OpenSSL "genpkey -pkeyopt rsa_keygen_pubexp:2" Runs Forever

Q

What will happen if I use 2 as the public exponent to generate a RSA private key?

✍: FYIcenter.com

A

OpenSSL will run forever, if you use 2 as the public exponent to generate a RSA private key, because OpenSSL can no find any private exponent to meet the RSA requirements. See the test below:

C:\Users\fyicenter>\local\openssl\openssl
OpenSSL> genpkey -algorithm rsa -out rsa_test.key -pkeyopt rsa_keygen_bits:256 
   -pkeyopt rsa_keygen_pubexp:2

....+++++++++++++++++++++++++++*....+++++++++++++++++++++++++++*.....+++++++++++
++++++++++++++++*...+++++++++++++++++++++++++++*..+++++++++++++++++++++++++++*..
..........+++++++++++++++++++++++++++*....+++++++++++++++++++++++++++*...+++++++

.... (running forever)

What this test tells us:

  • OpenSSL needs to be enhanced to include logic to validate the "rsa_keygen_pubexp" parameter to prevent this happening.

 

OpenSSL "genpkey" Command for RSA Keys

⇒⇒OpenSSL Tutorials

2017-09-08, 345👍, 0💬