search

ntrepid8 / ex_crypto

Wrapper around the Erlang crypto module for Elixir.
MIT License
144 stars 48 forks source link

Load RSA keys with passphrase #11

Closed sheharyarn closed 6 years ago

sheharyarn commented 6 years ago

I have RSA keys that are encrypted using a password. How would I go about loading them from disk and using them? Currently, when trying to load them, gives this error:

iex(11)> ExPublicKey.load("/Users/Psy/crap/crypto/testkey.pem")
{:error,
 %FunctionClauseError{arity: 1, function: :pem_entry_decode,
  module: :public_key},
 [{:public_key, :pem_entry_decode,
   [{:RSAPrivateKey,
     <<69, 103, 57, 185, 26, 114, 20, 34, 100, 84, 103, 123, 157, 128, 197, 116,
       174, 125, 94, 20, 234, 243, 138, 198, 8, 108, 207, 220, 65, 70, 93, 198,
       113, 84, 163, 100, 154, 48, 60, 9, 237, 3, ...>>,
     {'AES-128-CBC',
      <<44, 86, 151, 113, 171, 22, 39, 28, 21, 99, 173, 229, 4, 100, 138,
        3>>}}], [file: 'public_key.erl', line: 140]},
  {ExPublicKey, :load_pem_entry, 1, [file: 'lib/ex_public_key.ex', line: 63]},
  {ExPublicKey, :loads, 1, [file: 'lib/ex_public_key.ex', line: 49]},
  {:erl_eval, :do_apply, 6, [file: 'erl_eval.erl', line: 670]},
  {:elixir, :erl_eval, 3, [file: 'src/elixir.erl', line: 229]},
  {:elixir, :eval_forms, 4, [file: 'src/elixir.erl', line: 217]},
  {IEx.Evaluator, :handle_eval, 6, [file: 'lib/iex/evaluator.ex', line: 182]},
  {IEx.Evaluator, :do_eval, 4, [file: 'lib/iex/evaluator.ex', line: 175]},
  {IEx.Evaluator, :eval, 4, [file: 'lib/iex/evaluator.ex', line: 155]},
  {IEx.Evaluator, :loop, 3, [file: 'lib/iex/evaluator.ex', line: 61]}, 
  {IEx.Evaluator, :init, 4, [file: 'lib/iex/evaluator.ex', line: 21]},
  {:proc_lib, :init_p_do_apply, 3, [file: 'proc_lib.erl', line: 247]}]}
ntrepid8 commented 6 years ago

Hmm, that isn't something that ExCrypto currently supports but I see how support could be added. We'd need to be able to supply the password to pem_entry_decode on this line:

I think we could add a load/2 function which takes the password as a 2nd argument and passes it all the way through to pem_entry_decode/2. Is that something you would want to create a PR for? If not I could probably add support for this relatively quickly.

sheharyarn commented 6 years ago

Sure, let me give it a shot :D