[openssl-users] PEM_write_bio_RSAPrivateKey assure Randomness of PK

Wed May 23 10:41:51 UTC 2018

My question is:
   I have this handy function to create a Private and Public key
But what is the magic I put around it to make sure it is random not the same
Private and Public key when I run this program each time?

I am using openSSL on OSX and Android. I am not familiar with the random API
seeding
though I can pick the UUID of the device or whatever.

* I am sure there is some standard call unless of course the Initialization
of openSSL does the random seed nicely?*

Thanks in advance.

===========
/**
 * Compile for testmipluginSecurity.c
 * Self Testing
 *   cc -o main -DTEST -Wno-deprecated-declarations main.c -lcrypto

 * Origin: r redpath
 * Project: wouldn't you like to know
 ************************/
#include <string.h>
#include <stdlib.h>
#include <memory.h>
#include <stdio.h>

#include <openssl/bio.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/conf.h>
#include <openssl/x509v3.h>
#include <openssl/rand.h>
#include <openssl/aes.h>
/**
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
**/

void init_openssl(void){

    ERR_load_BIO_strings();
    ERR_load_crypto_strings();
    OpenSSL_add_all_algorithms();
    OpenSSL_add_all_ciphers();
    OpenSSL_add_all_digests();
}

/****************
 * Create Public and Private Key and return the PEMs as string data
 * origin: redpath
PEM_write_bio_PUBKEY (Traditional PEM format). Notice BEGIN PUBLIC KEY
PEM_write_bio_RSAPublicKey (PKCS PEM format). Notice BEGIN RSA PUBLIC KEY

PEM_write_bio_PrivateKey (PEM). Notice BEGIN PRIVATE KEY
PEM_write_bio_PKCS8PrivateKey (PEM). Notice BEGIN PRIVATE KEY
PEM_write_bio_RSAPrivateKey (PEM). Notice BEGIN RSA PRIVATE KEY
 *****************/
void createRSAkeyPair(char **private, char **public){
   EVP_PKEY* evp= EVP_PKEY_new();
   RSA      *rsa= RSA_generate_key(2048,RSA_F4,NULL,NULL);
   int    keylen;
   char *pem_key;

   EVP_PKEY_assign_RSA(evp,rsa);
    BIO *bio = BIO_new(BIO_s_mem());
      PEM_write_bio_RSAPrivateKey(bio, rsa, NULL, NULL, 0, NULL, NULL);
      keylen = BIO_pending(bio);
      pem_key = calloc(keylen+1, 1); /* Null-terminate */
      BIO_read(bio, pem_key, keylen);
      *private = pem_key;
    BIO_free(bio);

    bio = BIO_new(BIO_s_mem());
      //PEM_write_bio_RSAPublicKey(bio,rsa); // (PKCS PEM format).
      PEM_write_bio_PUBKEY(bio, evp);  //(Traditional PEM format).
      keylen = BIO_pending(bio);
      pem_key = calloc(keylen+1, 1); /* Null-terminate */
      BIO_read(bio, pem_key, keylen);
      *public = pem_key;
    BIO_free(bio);
    EVP_PKEY_free(evp);
}

#if defined TEST

int main(int argc, char **argv){
   unsigned char key[16];
   unsigned char iv[16];
   char *private, *public;
   X509 *x;
   char *pem;
   size_t g_length;

   init_openssl();

   createRSAkeyPair(&private, &public);
   printf("%s",private);
   printf("\n\n");
   printf("%s",public);

}

#endif

--
Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html