On 8/17/2012 11:46 AM, Erwann Abalea wrote:
Bonjour,
Le 17/08/2012 09:33, kiran Palli a écrit :
>
> Hi,
>
> I generated an rsa 2048 key-pair with these commands:
>
> openssl.exe genrsa -F4 -out key.pem 2048
>
> openssl.exe rsa -text -in key.pem > key.txt
>
> Now I lost the key.pem file and also lost the key.txt in its original
> format.
>
That's sad. 2 files lost at the same time? And you weren't taught to
take care of these? They weren't important, were they? Why don't you
just throw that key away and pick a new one?
> But I have private exponent and public exponent from the text file.
> Those were enough for my tool suite to sign a binary file and then
> verify. Now I need to test something with openSSL signing, but how do
> I recover the private key in .pem format (key.pem)?
>
Looks like homework. Did you ask Google?
> This is the left over portion of key.txt(example, but a valid key-pair):
>
> Private-Key: (2048 bit)
>
> modulus:
>
> |00:f3:5a:8f:46:08:11:d8:f7:65:eb:26:8f:e6:fe:
> [...]
> d2:61
> |
>
> publicExponent: 65537 (0x10001)
>
> privateExponent:
>
> |73:e4:bd:f4:e1:24:f6:ca:23:7c:90:99:d9:ad:9c:
> [...]
> 11|
Using bc you can quickly get p, q, dp and dq. qinv is harder to get, but
it's possible.
And once you have all the parts (m, e, d, p, q, dp, dq and qinv), you
should format
each as an DER INTEGER, then put them in the correct order after each
other and
wrap that as a DER SEQUENCE, then work your way up to whichever ASN.1
structure OpenSSL uses in its key files. You now have the file in
binary DER format
and can use openssl command line tools to convert it to PEM format
(which is the
same, only Base64 encoded with an identifying line above and below).
All this formatting work *could* be done by writing custom code that calls
various low level BN_ and RSA_ functions in OpenSSL (This could also be
used for the calculations), but the formatting is trivial enough that
you should
be able to do it by hand (pen and paper, or a text editor).
Of cause, you will need to understand the math and read up on DER encoding,
but those are good to learn anyway.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
