[erlang-questions] Problem using PKI private key file

Brian Modra epailty@REDACTED
Mon Jan 15 07:12:28 CET 2018


I have to use PKI private key and its associated certificate. But I am
having trouble reading the private key and using it.

The following is copied from my terminal:

$ erl
Erlang/OTP 20 [erts-9.1] [source] [64-bit] [smp:4:4] [ds:4:4:10]
[async-threads:10] [kernel-poll:false]

Eshell V9.1  (abort with ^G)
1> {ok, PrivPemBin} = file:read_file("test.pk.pem").
{ok,<<"Bag Attributes\n    localKeyID: A1 77 37 C0 83 09 CF E8 19 C9 C3 DD
A7 56 79 28 DD 56 C6 01 \nKey Attributes: "...>>}
2> [PrivKeyEntry] =  public_key:pem_decode(PrivPemBin).
[{'PrivateKeyInfo',<<48,130,4,190,2,1,0,48,13,6,9,42,134,...>>,
                   not_encrypted}]

3> PrivKey = public_key:pem_entry_decode(PrivKeyEntry).
{'PrivateKeyInfo',v1,

{'PrivateKeyInfo_privateKeyAlgorithm',{1,2,840,113549,1,1,1},

{asn1_OPENTYPE,<<5,0>>}},

<<48,130,4,164,2,1,0,2,130,1,1,0,174,64,216,53,107,61,116,...>>,
                  asn1_NOVALUE}

4> Encrypted = public_key:encrypt_private(<<"Hello World">>, PrivKey).
** exception error: no function clause matching
public_key:encrypt_private(<<"Hello World">>,

 {'PrivateKeyInfo',v1,

{'PrivateKeyInfo_privateKeyAlgorithm',{1,2,840,113549,1,1,1},

{asn1_OPENTYPE,<<5,0>>}},

<<48,130,4,164,2,1,0,2,130,1,1,0,174,64,216,53,107,61,116,...>>,

                 asn1_NOVALUE},

 []) (public_key.erl, line 389)


Notice that the key shows
{'PrivateKeyInfo_privateKeyAlgorithm',{1,2,840,113549,1,1,1},{asn1_OPENTYPE,<<5,0>>}},
rather than something more recognisable like 'RSAPrivateKey'...


Is this telling me the algorithm is not supported, or am I just not calling
the right functions?

The header of the PEM file looks as so:

Bag Attributes
    localKeyID: A1 77 37 C0 83 09 CF E8 19 C9 C3 DD A7 56 79 28 DD 56 C6 01
Key Attributes: <No Attributes>
-----BEGIN PRIVATE KEY-----
MIIEvgIB...  [trimmed out obviously]
-----END PRIVATE KEY-----

... which I think is telling me that the PK is a PKCS#8 ?
(It was converted from a p12 file from an external source, using openssl).

--
Brian Modra  +61 4552 8 4772
26 Valley Drive, Caboolture, QLD 4510,  Australia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20180115/82a20ebb/attachment.htm>


More information about the erlang-questions mailing list