The user can specify as an hexadecimal string the RSA public
exponent e in the RSA key generation.
e has to be odd and greater than 65537.
Example: openssl genrsa -public 123456789 -out key.pem 4096
Modified the name of exponent
---
apps/genrsa.c | 46 ++
doc/apps/genrsa.pod | 6 ++
2 files changed, 44 insertions(+), 8 deletions(-)
diff --git a/apps/genrsa.c b/apps/genrsa.c
index 6b835c0..d7ad523 100644
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -98,6 +98,7 @@ int MAIN(int argc, char **argv)
long l;
const EVP_CIPHER *enc=NULL;
unsigned long f4=RSA_F4;
+ char *exp = NULL;
char *outfile=NULL;
char *passargout = NULL, *passout = NULL;
#ifndef OPENSSL_NO_ENGINE
@@ -106,6 +107,7 @@ int MAIN(int argc, char **argv)
char *inrand=NULL;
BIO *out=NULL;
BIGNUM *bn = BN_new();
+ BIGNUM *F4 = BN_new();
RSA *rsa = NULL;
if(!bn) goto err;
@@ -139,6 +141,22 @@ int MAIN(int argc, char **argv)
f4=3;
else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0)
f4=RSA_F4;
+ else if (strcmp(*argv,"-public") == 0)
+ {
+ if(--argc < 1) goto bad;
+ exp = *(++argv);
+ if (!BN_hex2bn(&bn,exp))
+ goto err;
+ if (!BN_hex2bn(&F4,"10001"))
+ goto err;
+ if (BN_cmp(bn,F4) < 0 || !BN_is_odd(bn))
+ {
+ BIO_printf(bio_err,"Public exponent
has to be odd and greater than 65537\n");
+ goto err;
+ }
+ if (!BN_hex2bn(&bn,exp))
+ goto err;
+ }
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
@@ -218,6 +236,7 @@ bad:
BIO_printf(bio_err," -passout argoutput file pass
phrase source\n");
BIO_printf(bio_err," -f4 use F4 (0x10001)
for the E value\n");
BIO_printf(bio_err," -3 use 3 for the E value\n");
+ BIO_printf(bio_err," -exponent exp use exp
hexadecimal string as the public exponent\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e,
possibly a hardware device.\n");
#endif
@@ -279,23 +298,33 @@ bad:
if (non_fips_allow)
rsa->flags |= RSA_FLAG_NON_FIPS_ALLOW;
- if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
+ if (exp != NULL)
+ {
+ if (!RSA_generate_key_ex(rsa, num, bn, &cb))
+ goto err;
+ }
+ else if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
goto err;
-
+
app_RAND_write_file(NULL, bio_err);
/* We need to do the following for when the base number size is <
* long, esp windows 3.1 :-(. */
- l=0L;
- for (i=0; ie->top; i++)
+ if( exp == NULL || strlen(exp) <= 16)
{
+ l=0L;
+ for (i=0; ie->top; i++)
+ {
#ifndef SIXTY_FOUR_BIT
- l<<=BN_BITS4;
- l<<=BN_BITS4;
+ l<<=BN_BITS4;
+ l<<=BN_BITS4;
#endif
- l+=rsa->e->d[i];
+ l+=rsa->e->d[i];
+ }
+ BIO_printf(bio_err,"e is %ld (0x%lX)\n",l,l);
}
- BIO_printf(bio_err,"e is %ld (0x%lX)\n",l,l);
+ else
+ BIO_printf(bio_err,"e is 0x%s\n",exp);
{
PW_CB_DATA cb_data;
cb_data.password = passout;
@@ -308,6 +337,7 @@ bad:
ret=0;
err:
if (bn) BN_free(bn);
+ if (F4) BN_free(F4);
if (rsa) RSA_free(rsa);
if (out) BIO_free_all(out);
if(passout) OPENSSL_free(passout);
diff --git a/doc/apps/genrsa.pod b/doc/apps/genrsa.pod
index cb03d09..56b17aa 100644
--- a/doc/apps/genrsa.pod
+++ b/doc/apps/genrsa.pod
@@ -26,6 +26,7 @@ B B
[B<-idea>]
[B<-f4>]
[B<-3>]
+[B<-public exp>]
[B<-rand file(s)>]
[B<-engine id>]
[B]
@@ -59,6 +60,11 @@ for if it is not supplied via the B<-passout> argument.
the public exponent to use, either 65537 or 3. The default is 65537.
+=item B<-public exp>
+
+specifying the public exponent B. B is in hexadecimal format,
+shall be odd and greater than 65537.
+
=item B<-rand file(s)>
a file or files containing random data used to seed the random number
--
2.1.0
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.or