Re: rsa private key formats

Fri, 21 Dec 2012 06:40:29 -0800 

On 12/20/2012 6:58 PM, Pavol Supa wrote:

Hi all,

I wonder if there is some format directly supported by openssl, suitable
for storing RSA key pair in the following way:
- RSA private key (d,p,q,...) encrypted with passhphrase
- RSA public key (n,e) unencrypted,

so I can load public key without knowing passphrase, from the same data
(binary buffer or pem) which i can use also for loading private key
(when supplying passphrase)

Regards
Pavol


Most OpenSSL applications needing this do the following:
1. Make a PEM file with the public key (in the "-... RSA PUBLIC KEY ...-" or "-... X509 CERTIFICATE ...-" format) and another with the 
complete encrypted private key (in the "-... RSA PRIVATE KEY ...-" or
the "-... PRIVATE KEY ...-" (PKCS#8) format), and concatenate the two (public key first).
2. To load only the public key just pass the file to a public key loading function, to load both public and private key, pass a BIO 
handle to the file to first the public key loading function, then
to the encrypted private key loading function. Finally (this is IMPORTANT to stop a known attack) verify that the private key 
matches the public key and error out VERY loudly if not.

Now as the encrypted private key file actually contains a copy of
the public key, this is suboptimal in a few ways, but it is the
way OpenSSL has always done this and seems acceptable to most.

Examples of programs doing it this way include the "pound" HTTP
load balancer, which is fairly small program to study (although
this one requires an unencrypted private key for automatic
startup).

For a format that stores only the private part (such as "d" from
an RSA keypair) encrypted, without repeating the public key, our
own applications have their own unpublished file format, which I
kind of like, but is under a strong NDA, so I cannot give you the
details.


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  http://www.wisemo.com
Transformervej 29, 2730 Herlev, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to