How to encrypt using an ssh-rsa key

Hi there,

I am having an issue with using a ssh-rsa public key to encode a binary and have it saved in a file.
The key has the following format:

ssh-rsa AAAA***** ****s20= test@test.com

Can someone point me to the right direction? I am trying to find something useful in the :public_key library but so far I haven’t.

Thanks a lot for any assistance in advance.

here’s how you can sign & verify a binary using :public_key:

$ openssl genrsa -out private_key.pem
$ openssl rsa -in private_key.pem -pubout > public_key.pem

iex> private_key = "private_key.pem" |> File.read!() |> :public_key.pem_decode() |> hd() |> :public_key.pem_entry_decode()
iex> signature = :public_key.sign("foo", :sha512, private_key)
iex> public_key = "public_key.pem" |> File.read!() |> :public_key.pem_decode() |> hd() |> :public_key.pem_entry_decode()

iex> :public_key.verify("foo", :sha512, signature, public_key)
true
iex> :public_key.verify("bar", :sha512, signature, public_key)
false
5 Likes

The problem is that I already have the key (it’s not self generated), and its form is the one I posted above. I tried to use it exactly as you show but the :public_key.pem_decode() returns an empty list. Also the file I was sent has a .pub extension (in case this helps).

Maybe I will try and use it directly with the sign function mentioned in the line below and report back.

Ah, sorry about that. I was able to do this but not sure if it’s helpful:

iex> public_key = File.read!("/Users/wojtek/.ssh/id_rsa.pub") |> :public_key.ssh_decode(:openssh_public_key) |> hd() |> elem(0)
iex> :public_key.verify("bar", :sha512, "a-signature", public_key)

I guess you’d need a private key to sign though.

1 Like