问题
i received the following from some legacy system when i asked for private key: MODULUS, PUBLIC EXP, PRIVATE EXP, PRIME_P, PRIME_Q, PARAM_P, PARAM_Q, Q_MOD_INV
All of this data is in hex, how can i convert this to a openssl PEM file or PFX ?
Thank you and best regards!
回答1:
Generate RSA key with openssl:
openssl genrsa -out rsa.pem 2048
Convert RSA key from PEM format to DER format:
openssl rsa -inform PEM -in rsa.pem -outform DER -out rsa.der
Open file rsa.der in ASN.1 Editor:
ASN.1 structure of RSA private key is defined in PKCS#1 (RFC 3447):
RSAPrivateKey ::= SEQUENCE {
version Version,
modulus INTEGER, -- n
publicExponent INTEGER, -- e
privateExponent INTEGER, -- d
prime1 INTEGER, -- p
prime2 INTEGER, -- q
exponent1 INTEGER, -- d mod (p-1)
exponent2 INTEGER, -- d mod (q-1)
coefficient INTEGER, -- (inverse of q) mod p
otherPrimeInfos OtherPrimeInfos OPTIONAL
}
Edit required fields in ASN.1 Editor (right click the item and choose "Edit in hex mode") and paste your data following this mapping:
MODULUS = modulus
PUBLIC EXP = publicExponent
PRIVATE EXP = privateExponent
PRIME_P = prime1
PRIME_Q = prime2
PARAM_P = exponent1
PARAM_Q = exponent2
Q_MOD_INV = coefficient
Edit based on the comments: Individual parts of the private key are big integers. When the leftmost bit of the value is 1 (or leftmost byte equals or is bigger than 0x80) then 0x00 byte needs to be preppended to the value to indicate it is positive number.
Finally save the modified file and convert it from DER format to PEM format with openssl:
openssl rsa -inform DER -in rsa.der -outform PEM -out rsa.pem
来源:https://stackoverflow.com/questions/22078801/creating-pem-pfx-from-private-modulus