[EMAIL PROTECTED] - Wed Dec 10 20:01:00 2003]:
> Steve, is there another way to import a crippled private key in
> OpenSSL?
> i.e. another way different from using a PKCS#1 encoding?
> I did a small test and I NULL'ed out the p, q, dmq, dmp, and iqmp
> fields
> of an RSA data structures and then I tried to export it
> (i2d_RSAPrivateKey) and I got a crippled PKCS#1 encoding that did not
> contain any primes and CRT components (which I kind of expected). The
> weird thing is that I try to reimport that PKCS#1 encoding
> (d2i_RSAPrivateKey) and I got an ASN1_item_ex_d2i error ("field
> missing").
> I find a little peculiar to not be able to import a key in OpenSSL
> that
> was also exported by OpenSSL.
That's a quirk (well a bug) in the way the OpenSSL ASN1 code encodes
structures. It will silently allow mandatory fields to be set to NULL
and omit them in the encoding. The decoder will give a fatal parsing
error when such a thing is read.
One reason for this is compatibility with the old code and the fact that
many applications expect the i2d functions to always succeed. Zero for
example is a perfectly valid return value. At some point (other issues
permitting) this will be changed and the encoder will return -1 if
mandatory fields are missing or uninitialized.
In any case a PKCS#1 RSAPrivateKey structure cannot distinguish missing
fields even if they weren't mandatory.
All the RSA related ASN1 private key parsing routines in unmodified
OpenSSL use an RSAPrivateKey structure at some level so all the standard
ways to import an RSA private key will do this.
Some other structure could be divised but I don't know of a standard for
this. Its not too hard to make up a new format but that would require
modification to OpenSSL: and if you're going to do that you might as
well just add something that NULLs out fields set to zero or modify the
RSA code to not try CRT if the fields are zero.
The best solution IMHO is to write a short program that calculates the
missing CRT components and outputs a valid PKCS#1 RSAPrivateKeyInfo
structure and use that. As I said this is quite a bit more efficient (8
times IIRC).
Steve.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
