In message <CAFftDdqWPXq1+Mo9_6J0EzhZ4uwg5QC=R5fx8N1j=QYchA8+YQ@xxxxxxxxxxxxxx> on Fri, 13 Apr 2018 09:17:28 -0700, William Roberts <bill.c.roberts@xxxxxxxxx> said: bill.c.roberts> I am currently working on writing an openssl engine bill.c.roberts> to interface with a piece of hardware. bill.c.roberts> bill.c.roberts> I am trying to understand how to implement bill.c.roberts> rsa key generation, where the private key bill.c.roberts> bytes would not be available. bill.c.roberts> bill.c.roberts> I am currently invoking the bill.c.roberts> command: bill.c.roberts> bill.c.roberts> openssl genrsa -engine foo bill.c.roberts> bill.c.roberts> Which is calling my callback for RSA keygen, registered via ENGINE_set_RSA() bill.c.roberts> and I set the flags: RSA_FLAG_EXT_PKEY. bill.c.roberts> bill.c.roberts> However, genrsa app seems to want rsa->e set here: bill.c.roberts> https://github.com/openssl/openssl/blob/OpenSSL_1_0_2g/apps/genrsa.c#L291 bill.c.roberts> bill.c.roberts> I can't find documentation on how to handle the keygen interface bill.c.roberts> for RSA. bill.c.roberts> bill.c.roberts> Can someone point me in the right direction? e and n are public components of any RSA key pair (and RSA structure in OpenSSL). You *must* make them available. The rest of the numbers are private and do not need to be part of the RSA structure that OpenSSL handles. Cheers, Richard -- Richard Levitte levitte@xxxxxxxxxxx OpenSSL Project http://www.openssl.org/~levitte/ -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
