On Wed, Feb 22, 2006, Kyle Hamilton wrote: > > * Dr. Henson: When OpenSSL encrypts the private key, does it encrypt > the public key and exponent as well, or just the private part of the > key? if it encrypts the pubkey and exp as well, is this to verify the > proper private key when it's loaded? >
It encrypts a PKCS#1 RSAPrivateKeyInfo structure in all the existing encrypted private key formats. That includes all components including n,e. > Chris, the short answer is: no, RSA decryption does not require the > public exponent. However, there's a couple of caveats that apply with > OpenSSL due to design decisions. > One of those design decisions is protection against error either due to a hardware glitch or some obscure boundary case bug in the bignum code. If such an error occurred and a bad private key operation data was output in some cases it would leak data which could be used to reconstruct the private key. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
