Jyke Jokinen <jyke.jokinen(a)tut.fi> writes:
> In private key the fields are (openssl rsa -in key.pem -text):
> privateExponent:
> prime1:
> prime2:
> exponent1:
> exponent2:
> coefficient:
>
> Prime1&2 should be the factors p and q in rsa_private_key(?)
> What values should be used for a, b and c?
If n = p q, e is the public exponent and d is the private exponent, then
one should have
a = d mod (p - 1)
b = d mod (q - 1)
c = q^{-1} (mod p)
I've tried to explain this in rsa.h, suggestions for improving the
documentation are welcome.
I'm pretty sure openssl uses the same values. Off the top of my head I
can't say for sure how to pair together nettle's names and openssl's,
but I think they're in the same order, i.e.,
privateExponent = d
prime1 = p
prime2 = q
exponent1 = a
exponent2 = b
coefficient = c
Anyway, a, b, and c are redundant and can be computed from p, q and d,
so you can check if the pairing above is correct.
For converting keys in pkcs#1 format, also have a look at the program
examples/pkcs1-conv.c, and the function rsa_keypair_from_der which it
uses.
Regards,
/Niels
PS. I've added your address to the non-member whitelist. I hope that
works, and that you can now post to the list. (Default posting policy is
members-only, as a desperate anti-spam measure).
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
