[openssl-users] reading DER format public keys
Robert Moskowitz
rgm at htt-consult.com
Fri Sep 15 16:12:14 UTC 2017
On 09/15/2017 11:57 AM, Michael Richardson wrote:
> The PEM_* routines, as documented at:
> https://www.openssl.org/docs/man1.0.2/crypto/PEM_read_bio_PUBKEY.html
> do not claim to read DER format input. (Actually they don't say anything about DER).
> Ruby's library uses:
> pkey = PEM_read_bio_PUBKEY(bio, NULL, ossl_pem_passwd_cb, (void *)pass);
>
> It's documentation claims it read DER, which either it's wrong, or the
> underlying ruby extension or SSL code has changed.
>
> There must be a way to read DER format public keys.
> I'm suspecting that maybe the magic is in the way the BIO is created?
> (FAQ question PROG03, hints this for PKCS7 processing).
I had problems with DER using the command line options. I can create,
and display a DER keypair, a CSR, a self-signed cert. I cannot use a
CSR to make a cert where everything is DER. So something is missing
somewhere. If you search back a bit, you will find my postings on this
with the error messages I got.
> Going to read the source code.
You are better man than I...
Bob
More information about the openssl-users
mailing list