rsaopenssl

How do I extract the private key components $N$ and $D$ from a private RSA key?

I have a private RSA key like – for example – this one:

-----BEGIN RSA PRIVATE KEY-----
MIIBOgIBAAJBAMPMNNpbZZddeT/GTjU0PWuuN9VEGpxXJTAkmZY02o8238fQ2ynt
N40FVl08YksWBO/74XEjU30mAjuaz/FB2kkCAwEAAQJBALoMlsROSLCWD5q8EqCX
rS1e9IrgFfEtFZczkAWc33lo3FnFeFTXSMVCloNCBWU35od4zTOhdRPAWpQ1Mzxi
aCkCIQD9qjKjNvbDXjUcCNqdiJxPDlPGpa78yzyCCUA/+TNwVwIhAMWZoqZO3eWq
SCBTLelVQsg6CwJh9W7vlezvWxUni+ZfAiAopBAg3jmC66EOsMx12OFSOTVq6jiy
/8zd+KV2mnKHWQIgVpZiLZo1piQeAvwwDCUuZGr61Ap08C3QdsjUEssHhOUCIBee
72JZuJeABcv7lHhAWzsiCddVAkdnZKUo6ubaxw3u
-----END RSA PRIVATE KEY-----

This private RSA key was generated using OpenSSL using the following command:

openssl genrsa

Now, how do I get the value of $N$ and $D$ used for decryption using this key and what format is the key in?

Solution

  • what format is the key in?

    That is an RSA private key with a PEM encoding. I believe the PEM encoding is from RFC 1421. After the PEM encoding is peeled off, there's an ASN.1/DER encoded RSA private key. The ASN.1 encoding is binary, so its not human readable. The format for the ASN.1 key can be found in PKCS #1 or RFC 3447.

    According to RFC 3447, Section A.1.2 RSA Private Key Syntax, here's what you can expect:

      RSAPrivateKey ::= SEQUENCE {
      version           Version,
      modulus           INTEGER,  -- n
      publicExponent    INTEGER,  -- e
      privateExponent   INTEGER,  -- d
      prime1            INTEGER,  -- p
      prime2            INTEGER,  -- q
      exponent1         INTEGER,  -- d mod (p-1)
      exponent2         INTEGER,  -- d mod (q-1)
      coefficient       INTEGER,  -- (inverse of q) mod p
      otherPrimeInfos   OtherPrimeInfos OPTIONAL
  }

    Your key is on my Pasteboard (Clipboard on Linux), so:

    $ pbpaste | openssl rsa -text -noout
Private-Key: (512 bit)
modulus:
    00:c3:cc:34:da:5b:65:97:5d:79:3f:c6:4e:35:34:
    3d:6b:ae:37:d5:44:1a:9c:57:25:30:24:99:96:34:
    da:8f:36:df:c7:d0:db:29:ed:37:8d:05:56:5d:3c:
    62:4b:16:04:ef:fb:e1:71:23:53:7d:26:02:3b:9a:
    cf:f1:41:da:49
publicExponent: 65537 (0x10001)
privateExponent:
    00:ba:0c:96:c4:4e:48:b0:96:0f:9a:bc:12:a0:97:
    ad:2d:5e:f4:8a:e0:15:f1:2d:15:97:33:90:05:9c:
    df:79:68:dc:59:c5:78:54:d7:48:c5:42:96:83:42:
    05:65:37:e6:87:78:cd:33:a1:75:13:c0:5a:94:35:
    33:3c:62:68:29
prime1:
    00:fd:aa:32:a3:36:f6:c3:5e:35:1c:08:da:9d:88:
    9c:4f:0e:53:c6:a5:ae:fc:cb:3c:82:09:40:3f:f9:
    33:70:57
prime2:
    00:c5:99:a2:a6:4e:dd:e5:aa:48:20:53:2d:e9:55:
    42:c8:3a:0b:02:61:f5:6e:ef:95:ec:ef:5b:15:27:
    8b:e6:5f
exponent1:
    28:a4:10:20:de:39:82:eb:a1:0e:b0:cc:75:d8:e1:
    52:39:35:6a:ea:38:b2:ff:cc:dd:f8:a5:76:9a:72:
    87:59
exponent2:
    56:96:62:2d:9a:35:a6:24:1e:02:fc:30:0c:25:2e:
    64:6a:fa:d4:0a:74:f0:2d:d0:76:c8:d4:12:cb:07:
    84:e5
coefficient:
    17:9e:ef:62:59:b8:97:80:05:cb:fb:94:78:40:5b:
    3b:22:09:d7:55:02:47:67:64:a5:28:ea:e6:da:c7:
    0d:ee

    ... how do I get the value of $N$ and $D$ used for decryption using this key

    This should do it for you:

    $ pbpaste | /usr/local/ssl/macosx-x64/bin/openssl rsa -noout -modulus
Modulus=C3CC34DA5B65975D793FC64E35343D6BAE37D5441A9C57253024999634DA8F36DFC7D0DB
29ED378D05565D3C624B1604EFFBE17123537D26023B9ACFF141DA49

    Unfortunately, there's no -d or -privateExponent switch. You'll have to parse that using some other method.