在 Openssl 中使用 RSA public 密钥生成私钥?
Use RSA public key to generate private key in Openssl?
我知道可以使用 this link 为 OpenSSL 中的自签名证书生成 public 和私钥。但是对于给定的 Public Key,我是否可以计算出对应的 Private Key?我一直在使用 1024 位 RSA public 密钥。
因为我在作业中有这个问题说:
为句子“My name is .我的声音就是我的护照。”验证正确使用 OpenSSL 和以下 1024 位 RSA public 密钥。 (提示:模数可能不像普通 RSA 模数那样生成。):
-----BEGIN PUBLIC KEY-----
MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQCgF35rHhOWi9+r4n9xM/ejvMEs
Q8h6lams962k4U0WSdfySUevhyI1bd3FRIb5fFqSBt6qPTiiiIw0KXte5dANB6lP
e6HdUPTA/U4xHWi2FB/BfAyPsOlUBfFp6dtkEEcEKt+Z8KTJYJEerRie24y+nsfZ
MnLBst6tsEBfx/U75wIBAw==
-----END PUBLIC KEY-----
解决方案的关键(双关语)在提示中:
The modulus might not have been generated like a normal RSA modulus.
这是我采用的方法。
第 1 步:推导素数
- 我先把你的文件保存为
public.pem。
- 要获得模数 (
n) 和 public 指数 (e) 的值,我 运行:
openssl rsa -pubin -in public.pem -text -noout
- 我将十六进制模数和指数转换为十进制数,得到
n=112420265940019545385580931264662691888876377549063413938338239508058300548918731393322848876821656910452908064089039911552450302375557565600923056341141750687524704844725632296552824986371719004485250857447936962589230504662333990648942759862805127715014382377701044586628936249950092121536791020138692688871
e=3
- 我将该数字插入 online factorialization calculator,发现用于计算模数的两个素数之一相对较小:
p=55685342628135644993
q=2018848419246646476894946094575564515176862561629979956283227393349426117194195173357244644821277073710795134539986018769393928719340504755806449531413017314396784334912136112253736003497362080917517151753555605597776865614151048604681116557282512513238254935296910445878892354969335089447
第 2 步:计算其他所需值
- 我使用 python REPL 计算
n 的总和为 ϕ(n) = (p - 1) * (q - 1):
ϕ(n)=112420265940019545383562082845416045411981431454487849423161376946428320592635503999973422759627461737095663419267762837841655167835571546831529127621801245931718255313312614982156040651459582892231514853950574881671713352908778385051165894248654079110333265820418532073390681314653181675602213322541221954432
- 然后我使用 this answer 中的 python 脚本来计算私有指数 (
d) 和系数 (c),结果是:
d=74946843960013030255708055230277363607987620969658566282107584630952213728423669333315615173084974491397108946178508558561103445223714364554352751747867497287812170208875076654770693767639721928154343235967049921114475568605852256700777262832436052740222177213612354715593787543102121117068142215027481302955
c=1040291110785843997
步骤 3:创建私钥的 ASN.1 结构
然后我使用计算值创建一个 ASN.1 structure in a file named asn as described in this answer:
asn1=SEQUENCE:rsa_key
[rsa_key]
version=INTEGER:0
modulus=INTEGER:112420265940019545385580931264662691888876377549063413938338239508058300548918731393322848876821656910452908064089039911552450302375557565600923056341141750687524704844725632296552824986371719004485250857447936962589230504662333990648942759862805127715014382377701044586628936249950092121536791020138692688871
pubExp=INTEGER:3
privExp=INTEGER:74946843960013030255708055230277363607987620969658566282107584630952213728423669333315615173084974491397108946178508558561103445223714364554352751747867497287812170208875076654770693767639721928154343235967049921114475568605852256700777262832436052740222177213612354715593787543102121117068142215027481302955
p=INTEGER:55685342628135644993
q=INTEGER:2018848419246646476894946094575564515176862561629979956283227393349426117194195173357244644821277073710795134539986018769393928719340504755806449531413017314396784334912136112253736003497362080917517151753555605597776865614151048604681116557282512513238254935296910445878892354969335089447
e1=INTEGER:37123561752090429995
e2=INTEGER:903312890059631
coeff=INTEGER:1040291110785843997
第 4 步:创建私钥
基于ASN.1结构,我生成的私钥如下:
- 创建 DER 格式的私钥:
openssl asn1parse -genconf asn -out private.der
- 将私钥转换为 PEM 格式:
openssl rsa -in private.der -inform der -out private.pem -outform pem
这会导致创建一个包含以下内容的 private.pem 文件:
-----BEGIN RSA PRIVATE KEY-----
MIIBsAIBAAKBgQCgF35rHhOWi9+r4n9xM/ejvMEsQ8h6lams962k4U0WSdfySUev
hyI1bd3FRIb5fFqSBt6qPTiiiIw0KXte5dANB6lPe6HdUPTA/U4xHWi2FB/BfAyP
sOlUBfFp6dtkEEcEKt+Z8KTJYJEerRie24y+nsfZMnLBst6tsEBfx/U75wIBAwKB
gGq6VEdpYmRdHGzsbmP7vDiYe2zYHLwQ0AKnPKNErq6KQyQC5eEngbgT4WpWl+J2
Xn+R9m0vwNbaiDam0uD3p5192BaN2tdaW5P5JjfGa95ytRBCQ/cr+z03FjG9C6zQ
QZG5eyOoMloHAfnYiJMV5SZarfTiF9BGFvtcfrjhbterAgkDBMoUFjHxL0ECeDUI
f9nbOl1O2AgI/51gfHGo/NKv+kcQenM8RO7dy9+hUAulwqMlyszSq+0GdZdgQL/i
Lz8NclSgyuUtptmaSWtjB5Tdc8boaBApGKac7vB4M1AfTkng1+SplKbkdFlCVg4n
6EvCOrUFFsLp308JSbkv2240Q93JJwIJAgMxYrl2oMorAgcDNY7r7ttvAggOb9tA
6WMDHQ==
-----END RSA PRIVATE KEY-----
第 5 步:验证结果
为了检查创建的私钥(在private.pem中)是否与提供的public密钥匹配,我刚刚从私钥生成了一个新的public密钥:
openssl rsa -in private.pem -pubout
这会产生以下输出:
writing RSA key
-----BEGIN PUBLIC KEY-----
MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQCgF35rHhOWi9+r4n9xM/ejvMEs
Q8h6lams962k4U0WSdfySUevhyI1bd3FRIb5fFqSBt6qPTiiiIw0KXte5dANB6lP
e6HdUPTA/U4xHWi2FB/BfAyPsOlUBfFp6dtkEEcEKt+Z8KTJYJEerRie24y+nsfZ
MnLBst6tsEBfx/U75wIBAw==
-----END PUBLIC KEY-----
此输出与您提供的 public 密钥完全匹配。
我知道可以使用 this link 为 OpenSSL 中的自签名证书生成 public 和私钥。但是对于给定的 Public Key,我是否可以计算出对应的 Private Key?我一直在使用 1024 位 RSA public 密钥。
因为我在作业中有这个问题说:
为句子“My name is .我的声音就是我的护照。”验证正确使用 OpenSSL 和以下 1024 位 RSA public 密钥。 (提示:模数可能不像普通 RSA 模数那样生成。):
-----BEGIN PUBLIC KEY-----
MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQCgF35rHhOWi9+r4n9xM/ejvMEs
Q8h6lams962k4U0WSdfySUevhyI1bd3FRIb5fFqSBt6qPTiiiIw0KXte5dANB6lP
e6HdUPTA/U4xHWi2FB/BfAyPsOlUBfFp6dtkEEcEKt+Z8KTJYJEerRie24y+nsfZ
MnLBst6tsEBfx/U75wIBAw==
-----END PUBLIC KEY-----
解决方案的关键(双关语)在提示中:
The modulus might not have been generated like a normal RSA modulus.
这是我采用的方法。
第 1 步:推导素数
- 我先把你的文件保存为
public.pem。 - 要获得模数 (
n) 和 public 指数 (e) 的值,我 运行:
openssl rsa -pubin -in public.pem -text -noout - 我将十六进制模数和指数转换为十进制数,得到
n=112420265940019545385580931264662691888876377549063413938338239508058300548918731393322848876821656910452908064089039911552450302375557565600923056341141750687524704844725632296552824986371719004485250857447936962589230504662333990648942759862805127715014382377701044586628936249950092121536791020138692688871
e=3 - 我将该数字插入 online factorialization calculator,发现用于计算模数的两个素数之一相对较小:
p=55685342628135644993
q=2018848419246646476894946094575564515176862561629979956283227393349426117194195173357244644821277073710795134539986018769393928719340504755806449531413017314396784334912136112253736003497362080917517151753555605597776865614151048604681116557282512513238254935296910445878892354969335089447
第 2 步:计算其他所需值
- 我使用 python REPL 计算
n的总和为ϕ(n) = (p - 1) * (q - 1):
ϕ(n)=112420265940019545383562082845416045411981431454487849423161376946428320592635503999973422759627461737095663419267762837841655167835571546831529127621801245931718255313312614982156040651459582892231514853950574881671713352908778385051165894248654079110333265820418532073390681314653181675602213322541221954432 - 然后我使用 this answer 中的 python 脚本来计算私有指数 (
d) 和系数 (c),结果是:
d=74946843960013030255708055230277363607987620969658566282107584630952213728423669333315615173084974491397108946178508558561103445223714364554352751747867497287812170208875076654770693767639721928154343235967049921114475568605852256700777262832436052740222177213612354715593787543102121117068142215027481302955
c=1040291110785843997
步骤 3:创建私钥的 ASN.1 结构
然后我使用计算值创建一个 ASN.1 structure in a file named asn as described in this answer:
asn1=SEQUENCE:rsa_key
[rsa_key]
version=INTEGER:0
modulus=INTEGER:112420265940019545385580931264662691888876377549063413938338239508058300548918731393322848876821656910452908064089039911552450302375557565600923056341141750687524704844725632296552824986371719004485250857447936962589230504662333990648942759862805127715014382377701044586628936249950092121536791020138692688871
pubExp=INTEGER:3
privExp=INTEGER:74946843960013030255708055230277363607987620969658566282107584630952213728423669333315615173084974491397108946178508558561103445223714364554352751747867497287812170208875076654770693767639721928154343235967049921114475568605852256700777262832436052740222177213612354715593787543102121117068142215027481302955
p=INTEGER:55685342628135644993
q=INTEGER:2018848419246646476894946094575564515176862561629979956283227393349426117194195173357244644821277073710795134539986018769393928719340504755806449531413017314396784334912136112253736003497362080917517151753555605597776865614151048604681116557282512513238254935296910445878892354969335089447
e1=INTEGER:37123561752090429995
e2=INTEGER:903312890059631
coeff=INTEGER:1040291110785843997
第 4 步:创建私钥
基于ASN.1结构,我生成的私钥如下:
- 创建 DER 格式的私钥:
openssl asn1parse -genconf asn -out private.der - 将私钥转换为 PEM 格式:
openssl rsa -in private.der -inform der -out private.pem -outform pem
这会导致创建一个包含以下内容的 private.pem 文件:
-----BEGIN RSA PRIVATE KEY-----
MIIBsAIBAAKBgQCgF35rHhOWi9+r4n9xM/ejvMEsQ8h6lams962k4U0WSdfySUev
hyI1bd3FRIb5fFqSBt6qPTiiiIw0KXte5dANB6lPe6HdUPTA/U4xHWi2FB/BfAyP
sOlUBfFp6dtkEEcEKt+Z8KTJYJEerRie24y+nsfZMnLBst6tsEBfx/U75wIBAwKB
gGq6VEdpYmRdHGzsbmP7vDiYe2zYHLwQ0AKnPKNErq6KQyQC5eEngbgT4WpWl+J2
Xn+R9m0vwNbaiDam0uD3p5192BaN2tdaW5P5JjfGa95ytRBCQ/cr+z03FjG9C6zQ
QZG5eyOoMloHAfnYiJMV5SZarfTiF9BGFvtcfrjhbterAgkDBMoUFjHxL0ECeDUI
f9nbOl1O2AgI/51gfHGo/NKv+kcQenM8RO7dy9+hUAulwqMlyszSq+0GdZdgQL/i
Lz8NclSgyuUtptmaSWtjB5Tdc8boaBApGKac7vB4M1AfTkng1+SplKbkdFlCVg4n
6EvCOrUFFsLp308JSbkv2240Q93JJwIJAgMxYrl2oMorAgcDNY7r7ttvAggOb9tA
6WMDHQ==
-----END RSA PRIVATE KEY-----
第 5 步:验证结果
为了检查创建的私钥(在private.pem中)是否与提供的public密钥匹配,我刚刚从私钥生成了一个新的public密钥:
openssl rsa -in private.pem -pubout
这会产生以下输出:
writing RSA key
-----BEGIN PUBLIC KEY-----
MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQCgF35rHhOWi9+r4n9xM/ejvMEs
Q8h6lams962k4U0WSdfySUevhyI1bd3FRIb5fFqSBt6qPTiiiIw0KXte5dANB6lP
e6HdUPTA/U4xHWi2FB/BfAyPsOlUBfFp6dtkEEcEKt+Z8KTJYJEerRie24y+nsfZ
MnLBst6tsEBfx/U75wIBAw==
-----END PUBLIC KEY-----
此输出与您提供的 public 密钥完全匹配。