OpenSSL - OpenSSL "genpkey -pkeyopt rsa_keygen_pubexp:1"

OpenSSL "genpkey -pkeyopt rsa_keygen_pubexp:1" - Bad RSA Key

Q

Can I use 1 as the public exponent to generate an RSA private key?

✍: FYIcenter.com

A

No. Using public exponent of 1 will generate identical RSA private key and public key as shown below:

C:\Users\fyicenter>\local\openssl\openssl
OpenSSL> genpkey -algorithm rsa -out rsa_test.key -pkeyopt rsa_keygen_bits:256 
   -pkeyopt rsa_keygen_pubexp:1
.........+++++++++++++++++++++++++++
................+++++++++++++++++++++++++++

OpenSSL> pkey -in rsa_test.key -text -noout
Private-Key: (256 bit)
modulus:
    00:9c:e6:28:67:b8:c5:7c:fa:a6:67:bc:b4:e9:eb:
    64:1d:06:37:d4:a6:f7:9d:20:2d:79:6b:aa:90:ea:
    c7:d1:1d
publicExponent: 1 (0x1)
privateExponent: 1 (0x1)
prime1:
    00:d0:28:ab:a1:8f:18:a1:19:68:e7:7b:2d:60:e7:
    a1:0d
prime2:
    00:c0:f5:8a:ac:a2:52:4f:07:aa:80:e7:c1:fc:e6:
    4c:51
exponent1: 1 (0x1)
exponent2: 1 (0x1)
coefficient:
    2b:77:16:b9:cb:e8:56:06:08:75:20:58:14:09:b8:
    2f

What this test tells us:

If public exponent is set to 1, the private exponent is calculated as 1. So the private key is identical to the public key. This is a bad RSA key.
OpenSSL should include validation logic to error this input parameter.

⇒ OpenSSL "genpkey -pkeyopt rsa_keygen_pubexp:2" Runs Forever

⇐ OpenSSL "genpkey -pkeyopt rsa_keygen_pubexp:3" - RSA Public Exponent

⇑ OpenSSL "genpkey" Command for RSA Keys

⇑⇑ OpenSSL Tutorials

2018-01-06, 777👍, 0💬

OpenSSL "genpkey rsa_keygen_bits:10240" - RSA Long Keys
How to generate a new RSA key pair with a longer key size using OpenSSL "genpkey" command? If you need a new RSA key pair with a longer key size for testing purpose, you can use the OpenSSL "genpkey" command as shown below: C:\Users\fyicenter>time The current time is: 18:43:27.27 C:\Users\fyi... 2018-01-13, 955👍, 0💬

OpenSSL "genpkey -pkeyopt rsa_keygen_pubexp:2" Runs Forever
What will happen if I use 2 as the public exponent to generate an RSA private key? OpenSSL will run forever, if you use 2 as the public exponent to generate an RSA private key, because OpenSSL can no find any private exponent to meet the RSA requirements. See the test below: C:\Users\fyicenter&g... 2017-09-08, 885👍, 0💬

OpenSSL "genpkey -pkeyopt rsa_keygen_pubexp:1" - Bad RSA Key
Can I use 1 as the public exponent to generate an RSA private key? No. Using public exponent of 1 will generate identical RSA private key and public key as shown below: C:\Users\fyicenter>\loc al\openssl\opensslOpenSSL> genpkey -algorithm rsa -out rsa_test.key -pkeyopt rsa_keygen_bits:... 2018-01-06, 778👍, 0💬

OpenSSL "genpkey -des" - DES Encrypt RSA Keys
How to generate a new RSA key pair and encrypt the output with a DES password using OpenSSL "genpkey" command? If you want to secure your new RSA private key with a DES encryption, you can use the OpenSSL "genpkey -des" command as shown below: C:\Users\fyicenter>\loc al\openssl\opensslOpenSSL... 2017-12-31, 620👍, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.