In message <CAFftDdqWPXq1+Mo9_6J0EzhZ4uwg5QC=R5fx8N1j=qycha8...@mail.gmail.com> 
on Fri, 13 Apr 2018 09:17:28 -0700, William Roberts <bill.c.robe...@gmail.com> 
said:

bill.c.roberts> I am currently working on writing an openssl engine
bill.c.roberts> to interface with a piece of hardware.
bill.c.roberts> 
bill.c.roberts> I am trying to understand how to implement
bill.c.roberts> rsa key generation, where the private key
bill.c.roberts> bytes would not be available.
bill.c.roberts> 
bill.c.roberts> I am currently invoking the
bill.c.roberts> command:
bill.c.roberts> 
bill.c.roberts> openssl genrsa -engine foo
bill.c.roberts> 
bill.c.roberts> Which is calling my callback for RSA keygen, registered via 
ENGINE_set_RSA()
bill.c.roberts> and I set the flags: RSA_FLAG_EXT_PKEY.
bill.c.roberts> 
bill.c.roberts> However, genrsa app seems to want rsa->e set here:
bill.c.roberts> 
https://github.com/openssl/openssl/blob/OpenSSL_1_0_2g/apps/genrsa.c#L291
bill.c.roberts> 
bill.c.roberts> I can't find documentation on how to handle the keygen interface
bill.c.roberts> for RSA.
bill.c.roberts> 
bill.c.roberts> Can someone point me in the right direction?

e and n are public components of any RSA key pair (and RSA structure
in OpenSSL).  You *must* make them available.  The rest of the numbers
are private and do not need to be part of the RSA structure that
OpenSSL handles.

Cheers,
Richard

-- 
Richard Levitte         levi...@openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Reply via email to