如何使用 openssl 中的特定输入数字生成 rsa 密钥? [英] How to Generate rsa keys using specific input numbers in openssl?

问题描述

我选择了 2 个质数 p 和 q.
计算出的公钥对:(n,e) 和私钥:d.
例如

<块引用>

p = 17，q = 11，n = 187，e = 7 和 d = 23

在网上冲浪后，我发现这个命令可以生成公钥和私钥对:
openssl genrsa -out mykey.pem 1024

但是我想生成对应于d = 23的私钥和对应于e = 7的公钥.我如何将这些数字作为输入.

解决方案

一种方法是使用 OpenSSL 的 asn1parse 命令的 -genconf 选项生成一个 DER 编码的密钥.

您需要为 asn1parse -genconf 构建一个输入文件，以生成标准格式的 RSA 密钥(根据 RFC 3447).asn1parse -genconf 的语法如下:http:///www.openssl.org/docs/crypto/ASN1_generate_nconf.html 事实上，它已经有一个构建 RSA 密钥的例子.

您需要计算更多的值(具体来说，d mod (p-1)、d mod (q-1) 和 q^-1 mod p.对于你给的p,q,d的值，这些是:

d mod(p-1) = 23 mod 16 = 7

d mod(q-1) = 23 mod 10 = 3

q^-1 mod p = 14

以适当的格式将所有这些放在一个文本文件中:

asn1=SEQUENCE:rsa_key[rsa_key]版本=整数:0模数=整数:187pubExp=整数:7privExp=整数:23p=整数:17q=整数:11e1=整数:7e2=整数:3系数=整数:14

构建二进制DER文件:

openssl asn1parse -genconf <上面文件的路径>-out newkey.der

然后您可以通过 OpenSSL 的 rsa 命令运行它以确认:

openssl rsa -in newkey.der -inform der -text -check

哪个应该输出:

私钥:(8 位)模数:187 (0xbb)公共指数:7 (0x7)私有指数:23 (0x17)素数1:17(0x11)素数2:11(0xb)指数 1: 7 (0x7)指数 2: 3 (0x3)系数:14(0xe)RSA 密钥正常写入 RSA 密钥-----开始RSA私钥-----MBwCAQACAgC7AgEHAgEXAgERAGELAgEHAgEDAgEO-----结束RSA私钥-----

您可以使用 OpenSSL 的 rsautl 命令来加密数据(尽管使用此密钥，您只能加密单个字节的数据，前提是该字节也小于 187).

I selected 2 prime numbers p and q.
Calculated public pair: (n,e) and private key: d.
For ex.

p = 17, q = 11, n = 187, e = 7 and d = 23

After surfing on the Internet I found this command to generate the public and private key pair :
openssl genrsa -out mykey.pem 1024

But I want to generate private key corresponding to d = 23 and public key corresponding to e = 7. How can I give these numbers as input.

解决方案

One way to do this is to generate a DER encoded key using OpenSSL's asn1parse command's -genconf option.

You'll need to construct an input file for asn1parse -genconf to produce an RSA key in the standard format (per RFC 3447). The syntax for asn1parse -genconf is given here: http://www.openssl.org/docs/crypto/ASN1_generate_nconf.html and indeed, it already has an example for constructing an RSA key.

You need to calculate a few more values (specifically, d mod (p-1), d mod (q-1) and q^-1 mod p. For the values of p, q, d you gave, these are:

d mod(p-1) = 23 mod 16 = 7

d mod(q-1) = 23 mod 10 = 3

q^-1 mod p = 14

Put this all together into a text file in the appropriate format:

asn1=SEQUENCE:rsa_key

[rsa_key]
version=INTEGER:0
modulus=INTEGER:187
pubExp=INTEGER:7
privExp=INTEGER:23
p=INTEGER:17
q=INTEGER:11
e1=INTEGER:7
e2=INTEGER:3
coeff=INTEGER:14

To construct the binary DER file:

openssl asn1parse -genconf <path to above file> -out newkey.der

You can then run this through OpenSSL's rsa command to confirm:

openssl rsa -in newkey.der -inform der -text -check

Which should output:

Private-Key: (8 bit)
modulus: 187 (0xbb)
publicExponent: 7 (0x7)
privateExponent: 23 (0x17)
prime1: 17 (0x11)
prime2: 11 (0xb)
exponent1: 7 (0x7)
exponent2: 3 (0x3)
coefficient: 14 (0xe)
RSA key ok
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MBwCAQACAgC7AgEHAgEXAgERAgELAgEHAgEDAgEO
-----END RSA PRIVATE KEY-----

You can use this to encrypt data with OpenSSL's rsautl command (though with this key you're limited to encrypting just a single byte of data providing that byte is also less than 187).

这篇关于如何使用 openssl 中的特定输入数字生成 rsa 密钥?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！