Hi Ben, you can generate keys with arbitrary exponents using the genpkey command:
openssl genpkey -algorithm rsa \ -pkeyopt rsa_keygen_bits:16384 -pkeyopt rsa_keygen_pubexp:4711 Regards, Ann. Am 09.08.2014 15:21, schrieb Benny Baumann:> Hi, > > I'd like to propose to include the following additional two command line > arguments for the openssl binary when creating RSA keys. While the patch > is written to apply to LibReSSL 2.0.5 it should apply to genrsa.c of > OpenSSL 1.0.1 just fine too. > > While the default of 65537 is a sane default it's not strictly forced by > any standard. In contrast when looking at NIST SP-800-56B section 6.2.1 > bullet 2b it is described as "an odd positive integer such that 65537 <= > e < 2**256" > > As the plain RSA only requires e to be co-prime to both p-1 and q-1 and > given the obvious limitation for e=1 yielding no security, there is no > mathematical backing for any upper bound for e (except the obvious one > given by p*q-1). > > The change only affects the key generation and extends the possibility > to use custom public exponents as has been done in certain areas > previously. Implementations conforming to the mathematical foundation > should be unaffected as otherwise they would have been broken for > decryption all along. > > Kind regards, > Benny Baumann > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
