Quantcast

RSA_generate_key function

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RSA_generate_key function

achandrapano

I would like to call this function to generate the same public/private key everytime.

I thought all I had to do was create the same seed using RAND_seed each time, however I still keep getting different key pairs.

 

Is there any way to have RSA_generate_key generate the same public/private key each time? (I know this doesn’t make sense security wise, but the work I have to do requires it).

 

 

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: RSA_generate_key function

JoelKatz
On 1/31/2011 5:37 PM, Ashwin Chandra wrote:

> I would like to call this function to generate the same public/private
> key everytime.
>
> I thought all I had to do was create the same seed using RAND_seed each
> time, however I still keep getting different key pairs.
>
> Is there any way to have RSA_generate_key generate the same
> public/private key each time? (I know this doesn’t make sense security
> wise, but the work I have to do requires it).
>

Replace RSA_generate_key with your own function that returns the desired
key. Using the same seed each time won't work because intervening
operations can leave the PRNG in a different state. You could use your
own PRNG to replace OpenSSL's and then put it into a particular state
prior to calling RSA_generate_key.

DS


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: RSA_generate_key function

achandrapano
Hi David,

1. I am not sure what you mean by replacing RSA_generate_key with my own
function, because I would like it to go through the process of creating
prime numbers, and modulus, etc. Basically I want the RSA_generate_key
to generate the same public key at startup each time my process runs.

2. You say I could do this with writing my own PRNG? Do you have an
example of this?

3. I went into the RSA_generate_key code and I saw during the prime
number calculation that the function bnrand() actually uses the system
time as a seed. If this was the case, how could I ever get
RSA_generate_key to return the same public key?

-----Original Message-----
From: David Schwartz [mailto:[hidden email]]
Sent: Monday, January 31, 2011 7:37 PM
To: [hidden email]
Cc: Ashwin Chandra
Subject: Re: RSA_generate_key function

On 1/31/2011 5:37 PM, Ashwin Chandra wrote:
> I would like to call this function to generate the same public/private

> key everytime.
>
> I thought all I had to do was create the same seed using RAND_seed
> each time, however I still keep getting different key pairs.
>
> Is there any way to have RSA_generate_key generate the same
> public/private key each time? (I know this doesn't make sense security

> wise, but the work I have to do requires it).
>

Replace RSA_generate_key with your own function that returns the desired
key. Using the same seed each time won't work because intervening
operations can leave the PRNG in a different state. You could use your
own PRNG to replace OpenSSL's and then put it into a particular state
prior to calling RSA_generate_key.

DS




______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re:RSA_generate_key function

lzyzizi
In reply to this post by achandrapano
int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
"I would like to call this function to generate the same public/private key everytime. "
I do not sure what exactly want.I suppose that you want everytime you called the RSA_generate_key_ex with same parameters and you can get same RSA key pair.

The only randomness in rsa-key generation is the generation of 'p' and 'q' ,which calls the BN_generate_prime_ex.
BN_generate_prime_ex will generate a random prime by your bits parameter.

So my idea is to rewrite the BN_generate_prime_ex function, caching the prime that was generated.(rewriting this function may influence other functions that call it,so i recommend to write your own version of this funcition and modify the code in RSA_generate_key_ex).

Also you may rewrite the RSA_generate_key_ex,caching the RSA key.

At 2011-02-01 09:37:09,"Ashwin Chandra" <[hidden email]> wrote:

I would like to call this function to generate the same public/private key everytime.

I thought all I had to do was create the same seed using RAND_seed each time, however I still keep getting different key pairs.

 

Is there any way to have RSA_generate_key generate the same public/private key each time? (I know this doesn’t make sense security wise, but the work I have to do requires it).

 

 



Loading...