On 6/8/2014 1:46 AM, Jeffrey Walton wrote:

> OK, does the library provide the CRT solver (I don't believe so, but I

> thought I would ask).

Few years ago, I needed such solver to convert from RSA SFM format

(n,e,d) to CRT representation. Obviously OpenSSL doesn't contain one so

I implemented it using OpenSSL routines and I released an Open Source

tool called RsaConverter that provide such functionality

(

http://rsaconverter.sourceforge.net/).

You can have a look at the file librsaconverter.c from its source

(

http://sourceforge.net/p/rsaconverter/code/HEAD/tree/Trunk/src/librsaconverter.c).

In your case, you can use the function SfmToCrt in order to compute the

CRT parameters, thus making RSA_check_key happy.

Before calling SfmToCrt, I advice to call CheckRsaSfmKey to verify that

the triplet (n,e,d) are valid for RSA otherwise SfmToCrt can't find the

CRT parameters (the algorithm is based on random search for a generator

that exists only for valid RSA parameters). In order to avoid infinite

loops, I implemented a configurable timeout.

Concerning its performance, the algorithm is fast : for RSA 2048, it

takes 250 ms on average on a Core i7-2600K and on the older Pentium III

M it takes 1 second on average.

I don't if there are many people who need use RSA SFM parameters but

having such conversion functionality inside OpenSSL can be interesting.

In such case, I can send a patch for it.

Cheers,

--

Mounir IDRASSI

IDRIX

http://www.idrix.fr______________________________________________________________________

OpenSSL Project

http://www.openssl.orgUser Support Mailing List

[hidden email]
Automated List Manager

[hidden email]