On Jan 25, 2013, at 6:45 PM, Dave Thompson <dthomp...@prinpay.com> wrote:
>> I dug up the X,690 document that describes the DER format, >> and that is basically the approach that I've been working on. >> I now have a very basic DER parser that will handle the >> Sequence and Integer types that are in the public keys that >> I'm dealing with. This gives me a Python long integer of 168 >> bits for e and another 24-bit integer for m. I should be >> able to pass these to the M2Crypto.RSA.new_pub_key() function >> once I can get them encoded correctly (they need to be in the >> OpenSSL MPINT format). >> > That can't be right. The key you posted upthread had 1024-bit m > represented in 129 octets (because ASN.1 INTEGER is signed) > which you might therefore treat as 1025 bits or 1032 bits, and > 17-bit e represented in 3 octets which you might treat as 24 bits. > > Like that key practically all RSA keys you see will have e = 65537 > (in hex 01 00 01, either endian!) because that is the fourth Fermat > prime, nicknamed F4, thus invertible for any usable group order. > You may find a few typically older ones with e = 3. Although other > (and larger) public-exponent values are possible, they are more > costly to use and provide no benefit, so people (sensibly) don't. > > RSA moduli can in principle be any size that provides sufficient > security, but in practice people mostly use 1024, 2048, and 3072 > because they are convenient and/or standardized. Yeah, I said that it had been a long week. I should know better than to post something on a Friday afternoon when I'm trying to get out the door. My 'm' is a 1024 bit value as you noted. The 168 was the result of the python 'sizeof()' which just reports on how much memory the variable is using. My 'e' is the 65537 that you noted. I've been able to pass the values to the 'new_pub_key()' function that I mentioned, and I can now encrypt my data and send it to the device. Now to generalize the whole process into my test programs and run it against a few different divides to make sure everything works correctly. Looks like I'm good to go now. Thanks once again for the help. Dwight Tovey Laserjet R&D Engineer dwight.to...@hp.com (208)396-4645 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
