How do I extract the private key components $N$ and $D$ from a private RSA key?

Question

I have a private RSA key like – for example – this one:

This private RSA key was generated using OpenSSL using the following command:

openssl genrsa

Now, how do I get the value of $N$ and $D$ used for decryption using this key and what format is the key in?

What about reading the docu or using a search engine before asking? Thats no rocket science. — , Jul 31 '14 at 17:50
i did search in google couldn't find much that the reason asking here.. — Sharat M R, Jul 31 '14 at 18:14
Actually, it's not all that specific to OpenSSL; OpenSSL uses the standard DER-encoded format (as mandated by PKCS#1), base-64 encoded (because DER-encoding uses all 256 byte values). — poncho, Jul 31 '14 at 18:17
@mikeazo i am able to get the value by using the openssl tool..i guess the question should be 'what is the format of the RSA private key' — Sharat M R, Jul 31 '14 at 18:18
Also, this doesn't directly relate to your question, but the above key is a 512 bit RSA key. Keys of that size have been broken, it is generally recognized that everyone needs at least 1024 bit keys (with 2048 bits being highly recommended). I'm pointing this out in case this is the key size you were intending to use. OpenSSL will be glad to generate larger keys, if you ask it to. — poncho, Jul 31 '14 at 18:32

score 6 · Accepted Answer · answered Jul 31 '14 at 20:07

what format is the key in?

That is an RSA private key with a PEM encoding. I believe the PEM encoding is from RFC 1421. After the PEM encoding is peeled off, there's an ASN.1/DER encoded RSA private key. The ASN.1 encoding is binary, so its not human readable. The format for the ASN.1 key can be found in PKCS #1 or RFC 3447.

According to RFC 3447, Section A.1.2 RSA Private Key Syntax, here's what you can expect:

  RSAPrivateKey ::= SEQUENCE {
      version           Version,
      modulus           INTEGER,  -- n
      publicExponent    INTEGER,  -- e
      privateExponent   INTEGER,  -- d
      prime1            INTEGER,  -- p
      prime2            INTEGER,  -- q
      exponent1         INTEGER,  -- d mod (p-1)
      exponent2         INTEGER,  -- d mod (q-1)
      coefficient       INTEGER,  -- (inverse of q) mod p
      otherPrimeInfos   OtherPrimeInfos OPTIONAL
  }

Your key is on my Pasteboard (Clipboard on Linux), so:

$ pbpaste | openssl rsa -text -noout
Private-Key: (512 bit)
modulus:
    00:c3:cc:34:da:5b:65:97:5d:79:3f:c6:4e:35:34:
    3d:6b:ae:37:d5:44:1a:9c:57:25:30:24:99:96:34:
    da:8f:36:df:c7:d0:db:29:ed:37:8d:05:56:5d:3c:
    62:4b:16:04:ef:fb:e1:71:23:53:7d:26:02:3b:9a:
    cf:f1:41:da:49
publicExponent: 65537 (0x10001)
privateExponent:
    00:ba:0c:96:c4:4e:48:b0:96:0f:9a:bc:12:a0:97:
    ad:2d:5e:f4:8a:e0:15:f1:2d:15:97:33:90:05:9c:
    df:79:68:dc:59:c5:78:54:d7:48:c5:42:96:83:42:
    05:65:37:e6:87:78:cd:33:a1:75:13:c0:5a:94:35:
    33:3c:62:68:29
prime1:
    00:fd:aa:32:a3:36:f6:c3:5e:35:1c:08:da:9d:88:
    9c:4f:0e:53:c6:a5:ae:fc:cb:3c:82:09:40:3f:f9:
    33:70:57
prime2:
    00:c5:99:a2:a6:4e:dd:e5:aa:48:20:53:2d:e9:55:
    42:c8:3a:0b:02:61:f5:6e:ef:95:ec:ef:5b:15:27:
    8b:e6:5f
exponent1:
    28:a4:10:20:de:39:82:eb:a1:0e:b0:cc:75:d8:e1:
    52:39:35:6a:ea:38:b2:ff:cc:dd:f8:a5:76:9a:72:
    87:59
exponent2:
    56:96:62:2d:9a:35:a6:24:1e:02:fc:30:0c:25:2e:
    64:6a:fa:d4:0a:74:f0:2d:d0:76:c8:d4:12:cb:07:
    84:e5
coefficient:
    17:9e:ef:62:59:b8:97:80:05:cb:fb:94:78:40:5b:
    3b:22:09:d7:55:02:47:67:64:a5:28:ea:e6:da:c7:
    0d:ee

... how do I get the value of $N$ and $D$ used for decryption using this key

This should do it for you:

$ pbpaste | /usr/local/ssl/macosx-x64/bin/openssl rsa -noout -modulus
Modulus=C3CC34DA5B65975D793FC64E35343D6BAE37D5441A9C57253024999634DA8F36DFC7D0DB
29ED378D05565D3C624B1604EFFBE17123537D26023B9ACFF141DA49

Unfortunately, there's no -d or -privateExponent switch. You'll have to parse that using some other method.

How do I extract the private key components $N$ and $D$ from a private RSA key?

1 Answers1

Linked