What is the format of an RSA public key?

Question

I have this RSA public key from which I want to get Modulus and exponent part but not able to get the format in which it is encoded. Can someone please tell how to decode it?

the format is called PEM. You might want to check [RFC1421](https://www.ietf.org/rfc/rfc1421.txt) and/or similar. — Jakuje, Feb 26 '16 at 19:00
see http://crypto.stackexchange.com/questions/18031/the-modulus-of-rsa-public-key — mti2935, Feb 26 '16 at 19:37

score 14 · Accepted Answer · answered Feb 26 '16 at 20:10

$ cat > foo.txt
-----BEGIN PUBLIC KEY-----
MIIBBgKBgDI/ranPo8MDfguQfSzqg7mtNlUJLLBK7tlVALyk42agbLTSFcZbs9Yw
t3nSe9yNzZB9ZVrL3O9GXkEb6xvj3dqrog+wWOeFCqNV7BuJNYYC/ef4vlnUFQdw
yswbd7d198qjWBZ7MiZRXxX8qKRln+osTvsDYOMZk93k0cGZgyuJAoGAHkgFohgA
nH93kDPjN4sHaT9WsmZ4ailbMtcnWuLizTRJ2sdGjNrpuwT1R+x1nlYHOeDUSOu6
De0kQJX+HZuQCoha6THsdgcV297krN22FwsDZ1PItXLIr5oC7zcNQaDyAJOIv6BC
ufHQ0IR+L9b9esniMbF8yV0d7EVAaBJiyRk=
-----END PUBLIC KEY-----
$ openssl asn1parse -i -in foo.txt 
    0:d=0  hl=4 l= 262 cons: SEQUENCE          
    4:d=1  hl=3 l= 128 prim:  INTEGER           :323FADA9CFA3C3037E0B907D2CEA83B9AD3655092CB04AEED95500BCA4E366A06CB4D215C65BB3D630B779D27BDC8DCD907D655ACBDCEF465E411BEB1BE3DDDAABA20FB058E7850AA355EC1B89358602FDE7F8BE59D4150770CACC1B77B775F7CAA358167B3226515F15FCA8A4659FEA2C4EFB0360E31993DDE4D1C199832B89
  135:d=1  hl=3 l= 128 prim:  INTEGER           :1E4805A218009C7F779033E3378B07693F56B266786A295B32D7275AE2E2CD3449DAC7468CDAE9BB04F547EC759E560739E0D448EBBA0DED244095FE1D9B900A885AE931EC760715DBDEE4ACDDB6170B036753C8B572C8AF9A02EF370D41A0F2009388BFA042B9F1D0D0847E2FD6FD7AC9E231B17CC95D1DEC4540681262C919

There you go. I used these commands on a fairly regular Linux system.

Note that your file is weird. A RSA public key consists in two integers, the modulus (n) and the public exponent (e). It is normally encoded as an ASN.1 structure that is a SEQUENCE of two INTEGER values. That structure is then supposed to be DER-encoded, and the resulting sequence of bytes to become the contents of a BIT STRING in another, outer ASN.1 structure that also contains an explicit identifier for the key type (i.e. an indication that the key is really of type RSA). In your case, that outer structure is missing, so there is formally no indication, neither in the encoded ASN.1 structure, nor in the PEM header ("BEGIN PUBLIC KEY"), that the key is a RSA key.

As a RSA key, it looks a bit strange too. The first integer, purportedly the modulus, has length 1022 bits, which is not very common (developers and cryptographers really love powers of 2, so they won't accept a 1022-bit integer if there is any possibility that they could make a 1024-bit integer). The second integer, the public exponent, is quite large (1021 bits); this is formally supported by RSA, but very rare: public exponents can be very short with no ill effect on security, and this makes public key operations much faster, so there is no real reason for using a large exponent. Some widespread implementations (Windows CryptoAPI...) don't even support public exponents larger than 32 bits.

If what you have is really a RSA public key, then chances are that someone is pulling your leg -- or is doing things in uncommon and probably weak ways.

Indeed `openssl rsa -pubin -noout -text < key` and `openssl rsa -RSAPublicKey_in -noout -text < key` are both unable to parse the ASCII armored text, definitely something unorthodox if it's an RSA public key. — puzzlepalace, Feb 26 '16 at 20:35
now I had n p q e of this public key, but the given encrypted message is a .bin file now I am not getting a way to decrypt the data from bin file using these values. — ping0Fdeath, Feb 26 '16 at 23:25
@puzzlepalace since this is actually PKCS#1, if you fix the header&trailer to `RSA PUBLIC KEY` then `-RSAPublicKey_in` works. (The values remain suspicious, as Thomas describes.) — dave_thompson_085, Feb 27 '16 at 05:07

What is the format of an RSA public key?

1 Answers1

Linked