For RSA the public key is a subset of the private key. So any program that needs a public key can also take just the fields it needs from a private key given to it.
The fields in a private key are:
modulus private exponent
all the rest are precomputed intermediate results for the Chiness Remainder Theorem computation and are completely derivable from the above:
The fields in a publc key are
modulus public exponent (which is always either 3 or 65537).
So a program can read the modulus from the private key and just use the 'standard' public exponent.
(private exponent) * (public exponent) = 1 mod phi(modulus)
but you need to factor modulus to compute the phi function. Typically modulus is the product of two very large primes so factoring it is a difficult operation.
===
In the real world you never need a bare public key. Either you have a Certificate Signing Request which is a signed data item containing a public key, or you have a Certificate, which is a signed data item containing a public key.
To make a CSR from a private key use: openssl req To make a certificate from a CSR use: openssl x509 or openssl ca
Dusan Juhas wrote:
Hello, it's possible to generate a private key using genrsa. But how to obtain an appropriate public key? It doesn't matter if both keys will be generated step by step or at once. Thank you for an advice.
-- Charles B (Ben) Cranston mailto: [EMAIL PROTECTED] http://www.wam.umd.edu/~zben
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
