7.7 Disentangling the Public and Private Keys in OpenSSL

Previous page
Table of content
Next page

7.7.1 Problem

You are using OpenSSL and have a filled RSA object. You wish to remove the private parts of the key, leaving only the public key, so that you can serialize the data structure and send it off to a party who should not have the private information.

7.7.2 Solution

Remove all elements of the structure except for n and e.

7.7.3 Discussion

OpenSSL lumps the private key and the public key into a single RSA structure. They do this because the information in the public key is useful to anyone with the private key. If an entity needs only the public key, you're supposed to clear out the rest of the data.

#include <openssl/rsa.h>     void remove_private_key(RSA *r) {   r->d = r->p = r->q = r->dmp1 = r->dmq1 = r->iqmp = 0; }

Be sure to deallocate the BIGNUM objects if you're erasing the last reference to them.

Any party that has the private key should also hold on to the public key.


Previous page
Table of content
Next page
Secure Programming Cookbook for C and C++
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
ISBN: 0596003943
EAN: 2147483647
Year: 2005
Pages: 266
Authors: John Viega, Matt Messier
BUY ON AMAZON
Metrics and Models in Software Quality Engineering (2nd Edition)
Kanban Made Simple: Demystifying and Applying Toyotas Legendary Manufacturing Process
Documenting Software Architectures: Views and Beyond
MySQL Clustering
The Java Tutorial: A Short Course on the Basics, 4th Edition
Logistics and Retail Management: Emerging Issues and New Challenges in the Retail Supply Chain
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy