RSA的几个问题
1. rsa key的生成, 为了好显示,长度设置非常小
openssl genrsa 196 > key.pem
2. 生成对应的公钥
openssl rsa -in key.pem -pubout > pub.pem
3. rsa 内容的显示
[jie ~] :-) openssl rsa -in key.pem -text -nooutPrivate-Key: (196 bit)modulus: 0b:ae:50:55:1f:fe:bf:e3:e3:d8:1f:05:63:6d:61: 3f:72:1e:42:dd:e0:b6:0b:9b:53publicExponent: 65537 (0x10001)privateExponent: 01:d5:25:51:55:a5:b8:21:5e:db:c7:72:25:e5:6a: 89:43:13:fd:db:50:31:25:c6:31prime1: 03:c4:46:08:a4:8d:e0:a3:83:98:00:8a:67prime2: 03:19:e2:08:1a:aa:9a:50:b8:87:e8:ec:35exponent1: 02:2e:50:c6:8c:50:c1:b2:ab:6d:05:53:1dexponent2: 00:a6:1c:ce:97:4d:d5:46:48:a6:5f:8d:75coefficient: 58:4d:1c:3e:11:28:37:f7:5e:c7:0a:02
4. rsa ASN 解码:
[jie ~] :-) openssl asn1parse < key.pem 0:d=0 hl=3 l= 136 cons: SEQUENCE 3:d=1 hl=2 l= 1 prim: INTEGER :00 6:d=1 hl=2 l= 25 prim: INTEGER :0BAE50551FFEBFE3E3D81F05636D613F721E42DDE0B60B9B53 33:d=1 hl=2 l= 3 prim: INTEGER :010001 38:d=1 hl=2 l= 25 prim: INTEGER :01D5255155A5B8215EDBC77225E56A894313FDDB503125C631 65:d=1 hl=2 l= 13 prim: INTEGER :03C44608A48DE0A38398008A67 80:d=1 hl=2 l= 13 prim: INTEGER :0319E2081AAA9A50B887E8EC35 95:d=1 hl=2 l= 13 prim: INTEGER :022E50C68C50C1B2AB6D05531D 110:d=1 hl=2 l= 13 prim: INTEGER :A61CCE974DD54648A65F8D75 125:d=1 hl=2 l= 12 prim: INTEGER :584D1C3E112837F75EC70A02
5. ASN格式的定义:
from RFC 3447 Appendix A.1.2:
A.1.2 RSA private key syntax An RSA private key should be represented with the ASN.1 type RSAPrivateKey: RSAPrivateKey ::= SEQUENCE { version Version, modulus INTEGER, -- n publicExponent INTEGER, -- e privateExponent INTEGER, -- d prime1 INTEGER, -- p prime2 INTEGER, -- q exponent1 INTEGER, -- d mod (p-1) exponent2 INTEGER, -- d mod (q-1) coefficient INTEGER, -- (inverse of q) mod p otherPrimeInfos OtherPrimeInfos OPTIONAL }
6. 对应openssl 库的 RSA 结构的字段是:
The RSA structure consists of several BIGNUM components. It can contain public as well as private RSA keys:
struct
{
BIGNUM *n; // public modulus
BIGNUM *e; // public exponent
BIGNUM *d; // private exponent
BIGNUM *p; // secret prime factor
BIGNUM *q; // secret prime factor
BIGNUM *dmp1; // d mod (p-1)
BIGNUM *dmq1; // d mod (q-1)
BIGNUM *iqmp; // q^-1 mod p
// ...
};
RSA
7. OpenSSL也提供了直接可以读取PEM文件的函数: PEM_read_RSAPrivateKey, PEM_read_RSAPublicKey,