--Redirected to -users It's true, either one is sufficient. In fact, the primes are basically interchangeable, so you can label either one as "p" and the other as "q". The place they are not interchangeable is in the PKCS#1 Private Key syntax. In that case, there is a first prime, which is labelled "p", and a second prime which is labelled "q". After that, there is 1/q mod p. So I would be surprised (but not too surprised) if someone labelled things differently. You can always try it both ways and see which way is correct. BIGNUM * p_inv = BN_mod_inverse(NULL, p, q, ctx) will do the trick for you. ==================== Greg Stark [EMAIL PROTECTED] ==================== ----- Original Message ----- From: "Joe Coates" <[EMAIL PROTECTED]> To: "Openssl-Dev@Openssl. Org" <[EMAIL PROTECTED]> Sent: Friday, July 20, 2001 10:27 AM Subject: RSA p and q inverses > I am hoping to offload the RSAPrivateDecrypt function to an external device. > My OpenSSL RSA data structure for the private key contains the values > p,q, d mod(p-1), d mod(q-1), and (q^-1)modp. The device needs all these > except the last, and instead it calls for (p^-1)modq. > 1)Is it true that either value is sufficient to do the decryption ? > 2)Is the (p^-1)modq value available somewhere in the data structure, or do I > need to calculate it via BN_mod_inverse() or some such ? > > Thanks, > Joe Coates > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
