Creating a rsa public key from its modulus and exponent

openssl rsa

12,554

In order to generate a RSA public key in PEM format to be used with openssl, you can follow these steps.

Create an ASN1 definition file

Modify the following template to include your modulus and exponent

# Start with a SEQUENCE
asn1=SEQUENCE:pubkeyinfo

# pubkeyinfo contains an algorithm identifier and the public key wrapped
# in a BIT STRING
[pubkeyinfo]
algorithm=SEQUENCE:rsa_alg
pubkey=BITWRAP,SEQUENCE:rsapubkey

# algorithm ID for RSA is just an OID and a NULL
[rsa_alg]
algorithm=OID:rsaEncryption
parameter=NULL

# Actual public key: modulus and exponent
[rsapubkey]
n=INTEGER:0x%%MODULUS%%

e=INTEGER:0x%%EXPONENT%%

Instead of editing, you also may want to script this using sed

sed -i "s/%%MODULUS%%/$(xxd -ps -c 256 mymodulus.bin)/" def.asn1

Note the -c 256 should be chosen according to your key length in bytes.

You can use a similar command for the exponent.

Generate your RSA key

Use the following openssl command. This will give you a DER encoded RSA key.

openssl asn1parse -genconf def.asn1 -out pubkey.der -noout

Then convert it into a PEM key

openssl rsa -in pubkey.der -inform der -pubin -out pubkey.pem

Verify using your key

You can use either openssl dgst -verify or openssl rsautl -verify

12,554

emstol

A programmer who likes Get Shit Done. KISS ;)

Updated on September 15, 2022

Comments

emstol over 1 year

I want to verify a RSA signature. I have data to verify, the signature and a public key in a form of modulus and exponent. I'd like to do the verification using openssl. Is it possible? I know I can use openssl rsautl -verify -in sig -inkey key.pem but I don't know how (using openssl) to create a public key having just it's modulus and exponent.

Maybe other ideas how to check this signature (except writing some programs)?
- President James K. Polk almost 12 years
  
  "...except writing some programs ..." well if you read the FAQ you'd know that's what stackoverflow is for.
- doptimusprime about 11 years
  
  Do you want RSA * structure from a given modulus and exponent?
emstol almost 11 years

I don't see how it solves my problem. I have just two numbers: a modulus and an exponent. And I want to create a file key.pub containing a public key created based on those numbers. Nothing else. I asked this question long time ago and still don't know how to do that.
Dirk-Willem van Gulik almost 11 years

Assuming that you do not have the modules and exponent not in the normal BER packaging - you will have to write some ASN.1 packaging to package it thus.