On 12/07/2012 11:05 AM, LN wrote:
> I have a feeling it does so because I tried to save that returned > EVP_PKEY to a PEM file with PEM_write_bio_PrivateKey and then to load it > back from the same file with PEM_read_bio_PrivateKey. > Saving worked, but loading failed (with some decoding error inside > openss). The length of the base64 string in the PEM file for the key was > very small in comparision with what is usually the length for private keys. > >
Often, at least for other HSM, a private key returned does not contain the real p and q values but just some index to enumerate a key in the hsm. These are normally some small numbers and not big primes. you might see this if you do openssl rsa -text yourfile