[EMAIL PROTECTED] wrote:
>
> the apps/genrsa utility confused me because it seems to only generate a
> private key. the apps/rsa utility documentation says that with a -pubout a
> public key is output from a private key. is this true? is a public key
> embedded in the private key generated with genrsa?
>
Well the private key contains the public key components so a private key
can serve as a public key too.
> I tried to test this by adding
> if(!PEM_write_bio_RSAPublicKey(out,rsa))
> goto err;
> right after line 210 in genrsa.c
>
[stuff deleted]
>
> OpenSSL> rsa -in foo.pem -pubout
> read RSA key
> writing RSA key
>
> Can someone explain the discrepency?
>
If you look more closely at apps/rsa.c you'll see it writes out the
public key using PEM_write_bio_RSA_PUBKEY(). This embeds the public key
in a SubjectPublicKeyInfo structure as used in certificates.
PEM_write_bio_RSAPublicKey() uses the RSAPublicKey structure defined in
PKCS#1.
So you should have the same public key buy represented in two different
ways.
However in your "example" you seem to have managed to get different keys
somehow. I have not been able to reproduce that.
You can extract or print the public part of an RSA public key just using
the 'rsa' utility:
openssl rsa -in privkey.pem -pubout -out pubkey.pem
openssl rsa -in pubkey.pem -noout -text
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
