RSA public key : Behind the scene
5 min readOct 8, 2018
What is public and private key in RSA Signing?
- Private key is used to sign a mail / file by the sender and public key is used to verify the signature of the mail / file by the recipient.
- Private key contains the prime numbers, modulus, public exponent, private exponent and coefficients.
- Public key contains modulus and public exponent.
- Modulus (n) is the product of two prime numbers used to generate the key pair.
- Public exponent (d) is the exponent used on signed / encoded data to decode the original value.
Generate RSA private and public key using openssl
# Generate 1024 bit Private key
$ openssl genrsa -out myprivate.pem 1024# Separate the public part from the Private key file.
$ openssl rsa -in myprivate.pem -pubout > mypublic.pem# Display the contents of private key
$ cat myprivate.pem-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDRFNU++93aEvz3cV8LSUP9ib3iUxT7SufdVXcgVFK9M3BYzvro
A1uO/parFOJABTkNhTPPP/6mjrU2CPEZJ1zIkpaSNJrrhpp/rNMO9nyLYPGs9Mfd
BiWUPmHW5mY1oD0ye4my0tEsHOlgHC8AhA8OtiHr6IY0agXmH/y5YmSWbwIDAQAB
AoGAAj/IH3pUI6FqqTrF+/gYzCRsL4AXTLC8l8vwkR93GGPyRHJNjqtik8I3WrXJ
zUiBGZ0iNouIsL/+QQuNlGiw/c5i2X3nTntREDS9xs2M0x+MWD/5qI1sn0Qk0HNP
BbDczlvO8wXNFGIHiTiPVEawoeNwhMqJDyGcbsEOZp2pLokCQQDvlMBU6dOeOP9a
jnENFSlrvzNR0nugFeoGmfq6s4Czz2QtUd9baKqBfEBSdJskwFVHgxbFA1Dc7iFu
rJkoQEeFAkEA32j9ibSVryxLvWUZngKNwo2xE+wcYDAYVBMsYC3OBU3FXhVkFD06
ZVnJsY/4bd2VdQI+bI2KV99aHutMJG2WYwJABMn2ZjweTMVa5VZ/kAFiSJMT1Yjd
i7+kY+lkB6Na6T02BWnjixI2hkwThRJrn3pwufM2201Lqn7gEDRHA3T1eQJBAKZG
1RUNo6558HEo8vUIf4vCu33RaJkqkqDYmFmJHeISrQfGMfNiUrkmJ5iRR9w1ZExu
/Bj9C281XDTQ+Z3PNnMCQQCan+pvj0OZH6o0PAMJGBBwRECPpfZ6mUjwA2YD3g61
MHjtIYmKKGmn64Qs8zQ4mNEDboQqyaov3Ij/I6c0ZQlc
-----END RSA PRIVATE KEY-----
Privacy Enhanced Mail (PEM)
- Privacy Enhanced Mail (PEM) is a Base64 encoded Distinguished Encoding Rules(DER)
- PEM file is human readable as it uses 64 printable characters for encoding.
- It is easy to share PEM file.
Display the contents of public key PEM file
# Display the contents of public key PEM file
$ cat mypublic.pem-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDRFNU++93aEvz3cV8LSUP9ib3i
UxT7SufdVXcgVFK9M3BYzvroA1uO/parFOJABTkNhTPPP/6mjrU2CPEZJ1zIkpaS
NJrrhpp/rNMO9nyLYPGs9MfdBiWUPmHW5mY1oD0ye4my0tEsHOlgHC8AhA8OtiHr
6IY0agXmH/y5YmSWbwIDAQAB
-----END PUBLIC KEY-----
Distinguished Encoding Rules (DER) format of public key
- DER is encoded in Type-Length-Value (TLV) format.
- DER is in binary format for PEM file and follows certain structure for public key.
# Convert PEM file to DER format using openssl rsa
$ openssl rsa -pubin -inform PEM -in mypublic.pem -outform DER -out mypublic.der
# Dump the DER file in hex format.
$ xxd -g 1 -u mypublic.der | cut -c -57
00000000: 30 81 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01
00000010: 05 00 03 81 8D 00 30 81 89 02 81 81 00 D1 14 D5
00000020: 3E FB DD DA 12 FC F7 71 5F 0B 49 43 FD 89 BD E2
00000030: 53 14 FB 4A E7 DD 55 77 20 54 52 BD 33 70 58 CE
00000040: FA E8 03 5B 8E FE 96 AB 14 E2 40 05 39 0D 85 33
00000050: CF 3F FE A6 8E B5 36 08 F1 19 27 5C C8 92 96 92
00000060: 34 9A EB 86 9A 7F AC D3 0E F6 7C 8B 60 F1 AC F4
00000070: C7 DD 06 25 94 3E 61 D6 E6 66 35 A0 3D 32 7B 89
00000080: B2 D2 D1 2C 1C E9 60 1C 2F 00 84 0F 0E B6 21 EB
00000090: E8 86 34 6A 05 E6 1F FC B9 62 64 96 6F 02 03 01
000000a0: 00 01
Structured DER file content
1:30 81 9F // Type: 30 (SEQUENCE) Length: 0x9F
2:| 30 0D // Type: 30 (SEQUENCE) Length: 0x0D
3:| | 06 09 // Type: 06 (OBJECT_IDENTIFIER) Length: 0x09
4:| | - 2A 86 48 // 9 bytes OID value. HEX encoding of
5:| | - 86 F7 0D // 1.2.840.113549.1.1.1
6:| | - 01 01 01
7:| | 05 00 // Type: 05 (NULL) Length: 0x00
8:| 03 81 8D // Type: 03 (BIT STRING) Length: 0x8D
9:| | - 00 // Number of unused bits in last content byte
10:| | 30 81 89 // Type: 30 (SEQUENCE) Length: 0x89
11:| | | 02 81 81 // Type: 02 (INTEGER) Length: 0x81
12:| | | - 00 // Leading ZERO of integer
13:| | | - D1 14 D5 3E FB DD DA 12 FC F7 71 5F 0B 49 43 FD
14:| | | - 89 BD E2 53 14 FB 4A E7 DD 55 77 20 54 52 BD 33
15:| | | - 70 58 CE FA E8 03 5B 8E FE 96 AB 14 E2 40 05 39
16:| | | - 0D 85 33 CF 3F FE A6 8E B5 36 08 F1 19 27 5C C8
17:| | | - 92 96 92 34 9A EB 86 9A 7F AC D3 0E F6 7C 8B 60
18:| | | - F1 AC F4 C7 DD 06 25 94 3E 61 D6 E6 66 35 A0 3D
19:| | | - 32 7B 89 B2 D2 D1 2C 1C E9 60 1C 2F 00 84 0F 0E
20:| | | - B6 21 EB E8 86 34 6A 05 E6 1F FC B9 62 64 96 6F
21:| | | 02 03 // Type: 02 (INTEGER) Length: 0x3
22:| | | - 01 00 01 // Public Exponent. Hex for 65537
DER file contains Object Identifier, Modulus and Public exponent in HEX format.
- Lines 4, 5, 6 is the HEX encoding of OID.
- Lines 13 to 20 is the modulus (n).
- Line 22 is the public exponent.
Modulus and Public exponent from public key using openssl
# Get Modulus and Public exponent from public PEM file
$ openssl rsa -pubin -inform PEM -text -noout < mypublic.pemPublic-Key: (1024 bit)
Modulus:
00:d1:14:d5:3e:fb:dd:da:12:fc:f7:71:5f:0b:49:
43:fd:89:bd:e2:53:14:fb:4a:e7:dd:55:77:20:54:
52:bd:33:70:58:ce:fa:e8:03:5b:8e:fe:96:ab:14:
e2:40:05:39:0d:85:33:cf:3f:fe:a6:8e:b5:36:08:
f1:19:27:5c:c8:92:96:92:34:9a:eb:86:9a:7f:ac:
d3:0e:f6:7c:8b:60:f1:ac:f4:c7:dd:06:25:94:3e:
61:d6:e6:66:35:a0:3d:32:7b:89:b2:d2:d1:2c:1c:
e9:60:1c:2f:00:84:0f:0e:b6:21:eb:e8:86:34:6a:
05:e6:1f:fc:b9:62:64:96:6f
Exponent: 65537 (0x10001)
- Exponent and modulus printed by openssl rsa matches with the Public exponent and modulus from DER file content.
OBJECT IDENTIFIER
OID describes the object. It is a series of nodes separated by period.
OID Value: 1.2.840.113549.1.1.1
OID description: Identifier for RSA encryption for use with Public Key Cryptosystem One defined by RSA Inc.
OID Encoding:
- The first two nodes of the OID are encoded onto a single byte. The first node is multiplied by the decimal 40 and the result is added to the value of the second node.
- Node values less than or equal to 127 are encoded on one byte.
- Node values greater than or equal to 128 are encoded on multiple bytes. Bit 7 of all bytes except the rightmost byte is set to one. Bits 0 through 6 of each byte contains the encoded value.
OID Encoding Example:
Representing length in ASN.1 encoding
- If number of value bytes is < 128 then length is represented in 1 byte. In this case most significant bit is 0. (Ex:- Line 2, Line 3 in structured DER content above)
- If number of value bytes is >= 128 then length is represented in multiple bytes. Most significant bit (bit 7) of first byte is 1 indicating multiple byte length. Bits 0–6 represent number of subsequent bytes for length. (Ex:- Line 1, Line 4 in structured DER content above)
References
- DER encoding of ASN.1 types (MSDN)
- Public Key Info structure (Java doc)