certtool generating invalid RSA private keys?
Adam Langley
agl at golang.org
Wed Aug 18 21:20:56 CEST 2010
A user reported that they couldn't load an RSA private key, generated
by certtool, with the Go[1] libraries. This is almost certainly an
issue with Go, but I must admit that the private does look odd:
$ certtool --generate-privkey --bits 128 > key.pem
$ openssl asn1parse < key.pem
0:d=0 hl=2 l= 98 cons: SEQUENCE
2:d=1 hl=2 l= 1 prim: INTEGER :00
5:d=1 hl=2 l= 17 prim: INTEGER :CB5DA5AE9BCB2E0AA7DF77D525598DF1
24:d=1 hl=2 l= 3 prim: INTEGER :010001
29:d=1 hl=2 l= 16 prim: INTEGER :2B47B158914072FA21292CE371B28377
47:d=1 hl=2 l= 9 prim: INTEGER :D317519B689CE7AB
58:d=1 hl=2 l= 9 prim: INTEGER :F6A195E47387D4D3
69:d=1 hl=2 l= 8 prim: INTEGER :2E7E8D60009BC6BF
79:d=1 hl=2 l= 9 prim: INTEGER :9A9424528F66AF29
90:d=1 hl=2 l= 8 prim: INTEGER :662DDEAC721A7443
If we calculate de mod (p-1)(q-1):
(0x010001 * 0x2B47B158914072FA21292CE371B28377) % ((0xD317519B689CE7AB
- 1) * (0xF6A195E47387D4D3 - 1))
It does not equal one. This is the check which the Go libraries are
failing. However, based on my understanding of RSA, it should, should
it not?
[1] http://golang.org
Cheers
AGL
More information about the Gnutls-devel
mailing list