On Tue, Mar 26, 2019 at 12:25:21AM +0100, Tobias Nießen wrote: > I am using OpenSSL 1.1.1b and I have two questions regarding RSA-PSS. I > am using the following command to generate the private key: > > $ openssl genpkey -algorithm RSA-PSS -pkeyopt rsa_keygen_bits:2048 \ > -pkeyopt rsa_keygen_pubexp:65537 -pkeyopt rsa_pss_keygen_md:sha256 \ > -pkeyopt rsa_pss_keygen_mgf1_md:sha256 -pkeyopt \ > rsa_pss_keygen_saltlen:16 -out rsa_pss_private_2048_restricted.pem > > This works, but I am unsure how to produce the corresponding public key > using the openssl CLI, it would be great if someone could give me some > pointers. $ openssl genpkey -algorithm RSA-PSS -pkeyopt rsa_keygen_bits:2048 \ -pkeyopt rsa_keygen_pubexp:65537 -pkeyopt rsa_pss_keygen_md:sha256 \ -pkeyopt rsa_pss_keygen_mgf1_md:sha256 -pkeyopt rsa_pss_keygen_saltlen:16 \ -out rsa_pss_private_2048_restricted.pem ....................................................................+++++ ...........................+++++ $ openssl pkey -in rsa_pss_private_2048_restricted.pem -pubout | openssl pkey -pubin -text -----BEGIN PUBLIC KEY----- MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEB CDALBglghkgBZQMEAgGiAwIBEAOCAQ8AMIIBCgKCAQEAtfBYSSrOvPmuwVzRJeOP h5o9iZEM2L9CTY3mJRW5cJOdoOwjEp6ITge3QxPbgoFlKwg88U1ejIj7/uNwZKIV yO5WRYRBFxS+rdBv6gQNyBn6z4LcxQ1chE6PgpmO0ZsDj56aRumf7mmg5ewFHOAG txeSRyT4NO6XMFb57OGGqGwhYm/nUrbrtmErCc8Y/HKP0TVHCnrvoGf2hgAkmvYG FxqbXs12nQrgcecPZVtszcdD/RelTaE62TnNrsHOCEdqLoOXTJ/64LQXKFrbAd7H YiBKXYA+PkJf5a053LJ9gIJlkYKpCbXqkI9cLRS/uX5WDg5/rJilR8Ng77tQSJvq LwIDAQAB -----END PUBLIC KEY----- RSA-PSS Public-Key: (2048 bit) Modulus: 00:b5:f0:58:49:2a:ce:bc:f9:ae:c1:5c:d1:25:e3: 8f:87:9a:3d:89:91:0c:d8:bf:42:4d:8d:e6:25:15: b9:70:93:9d:a0:ec:23:12:9e:88:4e:07:b7:43:13: db:82:81:65:2b:08:3c:f1:4d:5e:8c:88:fb:fe:e3: 70:64:a2:15:c8:ee:56:45:84:41:17:14:be:ad:d0: 6f:ea:04:0d:c8:19:fa:cf:82:dc:c5:0d:5c:84:4e: 8f:82:99:8e:d1:9b:03:8f:9e:9a:46:e9:9f:ee:69: a0:e5:ec:05:1c:e0:06:b7:17:92:47:24:f8:34:ee: 97:30:56:f9:ec:e1:86:a8:6c:21:62:6f:e7:52:b6: eb:b6:61:2b:09:cf:18:fc:72:8f:d1:35:47:0a:7a: ef:a0:67:f6:86:00:24:9a:f6:06:17:1a:9b:5e:cd: 76:9d:0a:e0:71:e7:0f:65:5b:6c:cd:c7:43:fd:17: a5:4d:a1:3a:d9:39:cd:ae:c1:ce:08:47:6a:2e:83: 97:4c:9f:fa:e0:b4:17:28:5a:db:01:de:c7:62:20: 4a:5d:80:3e:3e:42:5f:e5:ad:39:dc:b2:7d:80:82: 65:91:82:a9:09:b5:ea:90:8f:5c:2d:14:bf:b9:7e: 56:0e:0e:7f:ac:98:a5:47:c3:60:ef:bb:50:48:9b: ea:2f Exponent: 65537 (0x10001) PSS parameter restrictions: Hash Algorithm: sha256 Mask Algorithm: mgf1 with sha256 Minimum Salt Length: 0x10 Trailer Field: 0xBC (default) > I also need to access the key restrictions (MD / MGF1 MD / salt length) > given only a pointer to the EVP_PKEY structure. I understand that the > information is stored in the RSA_PSS_PARAMS structure. How do I access > the restrictions using the public API? EVP_PKEY_get0_RSA() gets you the underlying algorithm-specific RSA key. But there don't appear to be any accessors that use the internal rsa_pss_get_param() function to return these parameters (I could not find any). Perhaps open an issue on github, or if you are up for it, a pull request (with documentationa and code). -- Viktor.