Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

[openssl-users] How can I generate an RSA Public Key with OAEP padding?

2,452 views
Skip to first unread message

Socrates

unread,
Jul 28, 2016, 2:40:31 AM7/28/16
to
Hi,

Even though I have used openssl or ssh-keygen for years to generate key pairs mainly for SSH purposes, I don't know much about the underlying theory and finer details of cryptography.

I want to use JSON Web Encryption (JWE) and there we have this concept of Key Encryption. Key Encryption can be done using RSAES-PKCS1-v1_5 or RSA-OAEP or RSA-OAEP-256 (c.f. https://tools.ietf.org/html/rfc7518#section-4.2 and https://tools.ietf.org/html/rfc7518#section-4.3).

The question is how can I use openssl command line tool to create a public key using RSAES-PKCS1-v1_5, RSA-OAEP, or RSA-OAEP-256 (paddings?)?

At the moment, I use the following command to create a PEM file:

openssl genrsa -out example.pem 2048

Then I use the following command to extract the public key:

openssl rsa -in example.pem -pubout example.pub

What padding is used for this public key? How can I specify that I want it to be generated with RSAES-PKCS1-v1_5, RSA-OAEP, or RSA-OAEP-256 paddings?

Thanks in advance,
Socrates

Viktor Dukhovni

unread,
Jul 28, 2016, 10:33:47 AM7/28/16
to

> On Jul 28, 2016, at 2:33 AM, Socrates <list...@protonmail.com> wrote:
>
> The question is how can I use openssl command line tool to create a public key using RSAES-PKCS1-v1_5, RSA-OAEP, or RSA-OAEP-256 (paddings?)?

RSA public keys don't have padding, signature and encryption formats have padding.

--
Viktor.

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Denis Dos Santos Silva

unread,
Dec 7, 2016, 4:27:56 PM12/7/16
to
Hi! be careful about creating public rsa keys

openssl genrsa -out private.key 4096
openssl rsa -in private.key -pubout -out public.key
openssl rsa -in privatekey.key -RSAPublicKey_out -out public_rsa.key
(true public RSA key)

$ cat public.key
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxTkBZTtAbdohUO+/kyib
kkGbg0RfK2NcXBbOraDEQV6ruMopmLabOchZHXZf0AV74kixV8MVmixaI/O33ofw
...
-----END PUBLIC KEY-----

$ cat public_rsa.key
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAxTkBZTtAbdohUO+/kyibkkGbg0RfK2NcXBbOraDEQV6ruMopmLab
OchZHXZf0AV74kixV8MVmixaI/O33ofwH8VpaDk4k9j6Kmg50aqRxdPM1L1iWF69
...
-----END RSA PUBLIC KEY-----


0 new messages