0

Ok, so the general steps to make a Certificate Signing Request are (as I understand it) as follows:

  • Generate a key pair
  • Put my identifying information and the public key (or its hash) into a document
  • Sign that document (CSR) with the generated private key
  • Send the CSR to a CA who will verify that it's me and return a signed certificate with trust chain (possibly)

Since the actual signed certificate is to associate a trust relationship between my public key and my credentials, a certificate cannot be signed without access to the public key or at least a hash of the public key.

Here's the confusion for me: I see that there is a command I can execute in OpenSSL:

openssl req -out CSR.csr -key privateKey.key -new

This supposedly creates a new CSR using only the private key. I cannot see how this can work.

Is the public key or its hash secretly hidden inside the private key file?

Tim Spears
  • 43
  • 5
  • 1
    The public key is part of the privat key file: `openssl rsa -in privateKey.key -pubout` – Steffen Ullrich Feb 07 '17 at 18:39
  • Also DSA and EC(DSA) keys; for those the publickey is (fairly) trivially derivable even if not stored. Although in principle a scheme could exist that certifies publickey hashes (e.g. HPKP preload sort of does), the only certs and CSRs supported by OpenSSL (and other SSL/TLS implementations) are X.509(v3) and PKCS10 which only certify actual publickeys not hashes. – dave_thompson_085 Feb 08 '17 at 07:41
  • For more info on how the public key is contained within the private key file, see https://crypto.stackexchange.com/questions/45151/anatomy-of-an-rsa-private-key – mti2935 Aug 14 '21 at 22:27

1 Answers1

3

A private key isn't just a big number, it is actually a data structure with several numbers in it.

Here's what a public key looks like (RSA):

<RSAKeyValue>
    <Modulus>yIf6e2K99p7hyCPlpjR0TDpH6Cpxy/zxctg/G8xHVGxtM00z6p9svf9YoT+TraHM8i6ZFtod9emkNSq8jAcWfWQ1q0xzuSmJNo74ZHFardNzH/oGExVpfiO1qCgeAnI3ILn5jTyV7g82j2wPImdAiL/wA7TfhE93POrKdrP1QpM=
    </Modulus>
    <Exponent>AQAB</Exponent>
</RSAKeyValue>

And private:

<RSAKeyValue>
    <Modulus>yIf6e2K99p7hyCPlpjR0TDpH6Cpxy/zxctg/G8xHVGxtM00z6p9svf9YoT+TraHM8i6ZFtod9emkNSq8jAcWfWQ1q0xzuSmJNo74ZHFardNzH/oGExVpfiO1qCgeAnI3ILn5jTyV7g82j2wPImdAiL/wA7TfhE93POrKdrP1QpM=
    </Modulus>
    <Exponent>AQAB</Exponent>
    <P>8KXqVAlsMtguk+xtLysbpcKYtNRIvLcORUc7SXtnMi6rtWnQ807IRfpXXDqK8BVDSCZCaNp5/lKFE4YSPqEKlQ==
    </P>
     <Q>1VLnPE9qWMXAIkYg7Y5w+jSNWAixuMBeKKIxx43VuwdrtRK7pRXaSYci/DZNe72XN8DHL6sbqpk93hnqx4h2hw==
    </Q>
    <DP>VIJ/qylv9N8UZGBH66Og3vJavE48iQFkIpIkUObkU6wuItRZS8ij7mc+3KW2ex+MdD7zXW00IEsMbtHLgHD/jQ==
    </DP>
    <DQ>S4Qtl4wFeaeHfJqWzYG/PNOdtaxePajbrEa+mIX9Q1g9KLyY8LfrrlvIZsBSbZuQDIyR9q37/UiCPj2ufzQvwQ==
    </DQ>
    <InverseQ>nrkYAY+YWALD4M39LfwdCWrtjVGYMUwMiebd3qQtirRfSBSvqPhhz1huKV7pZZHbrW+h3mxfZVZ/4WpaJ67GEA==
    </InverseQ>
    <D>kUSQXBnn62Slw0rd7k1Jgn8l4DX/Qfr3Hm8xKH4PnkT9xpBC79CWAf2cwxM/dCUmRrsjA772vVKINkvDUt0/mEXFZyYxg8FK1D1g9CdSoq6dPSxk/QXBYrsEPDo4Pe5gFdKTh4dqfnsBP0d6/7U4e2bAGg+3xn63w6CQ+JzCYmE=
    </D>
</RSAKeyValue>

As you can see, the private key includes everything that is in the public key.

John Wu
  • 9,101
  • 1
  • 28
  • 39