certtool generating invalid RSA private keys?

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

certtool generating invalid RSA private keys?

From:	Adam Langley
Subject:	certtool generating invalid RSA private keys?
Date:	Wed, 18 Aug 2010 15:20:56 -0400

A user reported that they couldn't load an RSA private key, generated
by certtool, with the Go[1] libraries. This is almost certainly an
issue with Go, but I must admit that the private does look odd:

$ certtool --generate-privkey --bits 128 > key.pem

$ openssl asn1parse < key.pem
   0:d=0  hl=2 l=  98 cons: SEQUENCE
   2:d=1  hl=2 l=   1 prim: INTEGER           :00
   5:d=1  hl=2 l=  17 prim: INTEGER           :CB5DA5AE9BCB2E0AA7DF77D525598DF1
  24:d=1  hl=2 l=   3 prim: INTEGER           :010001
  29:d=1  hl=2 l=  16 prim: INTEGER           :2B47B158914072FA21292CE371B28377
  47:d=1  hl=2 l=   9 prim: INTEGER           :D317519B689CE7AB
  58:d=1  hl=2 l=   9 prim: INTEGER           :F6A195E47387D4D3
  69:d=1  hl=2 l=   8 prim: INTEGER           :2E7E8D60009BC6BF
  79:d=1  hl=2 l=   9 prim: INTEGER           :9A9424528F66AF29
  90:d=1  hl=2 l=   8 prim: INTEGER           :662DDEAC721A7443

If we calculate de mod (p-1)(q-1):
(0x010001 * 0x2B47B158914072FA21292CE371B28377) % ((0xD317519B689CE7AB
- 1) * (0xF6A195E47387D4D3 - 1))

It does not equal one. This is the check which the Go libraries are
failing. However, based on my understanding of RSA, it should, should
it not?

[1] http://golang.org


Cheers

AGL

[Prev in Thread]

Current Thread

[Next in Thread]

certtool generating invalid RSA private keys?, Adam Langley <=
- Re: certtool generating invalid RSA private keys?, Adam Langley, 2010/08/18

Prev by Date: Re: [2.10.1] segfault at gnutls_record.c:58
Next by Date: Re: [2.10.1] segfault at gnutls_record.c:58
Previous by thread: minor build breakage
Next by thread: Re: certtool generating invalid RSA private keys?
Index(es):
- Date
- Thread