[openssl-users] reading DER format public keys

Robert Moskowitz rgm at htt-consult.com
Fri Sep 15 16:12:14 UTC 2017

On 09/15/2017 11:57 AM, Michael Richardson wrote:
> The PEM_* routines, as documented at:
>      https://www.openssl.org/docs/man1.0.2/crypto/PEM_read_bio_PUBKEY.html
> do not claim to read DER format input. (Actually they don't say anything about DER).
> Ruby's library uses:
>      pkey = PEM_read_bio_PUBKEY(bio, NULL, ossl_pem_passwd_cb, (void *)pass);
> It's documentation claims it read DER, which either it's wrong, or the
> underlying ruby extension or SSL code has changed.
> There must be a way to read DER format public keys.
> I'm suspecting that maybe the magic is in the way the BIO is created?
> (FAQ question PROG03, hints this for PKCS7 processing).

I had problems with DER using the command line options.  I can create, 
and display a DER keypair, a CSR, a self-signed cert.  I cannot use a 
CSR to make a cert where everything is DER.  So something is missing 
somewhere.  If you search back a bit, you will find my postings on this 
with the error messages I got.

> Going to read the source code.

You are better man than I...


More information about the openssl-users mailing list