OpenSSL Commands and RSA in Python

Jacob Mathai


Using OpenSSL RSA commands and an RSA Public Key Implementation in Python

This resource demonstrates how to use OpenSSL commands to generate a public and private key pair for asymmetric RSA public key encryption. In addition, it details how to use OpenSSL commands to abstract the RSA public and private exponents used to encrypt and decrypt messages in the RSA Algorithm. It also demonstrates how to abstract the common modulus shared by the public and private key pair and uses Python to implement RSA.


  1. Generate an RSA Private and Public Key Pair with OPENSSL
    • openssl rsa -help
    • openssl rsautl -help
    • openssl genrsa -des3 -out private.pem 1024 (Encrypts with a password-just remove "-des3" if you'd rather not have a password on the private key)
    • openssl rsa in private.key -pubout -out public.pem (Generate public key)
  2. Abstract the common Modulus from the public key
    OpenSSL> rsa -pubin -in public.pem -modulus -noout
    Modulus=CE577A3A65CD9F964237192E10ED0424EA4A69EFED2E59885F11B1C01D90F96A66F3DCA305FC80A81F1B77823417AF660FC456BA92E84F1DC78AA06F93058007
    OpenSSL> rsa -in private.pem -modulus
    Modulus=CE577A3A65CD9F964237192E10ED0424EA4A69EFED2E59885F11B1C01D90F96A66F3DCA305FC80A81F1B77823417AF660FC456BA92E84F1DC78AA06F93058007
    
  3. Abstract the Public Exponent Values
    OpenSSL> rsa -pubin -in public.pem -text -noout
    Modulus (512 bit):
        00:ce:57:7a:3a:65:cd:9f:96:42:37:19:2e:10:ed:
        04:24:ea:4a:69:ef:ed:2e:59:88:5f:11:b1:c0:1d:
        90:f9:6a:66:f3:dc:a3:05:fc:80:a8:1f:1b:77:82:
        34:17:af:66:0f:c4:56:ba:92:e8:4f:1d:c7:8a:a0:
    6f:93:05:80:07
    Exponent: 65537 (0x10001)
    
  4. Abstract the Private Exponent Values
  5. The private exponent needs to be reformatted -removing the ":"'s - I use vi -but there are serveral ways to do this.
    OpenSSL> rsa -in private.pem -text -noout
    Private-Key: (512 bit)
    modulus:
        00:ce:57:7a:3a:65:cd:9f:96:42:37:19:2e:10:ed:
        04:24:ea:4a:69:ef:ed:2e:59:88:5f:11:b1:c0:1d:
        90:f9:6a:66:f3:dc:a3:05:fc:80:a8:1f:1b:77:82:
        34:17:af:66:0f:c4:56:ba:92:e8:4f:1d:c7:8a:a0:
        6f:93:05:80:07
    publicExponent: 65537 (0x10001)
    privateExponent:
        49:e4:3f:ac:1b:fa:c7:b4:7a:5f:da:cf:89:56:27:
        4e:c4:ec:03:05:dd:6c:e4:b9:16:3a:72:e9:f6:6c:
        8d:34:2d:aa:f7:52:63:bc:f6:cb:a9:ea:eb:e6:e8:
        1b:6d:88:fb:99:22:73:45:a8:73:47:3e:d5:64:d3:
        1a:d2:e5:e9
    prime1:
        00:e9:51:14:02:e2:df:b9:40:bd:43:a5:0e:a0:7a:
        2f:1f:b1:07:0e:b6:3b:8b:12:dc:fa:80:33:07:7a:
        4e:4b:75
    prime2:
        00:e2:67:07:9d:8a:57:88:d6:ee:3b:ce:8c:5c:09:
        09:3e:03:59:cf:88:99:83:6c:cc:0d:23:de:5a:85:
        18:fa:0b
    exponent1:
        00:db:53:5b:53:67:40:56:5e:34:4c:ad:91:b5:6b:
        86:76:ed:2c:2c:39:44:79:f4:ee:84:11:15:67:37:
        22:f8:ad
    exponent2:
        31:86:58:24:1e:1f:07:cf:fc:4d:18:e1:9b:40:5e:
        c5:31:f6:73:6f:6e:25:51:a7:51:38:87:6b:45:b2:
        31
    coefficient:
        00:85:6c:23:f9:ab:51:08:d2:b9:fc:36:e0:46:10:
        48:f1:09:fe:ef:c9:a5:5d:a8:19:0e:ad:16:62:10:
        f0:3a:df
    
  6. Using RSA implemented in Python to encrypt/decrypt with the key pair.
    #!/usr/local/bin/python 
    from sys import*;from string import*;a=argv;[s,p,q]=filter(lambda x:x[:1]!=
    '-',a);d='-d'in a;e,n=atol(p,16),atol(q,16);l=(len(q)+1)/2;o,inb=l-d,l-1+d
    while s:s=stdin.read(inb);s and map(stdout.write,map(lambda i,b=pow(reduce(
    lambda x,y:(x<<8L)+y,map(ord,s)),e,n):chr(b>>8*i&255),range(o-1,-1,-1)))
    
    [jake@erdos ~/python]$ echo 'Hello World' | rsa.py 10001 CE577A3A65CD9F964237192E10ED0424EA4A69EFED2E59885F11B1C01D90F96A66F3DCA305FC80A81F1B77823417AF660FC456BA92E84F1DC78AA06F93058007 > secretmsg
    
    [jake@erdos ~/python]$ cat secretmsg | rsa.py -d 49e43fac1bfac7b47a5fdacf8956274ec4ec0305dd6ce4b9163a72e9f66c8d342daaf75263bcf6cba9eaebe6e81b6d88fb99227345a873473ed564d31ad2e5e9 CE577A3A65CD9F964237192E10ED0424EA4A69EFED2E59885F11B1C01D90F96A66F3DCA305FC80A81F1B77823417AF660FC456BA92E84F1DC78AA06F93058007
    HelloWorld
    
    
  7. Additional information on the python script above can be found at A.M. Kuchling's site .

Jacob Mathai
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License