Jyke Jokinen jyke.jokinen@tut.fi writes:
In private key the fields are (openssl rsa -in key.pem -text): privateExponent: prime1: prime2: exponent1: exponent2: coefficient:
Prime1&2 should be the factors p and q in rsa_private_key(?) What values should be used for a, b and c?
If n = p q, e is the public exponent and d is the private exponent, then one should have
a = d mod (p - 1) b = d mod (q - 1) c = q^{-1} (mod p)
I've tried to explain this in rsa.h, suggestions for improving the documentation are welcome.
I'm pretty sure openssl uses the same values. Off the top of my head I can't say for sure how to pair together nettle's names and openssl's, but I think they're in the same order, i.e.,
privateExponent = d prime1 = p prime2 = q exponent1 = a exponent2 = b coefficient = c
Anyway, a, b, and c are redundant and can be computed from p, q and d, so you can check if the pairing above is correct.
For converting keys in pkcs#1 format, also have a look at the program examples/pkcs1-conv.c, and the function rsa_keypair_from_der which it uses.
Regards, /Niels
PS. I've added your address to the non-member whitelist. I hope that works, and that you can now post to the list. (Default posting policy is members-only, as a desperate anti-spam measure).