Generating public and private key
I'm new to SSL/TLS. I'm trying to generate the public and private key using gen_key application that came with mbed TLS. I found this link below:
Following the instruction above, I typed:
./gen_key type=rsa rsa_keysize=4096 filename=private.key format=pem
Once the program finished, I found that I have private.key file, but could not find private.pub file any where. Please let me know where the public key file is, or how to generate the public key.
Please ignore. I figured it out.
Maybe it is nice if you post to the forum what you did to figure it out, when someone has a similar question they don't have to post it to the forum again. Knowledge sharing is all this forum should be about!
gen_key does not generate both public and private key, it only generates the private key. Using the private key, we would request a certificate. The public key is then created in the certificate. At least that's my understanding.
Andres Amaya Garcia
mbedtls/programs/pkey/gen_key is a utility that can help to easily generate EC or RSA keys in PEM or DER format. This application will only output a private key file, and the public key can be computed by simply decoding information and doing the necessary arithmetic.
To generate both private and public key files in a specific format, an application can be written using the mbed TLS library. Alternatively, if the format is not important, the tool at
programs/pkey/rsa_genkey generates both public and private 2048-bit RSA key files in plain text format. This
rsa_genkey is also simpler and can be used as a starting point for software with specific requirements.
I hope this information is helpful.
Kind regards, Andres AG, mbed TLS Team Member
Thanks, Andres. Certainly very helpful information.
Thank you for information. I have one question.
Can we generate the public and private key of 1024 bits by using rsa_genkey.c file. I will wait for your valuable reply.
Thanks & Regards, Abhishek Shah
rsa_genkey is a sample application to show how to generate an rsa key pair. In order for you to generate a 1024 rsa key, all you need to do is modify in
rsa_genkey.c the value of
KEY_SIZE from 2048 to 1024.
Having said that, note that RSA with 1024bit key size has been deprecated and considered now as non-secure, so it is not recommended to use this key size.
mbed TLS Team member