ok,[]}
>
> Googling around I couldn't find how do that. Any suggestions?
>
>Thanks!
>
 >-- >Vlad Skvortsov, vss@REDACTED, http://vss.73rus.com

More information about the erlang-questions mailing list