On Tue, Mar 26, 2019 at 12:25:21AM +0100, Tobias Nießen wrote:
> I am using OpenSSL 1.1.1b and I have two questions regarding RSA-PSS. I
> am using the following command to generate the private key:
>
> $ openssl genpkey -algorithm RSA-PSS -pkeyopt rsa_keygen_bits:2048 \
> -pkeyopt rsa_keygen_pubexp:65537 -pkeyopt rsa_pss_keygen_md:sha256 \
> -pkeyopt rsa_pss_keygen_mgf1_md:sha256 -pkeyopt \
> rsa_pss_keygen_saltlen:16 -out rsa_pss_private_2048_restricted.pem
>
> This works, but I am unsure how to produce the corresponding public key
> using the openssl CLI, it would be great if someone could give me some
> pointers.
$ openssl genpkey -algorithm RSA-PSS -pkeyopt rsa_keygen_bits:2048 \
-pkeyopt rsa_keygen_pubexp:65537 -pkeyopt rsa_pss_keygen_md:sha256 \
-pkeyopt rsa_pss_keygen_mgf1_md:sha256 -pkeyopt rsa_pss_keygen_saltlen:16 \
-out rsa_pss_private_2048_restricted.pem
....................................................................+++++
...........................+++++
$ openssl pkey -in rsa_pss_private_2048_restricted.pem -pubout |
openssl pkey -pubin -text
-----BEGIN PUBLIC KEY-----
MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEB
CDALBglghkgBZQMEAgGiAwIBEAOCAQ8AMIIBCgKCAQEAtfBYSSrOvPmuwVzRJeOP
h5o9iZEM2L9CTY3mJRW5cJOdoOwjEp6ITge3QxPbgoFlKwg88U1ejIj7/uNwZKIV
yO5WRYRBFxS+rdBv6gQNyBn6z4LcxQ1chE6PgpmO0ZsDj56aRumf7mmg5ewFHOAG
txeSRyT4NO6XMFb57OGGqGwhYm/nUrbrtmErCc8Y/HKP0TVHCnrvoGf2hgAkmvYG
FxqbXs12nQrgcecPZVtszcdD/RelTaE62TnNrsHOCEdqLoOXTJ/64LQXKFrbAd7H
YiBKXYA+PkJf5a053LJ9gIJlkYKpCbXqkI9cLRS/uX5WDg5/rJilR8Ng77tQSJvq
LwIDAQAB
-----END PUBLIC KEY-----
RSA-PSS Public-Key: (2048 bit)
Modulus:
00:b5:f0:58:49:2a:ce:bc:f9:ae:c1:5c:d1:25:e3:
8f:87:9a:3d:89:91:0c:d8:bf:42:4d:8d:e6:25:15:
b9:70:93:9d:a0:ec:23:12:9e:88:4e:07:b7:43:13:
db:82:81:65:2b:08:3c:f1:4d:5e:8c:88:fb:fe:e3:
70:64:a2:15:c8:ee:56:45:84:41:17:14:be:ad:d0:
6f:ea:04:0d:c8:19:fa:cf:82:dc:c5:0d:5c:84:4e:
8f:82:99:8e:d1:9b:03:8f:9e:9a:46:e9:9f:ee:69:
a0:e5:ec:05:1c:e0:06:b7:17:92:47:24:f8:34:ee:
97:30:56:f9:ec:e1:86:a8:6c:21:62:6f:e7:52:b6:
eb:b6:61:2b:09:cf:18:fc:72:8f:d1:35:47:0a:7a:
ef:a0:67:f6:86:00:24:9a:f6:06:17:1a:9b:5e:cd:
76:9d:0a:e0:71:e7:0f:65:5b:6c:cd:c7:43:fd:17:
a5:4d:a1:3a:d9:39:cd:ae:c1:ce:08:47:6a:2e:83:
97:4c:9f:fa:e0:b4:17:28:5a:db:01:de:c7:62:20:
4a:5d:80:3e:3e:42:5f:e5:ad:39:dc:b2:7d:80:82:
65:91:82:a9:09:b5:ea:90:8f:5c:2d:14:bf:b9:7e:
56:0e:0e:7f:ac:98:a5:47:c3:60:ef:bb:50:48:9b:
ea:2f
Exponent: 65537 (0x10001)
PSS parameter restrictions:
Hash Algorithm: sha256
Mask Algorithm: mgf1 with sha256
Minimum Salt Length: 0x10
Trailer Field: 0xBC (default)
> I also need to access the key restrictions (MD / MGF1 MD / salt length)
> given only a pointer to the EVP_PKEY structure. I understand that the
> information is stored in the RSA_PSS_PARAMS structure. How do I access
> the restrictions using the public API?
EVP_PKEY_get0_RSA() gets you the underlying algorithm-specific RSA
key. But there don't appear to be any accessors that use the
internal rsa_pss_get_param() function to return these parameters
(I could not find any). Perhaps open an issue on github, or if
you are up for it, a pull request (with documentationa and code).
--
Viktor.
