How do I export the private and public keys generated by TRSAEncSign.GenerateKeys?
It generates the modulus, private and public exponents, but they aren't keys. How to I get the key from the TRSAEncSign object, or convert the modulus and exponents to keys?
The public key is composed of the pair (e, n) and the private key of the pair (d, n). e is the "public exponent" and d is the "private exponent."
You need to extract and package them. This packaging may depend on the app using it.
You may want to use GenerateKeysX509Compatible(var dp, dq, p, q, inverseQ: string), to generate the modulus, the public exponent (fixed value 65537 in this case) and the private exponent, and also the private variables dp, dq, p, q and inverse (for interoperability with other libraries).
What packaging would be required for the public key to be used by the FromPublicKey and FromPrivateKey methods of TRSAEncSign?
A little background: I have been given a public key, and want to know if I am using it correctly to encrypt a message using TRSAEncSign.Encrypt (presumably I call FromPublicKey and pass in the key I have been given, then call Encrypt), so I thought I would test that idea by generating a public key and a private key, then see if I could use the two to successfully encrypt and decrypt a message.
I'm fairly new to encryption, so I don't know what dp, dq, p, q, and inverseQ mean. I also don't know if I am supposed to supply those values, or merely collect them after executing the method.
In this case, you can directly import the key in base64 format with FromPublicKey(KeyStr: string)
and then perform the cryptographic operations
Bernard, what I meant to ask is:
- Can you explain the parameters for GenerateKeysX509Compatible? Are any of them the newly generated private or public keys?
- How do I use the modulus and private exponent to make a private key that can be consumed by FromPrivateKey?
- How do I use the modulus and public exponent to make a public key that can be consumed by FromPublicKey?
I know one step will be changing the key to Base64, but how do I use the modulus and exponent to produce a key?
Remarkable, how this has not been implemented. There are PEM_write_bio_RSAPrivateKey and PEM_write_bio_RSAPublicKey functions in OpenSSL that would do that.
There's also no working way to load these keys from string, i.e.: TRSAEncSign.FromOpenSSLPrivateKeyString is doing a few things wrong: it slaps prefix & suffix on without first checking if they were already there, etc.
And then TRSAEncSign.Sign just hangs indefinitely at 100% CPU, so there's something wrong there as well.
Effectively, you would have to resort to some low-level OpenSSL calls yourself, if you need to get this working.