> From: owner-openssl-us...@openssl.org On Behalf Of krishnamurthy
santhanam
> Sent: Wednesday, 15 September, 2010 14:50
> Thanks for your suggestion. I had generated 1024 bytes RSA key.
> I need to convert this into DER to ASCII. Is this output is right?
<snipped to minimum>
> rsa = RSA_generate_key(1024, 3, NULL, NULL);
> size = i2d_RSAPrivateKey(rsa, NULL);
> iend = keybuf;
> size = i2d_RSAPrivateKey(rsa, &iend);
> for(i=0;i<size;i++) {
> printf("%x|", keybuf[i]);}
> RSA_free(rsa);
This is *an* ASCII format which can be transmitted by some
common means losslessly and the DER and key (then) recovered.
Whether it is *the* right format or *a* right format for a
receiving application depends on the receiving application(s).
If the receiving application already exists, you must conform
to whatever it requires; if you are writing (or modifying)
the receiving application(s) you decide what you want.
However this is not a confidential (encrypted) format, and
I repeat my earlier point that sending a private key about,
especially unencrypted, usually eliminates your security.
(This also provides little protection against damage, and
none against tamper. In olden days of RS232 and such
damage was often an issue; nowadays usually not. Whether
tamper is an issue depends on your environment, and usage.)
> For generating public key,
<similar>
It appears for now you are just experimenting.
But to make sure you understand: having separate programs
or even separate routines that *generate* an RSA publickey
and another RSA privatekey is totally useless. RSA crypto
(and any other PK crypto) only works if you use public
and private halves of *one and the same* keypair.
In practical applications like SSL and PGP and SMIME,
identifying keys so that users can get the right one(s)
is usually about as much work as the actual crypto.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
