Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Documentation issue: load_pkcs1_openssl_der and load_pkcs1_openssl_pem #213

Open
owlstead opened this issue Jan 8, 2023 · 4 comments
Open

Documentation issue: load_pkcs1_openssl_der and load_pkcs1_openssl_pem #213

owlstead opened this issue Jan 8, 2023 · 4 comments

Comments

@owlstead
Copy link

owlstead commented Jan 8, 2023
edited

These aren't OpenSSL specific constructs, they are SPKI or SubjectPublicKeyInfo structures as specified in X.509 for the ASN.1 part and RFC 7468 for the PEM part. So the text in https://stuvel.eu/python-rsa-doc/reference.html is not correct.
@myheroyuki
Copy link
Collaborator

The specific part of RFC 7468 appears to be here. Based on this question, I can see where the names load_pkcs1_openssl_der and load_pkcs1_openssl_pem may have came from. It might be too late to change the function names for backwards compatibility reasons. However, the documentation can still be updated along with a note explaining this issue.

Some other notes, for myself (reference):

  • One file format begins with BEGIN PUBLIC KEY and the other BEGIN RSA PUBLIC KEY
  • When the RSA part is omitted, the file has to additionally specify the OID (which the library checks for here)

@sybrenstuvel
Copy link
Owner

@owlstead could you suggest a text that would be correct?

@Coder-Rahul-Y
Copy link

https://stackoverflow.com/questions/17733536/how-to-convert-a-private-key-to-an-rsa-private-key

@owlstead
Copy link
Author

owlstead commented Mar 19, 2024
edited

@sybrenstuvel Sorry for the late reply, flew under the radar for some time.

classmethod load_pkcs1_openssl_der(keyfile: bytes) → rsa.key.PublicKey

    Loads a SubjectPublicKeyInfo (SPKI) encoded public key [as specified in the X.509v3 specifications](https://www.rfc-editor.org/rfc/rfc5280#section-4.1.2.7). If the keyfile parameter doesn't contain an RSA algorithm identifier and an embedded PKCS#1 encoded public key then the method will throw a TypeError or a ValueError (TODO: check which exceptions can be thrown by the parsing code).

    Parameters

        keyfile – contents of a DER-encoded file that contains the public key
    Returns

        a PublicKey object

classmethod load_pkcs1_openssl_pem(keyfile: bytes) → rsa.key.PublicKey

    Loads a PEM encoded SubjectPublicKeyInfo (SPKI) public key [as specified in the X.509v3 specifications](https://www.rfc-editor.org/rfc/rfc5280#section-4.1.2.7). If the keyfile parameter doesn't contain an RSA algorithm identifier and an embedded PKCS#1 encoded public key then the method will throw a TypeError or a ValueError (TODO: check which exceptions can be thrown by the parsing code).

    These files can be recognized in that they start with BEGIN PUBLIC KEY rather than BEGIN RSA PUBLIC KEY as defined in [RFC 7468 on PKIX textual encodings](https://www.rfc-editor.org/rfc/rfc7468#page-14)

    The content of the file before the “—–BEGIN PUBLIC KEY—–” and after the “—–END PUBLIC KEY—–” lines is ignored.

    Parameters

        keyfile (bytes) – contents of a PEM-encoded file that contains the public key.
    Returns

        a PublicKey object

This may needs some additional formatting, let's first agree on the contents. I'm not sure what this has to do with files directly but that's less important I guess.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@sybrenstuvel @owlstead @Coder-Rahul-Y @myheroyuki