Self-Signed Certificate with OpenSSL

Steps to generate a private key, a cert-signing request and a self-signed cert .

# openssl genrsa -out privatekey.pem 2048

# openssl req -new -key privatekey.pem -out certrequest.csr

# openssl x509 -req -in certrequest.csr -signkey privatekey.pem -out certificate.pem

If you want to create a p12 file which includes both private key and pub key

# openssl pkcs12 -export -out keyStore.p12 -inkey  privatekey.pem -in certificate.pem

In case the cert is issued by an external CA server, there may be a conversion involved.

How are the large primes generated in genrsa ? 2048 bits is a ~617 digit integer. The probability of it being a prime is ~1/log(N) or 1/1400. From genrsa doc, a “.” represents each number which has passed an initial sieve test, “+” means a number has passed a single round of the Miller-Rabin primality test. The primality testing idea for big numbers is to repeatedly check for a condition satisfied by primes, such as a^p mod p = a mod p, for different a, until a probabality bound is met. The key is that a^p mod p can be calculated relatively easily even if p is very large. The AKS test uses a different property of primes, that binomial coefficients of an pth power are multiples of p iff p is prime.

bn_prime.c 123 /* The quick sieve algorithm approach to weeding out primes is Philip Zimmermann’s, as implemented in PGP.  I have had a read of his comments and implemented my own version.*/

Putting some traces, in BN_GENCB_call, it appears it generates a number of random numbers and checks them for primality. Surprising the number of iteration is as small as 42 below.

rt: starting BN_generate_prime_ex loop: 512 safe=0

checking probable prime

checked probable prime

. rt2: calling cb 0 40  type2 1

checking fast

rt: starting BN_generate_prime_ex loop: 512 safe=0

checking probable prime

checked probable prime

. rt2: calling cb 0 41  type2 1

checking fast

rt: starting BN_generate_prime_ex loop: 512 safe=0

checking probable prime

checked probable prime

. rt2: calling cb 0 42  type2 1

checking fast

+ rt2: calling cb 1 0  type2 1

+ rt2: calling cb 1 1  type2 1

+ rt2: calling cb 1 2  type2 1

+ rt2: calling cb 1 3  type2 1

+ rt2: calling cb 1 4  type2 1

+ rt2: calling cb 1 5  type2 1

rt2: calling cb 3 1  type2 1

e is 65537 (0x10001)

crypto/bn/bn_x931p.c   BN_GENCB_call(cb, 3, 0)  is in BN_X931_derive_prime_ex. X931 is described here. Interesting discussion on strong primes here. Some factor methods are in http://anh.cs.luc.edu/331/notes/factorAttack.pdf

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s