On 09/15/2017 11:57 AM, Michael Richardson wrote:
The PEM_* routines, as documented at:
https://www.openssl.org/docs/man1.0.2/crypto/PEM_read_bio_PUBKEY.html
do not claim to read DER format input. (Actually they don't say anything about DER).
Ruby's library uses:
pkey = PEM_read_bio_PUBKEY(bio, NULL, ossl_pem_passwd_cb, (void *)pass);
It's documentation claims it read DER, which either it's wrong, or the
underlying ruby extension or SSL code has changed.
There must be a way to read DER format public keys.
I'm suspecting that maybe the magic is in the way the BIO is created?
(FAQ question PROG03, hints this for PKCS7 processing).
I had problems with DER using the command line options. I can create,
and display a DER keypair, a CSR, a self-signed cert. I cannot use a
CSR to make a cert where everything is DER. So something is missing
somewhere. If you search back a bit, you will find my postings on this
with the error messages I got.
Going to read the source code.
You are better man than I...
Bob
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
