Re: [openssl-users] converting text to pem

[Erwann Abalea]

Bonjour,

Le 17/08/2012 09:33, kiran Palli a écrit :


Hi,

I generated an rsa 2048 key-pair with these commands:

openssl.exe genrsa -F4 -out key.pem 2048

openssl.exe rsa -text -in key.pem  key.txt

Now I lost the key.pem file and also lost the key.txt in its original 
format.




That's sad. 2 files lost at the same time? And you weren't taught to 
take care of these? They weren't important, were they? Why don't you 
just throw that key away and pick a new one?


But I have private exponent and public exponent from the text file. 
Those were enough for my tool suite to sign a binary file and then 
verify. Now I need to test something with openSSL signing, but how do 
I recover the private key in .pem format (key.pem)?




Looks like homework. Did you ask Google?


This is the left over portion of key.txt(example, but a valid key-pair):

Private-Key: (2048 bit)

modulus:

|00:f3:5a:8f:46:08:11:d8:f7:65:eb:26:8f:e6:fe:
[...]
d2:61
|

publicExponent: 65537 (0x10001)

privateExponent:

|73:e4:bd:f4:e1:24:f6:ca:23:7c:90:99:d9:ad:9c:
[...]
11|


Using bc you can quickly get p, q, dp and dq. qinv is harder to get, but 
it's possible.


--
Erwann ABALEA

Re: [openssl-users] converting text to pem

[Jakob Bohm]

On 8/17/2012 11:46 AM, Erwann Abalea wrote:

Bonjour,

Le 17/08/2012 09:33, kiran Palli a écrit :

 Hi,

 I generated an rsa 2048 key-pair with these commands:

 openssl.exe genrsa -F4 -out key.pem 2048

 openssl.exe rsa -text -in key.pem  key.txt

 Now I lost the key.pem file and also lost the key.txt in its original
 format.


That's sad. 2 files lost at the same time? And you weren't taught to
take care of these? They weren't important, were they? Why don't you
just throw that key away and pick a new one?

 But I have private exponent and public exponent from the text file.
 Those were enough for my tool suite to sign a binary file and then
 verify. Now I need to test something with openSSL signing, but how do
 I recover the private key in .pem format (key.pem)?


Looks like homework. Did you ask Google?

 This is the left over portion of key.txt(example, but a valid key-pair):

 Private-Key: (2048 bit)

 modulus:

 |00:f3:5a:8f:46:08:11:d8:f7:65:eb:26:8f:e6:fe:
 [...]
 d2:61
 |

 publicExponent: 65537 (0x10001)

 privateExponent:

 |73:e4:bd:f4:e1:24:f6:ca:23:7c:90:99:d9:ad:9c:
 [...]
 11|

Using bc you can quickly get p, q, dp and dq. qinv is harder to get, but
it's possible.

And once you have all the parts (m, e, d, p, q, dp, dq and qinv), you 
should format
each as an DER INTEGER, then put them in the correct order after each 
other and

wrap that as a DER SEQUENCE, then work your way up to whichever ASN.1
structure OpenSSL uses in its key files.  You now have the file in 
binary DER format
and can use openssl command line tools to convert it to PEM format 
(which is the

same, only Base64 encoded with an identifying line above and below).

All this formatting work *could* be done by writing custom code that calls
various low level BN_ and RSA_ functions in OpenSSL (This could also be
used for the calculations), but the formatting is trivial enough that 
you should

be able to do it by hand (pen and paper, or a text editor).

Of cause, you will need to understand the math and read up on DER encoding,
but those are good to learn anyway.

Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org