<div dir="ltr">Hi Thulasi,<div><br></div><div>Thank you for your email, it was an inspiration for our team to follow up.</div><div><br></div><div>Final solution then looks like this:</div><div><br></div><div><div>bool InitKey(RSA_ptr& pkey) {</div><div> //Recalculate Modulus from provided components</div><div><br></div><div> BnCtx ctx;</div><div> {</div><div> const BIGNUM* p;</div><div> const BIGNUM* q;</div><div> RSA_get0_factors(pkey.get(), &p, &q);</div><div> auto n = BN_new();</div><div> BN_mul(n, p, q, ctx.get());</div><div><br></div><div> //Assign default exponent</div><div> //Default Public exponent 65537</div><div> const unsigned char defaultPublicExponent[] = {0x01, 0x00, 0x01};</div><div> auto e = BN_bin2bn(defaultPublicExponent, sizeof(defaultPublicExponent), nullptr);</div><div> RSA_set0_key(pkey.get(), n, e, nullptr);</div><div> }</div><div><br></div><div>#ifdef DEBUG</div><div> size_t modulusLength = RSA_size(pkey.get());</div><div> std::cout << "modulusLength (n): " << modulusLength << std::endl;</div><div> std::cout << "modulusLength * 8 (n bits): " << modulusLength * 8 << std::endl;</div><div>#endif</div><div><br></div><div> //Recalculate private key</div><div> auto r0 = BN_CTX_get(ctx.get());</div><div> auto r1 = BN_CTX_get(ctx.get());</div><div> auto r2 = BN_CTX_get(ctx.get());</div><div> auto r3 = BN_CTX_get(ctx.get());</div><div><br></div><div> {</div><div> const BIGNUM* p;</div><div> const BIGNUM* q;</div><div> RSA_get0_factors(pkey.get(), &p, &q);</div><div><br></div><div> //Calculate d</div><div> //p-1</div><div> if (!BN_sub(r1, p, BN_value_one()))</div><div> return false;</div><div> //q-1</div><div> if (!BN_sub(r2, q, BN_value_one()))</div><div> return false;</div><div> }</div><div> //(p-1)(q-1)</div><div> if (!BN_mul(r0, r1, r2, ctx.get()))</div><div> return false;</div><div><br></div><div> if (!BN_gcd(r3, r1, r2, ctx.get()))</div><div> return false;</div><div><br></div><div> //LCM((p-1)(q-1))</div><div> if (!BN_div(r0, nullptr, r0, r3, ctx.get()))</div><div> return false;</div><div><br></div><div> BnCtx ctx2;</div><div> if (!ctx2.get()) {</div><div> return false;</div><div> }</div><div><br></div><div> //d</div><div> {</div><div> const BIGNUM* e;</div><div> RSA_get0_key(pkey.get(), nullptr, &e, nullptr);</div><div> auto d = BN_mod_inverse(nullptr, e, r0, ctx2.get());</div><div> if (!d)</div><div> return false;</div><div> RSA_set0_key(pkey.get(), nullptr, nullptr, d);</div><div> }</div><div><br></div><div> return true;</div><div>}</div></div><div><br></div><div>void RecalculateRsaKeyFromItsFactorsAndParams () {</div><div> ....</div><div><div> RSA_ptr pkey(RSA_new(), ::RSA_free);</div><div> RSA_set0_key(pkey.get(), BN_new(), BN_new(), BN_new());</div><div> RSA_set0_factors(pkey.get(),</div><div> BN_bin2bn(secureP.data(), secureP.size(), nullptr),</div><div> BN_bin2bn(secureQ.data(), secureQ.size(), nullptr));</div><div> RSA_set0_crt_params(pkey.get(),</div><div> BN_bin2bn(secureDmp1.data(), secureDmp1.size(), nullptr),</div><div> BN_bin2bn(secureDmq1.data(), secureDmq1.size(), nullptr),</div><div> BN_bin2bn(secureIqmp.data(), secureIqmp.size(), nullptr));</div><div><br></div><div> if (!InitKey(pkey))</div></div><div>}</div><div><br></div><div>Hope this is going to help someone one day :)<br></div><div><br></div><div>Kind Regards,</div><div>Jan</div></div><br><div class="gmail_quote"><div dir="ltr">On Wed, Aug 1, 2018 at 7:33 PM Thulasi Goriparthi <<a href="mailto:thulasi.goriparthi@gmail.com">thulasi.goriparthi@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello Jan,<br>
<br>
Decide on what your public exponent(e) should be, and either use<br>
RSA_X931_derive_ex() if you are using an older openssl which supports<br>
this function or follow rsa_builtin_keygen() from crypto/rsa/rsa_gen.c<br>
on how to derive private exponent(d) and modulus(n).<br>
<br>
By the way, technically, you do not need private exponent(d) for<br>
signing, as you already have CRT components.<br>
<br>
What is the function that complained about missing d?<br>
<br>
Thanks,<br>
Thulasi.<br>
<br>
On 31 July 2018 at 16:19, Jan Bilek <<a href="mailto:ian.bilek@gmail.com" target="_blank">ian.bilek@gmail.com</a>> wrote:<br>
> Hi all,<br>
><br>
> I need to reconstruct public and private keys for data signing operation<br>
> from p, q, dmp1, dmq1 and iqmp. When I fill values in as per below then<br>
> OpenSSL complains about missing d.<br>
><br>
> RSA* pkey = RSA_new();<br>
> pkey->n = NULL;<br>
> pkey->e = NULL;<br>
> pkey->d = NULL;<br>
><br>
> pkey->p = BN_bin2bn(secureP.data(), secureP.size(), NULL);<br>
> pkey->q = BN_bin2bn(secureQ.data(), secureQ.size(), NULL);<br>
> pkey->dmp1 = BN_bin2bn(secureDmp1.data(), secureDmp1.size(), NULL);<br>
> pkey->dmq1 = BN_bin2bn(secureDmq1.data(), secureDmq1.size(), NULL);<br>
> pkey->iqmp = BN_bin2bn(secureIqmp.data(), secureIqmp.size(), NULL);<br>
><br>
> I did my homework on Google/Stackoverflow/OpenSSL docu, but I haven't been<br>
> able to find out any good way to do this, while it is obvious that openssl<br>
> needs to know this by deafult for its internals.<br>
> Would you have any hint on where next with this?<br>
><br>
> Thank you,<br>
> Jan<br>
><br>
> --<br>
> openssl-users mailing list<br>
> To unsubscribe: <a href="https://mta.openssl.org/mailman/listinfo/openssl-users" rel="noreferrer" target="_blank">https://mta.openssl.org/mailman/listinfo/openssl-users</a><br>
><br>
-- <br>
openssl-users mailing list<br>
To unsubscribe: <a href="https://mta.openssl.org/mailman/listinfo/openssl-users" rel="noreferrer" target="_blank">https://mta.openssl.org/mailman/listinfo/openssl-users</a><br>
</blockquote></div>