Ok, sorry about the spam .... the keys have a different header and googling it arround found that:
"BEGIN RSA PRIVATE KEY is PKCS#1 and is just an RSA key. It is essentially just the key object from PKCS#8, but without the version or algorithm identifier in front. BEGIN PRIVATE KEY is PKCS#8 and indicates that the key type is included in the key data itself." # xxd apache.key | head 0000000: 2d2d 2d2d 2d42 4547 494e 2050 5249 5641 -----BEGIN PRIVA 0000010: 5445 204b 4559 2d2d 2d2d 2d0a 4d49 4943 TE KEY-----.MIIC 0000020: 6477 4942 4144 414e 4267 6b71 686b 6947 dwIBADANBgkqhkiG 0000030: 3977 3042 4151 4546 4141 5343 416d 4577 9w0BAQEFAASCAmEw 0000040: 6767 4a64 4167 4541 416f 4742 414e 6f59 ggJdAgEAAoGBANoY 0000050: 4434 4a42 4255 7352 7773 4b46 0a73 6d35 D4JBBUsRwsKF.sm5 # xxd apache-recovered.key | head 0000000: 2d2d 2d2d 2d42 4547 494e 2052 5341 2050 -----BEGIN RSA P 0000010: 5249 5641 5445 204b 4559 2d2d 2d2d 2d0a RIVATE KEY-----. 0000020: 4d49 4943 5851 4942 4141 4b42 6751 4461 MIICXQIBAAKBgQDa 0000030: 4741 2b43 5151 564c 4563 4c43 6862 4a75 GA+CQQVLEcLChbJu 0000040: 6562 5a72 432f 7a49 4554 6535 4530 385a ebZrC/zIETe5E08Z 0000050: 4c61 4f44 3030 6458 3152 4661 6f57 5567 LaOD00dX1RFaoWUg And with the command "openssl rsa -inform PEM -text -noout" both keys have the same key material .... Thanks! On Tue, Apr 15, 2014 at 7:49 PM, Luis Rocha <luiscro...@gmail.com> wrote: > Hello All, > > Please bare with me but could someone explain the following exercise > result? > How can a different private key generate the same public key? > > > Basically I started a new VM and installed Ubuntu 13. Configured SSL and > run the heartbleed script that is available in the wild. > > After a few packets got the RSA Modulus and one PrimeP. > Converted the hex into decimal > Divided the Modulus / PrimeP and got PrimeQ > Used rsatool to generate RSA key and saved output in PEM format > Compared (md5) the original key with the reconstructed key and got > different values > Extracted the pubkey from the original key and the reconstructed and got > equal values. > Signed a file with the original key and verified it successfully with the > public reconstructed key. > > Here is the evidence: > > root@kali:~/Heartbleed# md5sum apache.key apache-recovered.key > > 8f3b1bc3c4fb4875b61ba39b6cf8f766 apache.key > > b3198c6328b097568018061b51834ddd apache-recovered.key > > > > root# openssl rsa -in apache-recovered.key -pubout > > apache-recovered.pub.key > > writing RSA key > > root# openssl rsa -in apache.key -pubout > apache.pub.key > > writing RSA key > > > root@kali:~/Heartbleed# md5sum apache.pub.key apache-recovered.pub.key > > 9c4420445578366d0369a744a12cf313 apache.pub.key > > 9c4420445578366d0369a744a12cf313 apache-recovered.pub.key > > > > > root# openssl dgst -md5 -sign apache.key -out filename.sign filename > > root# openssl dgst -md5 -verify apache-recovered.pub.key -signature > filename.sign filename > Verified OK > > > Thank you, > Luis > > > > >
