On Mon, Nov 08, 2004, Sundar Raman wrote: > This is probably a pretty basic question, but i'm new to encryption and > openssl, so please forgive the fact that it's probably stupid. > > I've got known private and public rsa keys in hex format, including all > the parameters (n, p, q, etc.). I know that i can use genrsa to generate > keys into a .pem file that can subsequently be passed to enc to > encrypted some data. however, i need to be able to use the keys that i > have been provided. is there a way to convert the hex values to the > format that the .pem files should be in (or a way for enc to accept the > hex values directly)? > > i know 'openssl rsa -in key.pem -text' will do the reverse of what i > want - i.e., give me a hex dump of the pem file. is there another > utility or command to do what i need? > > just to be absolutely clear, I would like to convert the sample > public/private keys below to a format that i can supply to "openssl > rsautl -encrypt -inkey keyfile.pem -in ..." > > Thanks much for any support. > > ------------ SAMPLE KEYS as hex strings --------------- > # Public key > # ---------- > > # Modulus: > bb f8 2f 09 06 82 ce 9c 23 38 ac 2b 9d a8 71 f7 36 8d 07 ee d4 10 43 a4 > 40 d6 b6 f0 74 54 f5 1f b8 df ba af 03 5c 02 ab 61 ea 48 ce eb 6f cd 48 > 76 ed 52 0d 60 e1 ec 46 19 71 9d 8a 5b 8b 80 7f af b8 e0 a3 df c7 37 72 > 3e e6 b4 b7 d9 3a 25 84 ee 6a 64 9d 06 09 53 74 88 34 b2 45 45 98 39 4e > e0 aa b1 2d 7b 61 a5 1f 52 7a 9a 41 f6 c1 68 7f e2 53 72 98 ca 2a 8f 59 > 46 f8 e5 fd 09 1d bd cb > > # Public exponent: > 11 > > # Private key > # ----------- > > # Modulus and public exponent as above. > > # Private exponent: > a5 da fc 53 41 fa f2 89 c4 b9 88 db 30 c1 cd f8 3f 31 25 1e 06 68 b4 27 > 84 81 38 01 57 96 41 b2 94 10 b3 c7 99 8d 6b c4 65 74 5e 5c 39 26 69 d6 > 87 0d a2 c0 82 a9 39 e3 7f dc b8 2e c9 3e da c9 7f f3 ad 59 50 ac cf bc > 11 1c 76 f1 a9 52 94 44 e5 6a af 68 c5 6c 09 2c d3 8d c3 be f5 d2 0a 93 > 99 26 ed 4f 74 a1 3e dd fb e1 a1 ce cc 48 94 af 94 28 c2 b7 b8 88 3f e4 > 46 3a 4b c8 5b 1c b3 c1 > > # Prime 1: > ee cf ae 81 b1 b9 b3 c9 08 81 0b 10 a1 b5 60 01 99 eb 9f 44 ae f4 fd a4 > 93 b8 1a 9e 3d 84 f6 32 12 4e f0 23 6e 5d 1e 3b 7e 28 fa e7 aa 04 0a 2d > 5b 25 21 76 45 9d 1f 39 75 41 ba 2a 58 fb 65 99 > > # Prime 2: > c9 7f b1 f0 27 f4 53 f6 34 12 33 ea aa d1 d9 35 3f 6c 42 d0 88 66 b1 d0 > 5a 0f 20 35 02 8b 9d 86 98 40 b4 16 66 b4 2e 92 ea 0d a3 b4 32 04 b5 cf > ce 33 52 52 4d 04 16 a5 a4 41 e7 00 af 46 15 03 > > # Prime exponent 1: > 54 49 4c a6 3e ba 03 37 e4 e2 40 23 fc d6 9a 5a eb 07 dd dc 01 83 a4 d0 > ac 9b 54 b0 51 f2 b1 3e d9 49 09 75 ea b7 74 14 ff 59 c1 f7 69 2e 9a 2e > 20 2b 38 fc 91 0a 47 41 74 ad c9 3c 1f 67 c9 81 > > # Prime exponent 2: > 47 1e 02 90 ff 0a f0 75 03 51 b7 f8 78 86 4c a9 61 ad bd 3a 8a 7e 99 1c > 5c 05 56 a9 4c 31 46 a7 f9 80 3f 8f 6f 8a e3 42 e9 31 fd 8a e4 7a 22 0d > 1b 99 a4 95 84 98 07 fe 39 f9 24 5a 98 36 da 3d > > # Coefficient: > b0 6c 4f da bb 63 01 19 8d 26 5b db ae 94 23 b3 80 f2 71 f7 34 53 88 50 > 93 07 7f cd 39 e2 11 9f c9 86 32 15 4f 58 83 b1 67 a9 67 bf 40 2b 4e 9e > 2e 0f 96 56 e6 98 ea 36 66 ed fb 25 79 80 39 f7 >
There are a couple of ways to do this. One is to write a short program to read in each component, populate an RSA structure with them using BN_hex2bn() and write the result out with PEM_write_RSAPrivateKey(). If you can compile up OpenSSL 0.9.8-dev (from a snapshot) you can build a text file to create the correct format. There's an example in the ASN1_generate_nconf() manual page at: http://www.openssl.org/docs/crypto/ASN1_generate_nconf.html the OpenSSL 0.9.8-dev asn1parse has a command line option -genconf that can be used for this. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
