I selected 2 prime numbers p and q. Calculated public pair: (n,e) and private key: d.
For ex.
p =17, q = 11
n = 187,
e= 7 & d = 23
After sufring on internet i found this command to generate the public,private key pair :
openssl genrsa -out mykey.pem 1024
But I want to generate private key corresponding to d = 23 and public key corresponding to e = 7. How can i give these numbers as input.
One way to do this is to generate a DER encoded key using OpenSSL's asn1parse
command's -genconf
option.
You'll need to construct an input file for asn1parse -genconf
to produce an RSA key in the standard format (per RFC 3447). The syntax for asn1parse -genconf
is given here: http://www.openssl.org/docs/crypto/ASN1_generate_nconf.html and indeed, it already has an example for constructing an RSA key.
You need to calculate a few more values (specifically, d mod (p-1)
, d mod (q-1)
and q^-1 mod p
. For the values of p
, q
, d
you gave, these are:
d mod(p-1) = 23 mod 16 = 7
d mod(q-1) = 23 mod 10 = 3
q^-1 mod p = 14
Put this all together into a text file in the appropriate format:
asn1=SEQUENCE:rsa_key
[rsa_key]
version=INTEGER:0
modulus=INTEGER:187
pubExp=INTEGER:7
privExp=INTEGER:23
p=INTEGER:17
q=INTEGER:11
e1=INTEGER:7
e2=INTEGER:3
coeff=INTEGER:14
To construct the binary DER file:
openssl asn1parse -genconf <path to above file> -out newkey.der
You can then run this through OpenSSL's rsa
command to confirm:
openssl rsa -in newkey.der -inform der -text -check
Which should output:
Private-Key: (8 bit)
modulus: 187 (0xbb)
publicExponent: 7 (0x7)
privateExponent: 23 (0x17)
prime1: 17 (0x11)
prime2: 11 (0xb)
exponent1: 7 (0x7)
exponent2: 3 (0x3)
coefficient: 14 (0xe)
RSA key ok
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MBwCAQACAgC7AgEHAgEXAgERAgELAgEHAgEDAgEO
-----END RSA PRIVATE KEY-----
You can use this to encrypt data with OpenSSL's rsautl
command (though with this key you're limited to encrypting just a single byte of data providing that byte is also less than 187).
if you are looking for a method that requires no other computations from you, than I guess such do not exist.
have a look at rsa_builtin_keygen in rsa_gen.c of openssl source, it generates the primes for itself.
I would suggest you have a look at function generateKey
here (you will also need the file cryptomath for it to work)