Generating RSA keys

From BitWise DocuWiki

You can generate RSA keys outside of BitWise and load them into BitWise Plus or Professional.

  • You need to generate RSA keys using the PKCS #8: Private-Key Information Syntax Standard.
  • Values should be encoded using ASN.1.
  • The keys themselves should be encoded using DER.

The following three commands in succession will generate RSA keys for use with BitWise on Linux or Mac OS X:

openssl genrsa -out NBWPriv.key 1024 -outform DER

openssl pkcs8 -topk8 -nocrypt -in NBWPriv.key -out BWPriv.pk8

openssl rsa -in NBWPriv.key -out BWPub.key -pubout

You can then use BWPriv.pk8 and BWPub.key as your private and public keys, respectively. Note: you will need to open these files and remove the headers and footers (the lines that say "BEGIN" and "END"). If you have any difficulties, please post in the Technical Support forum (http://www.bitwiseim.com/phpBB2/viewforum.php?f=2).

If you know of a way to generate RSA keys to the above specification on Windows, please edit this page with instructions. Thanks!

As of this writing (04/2009) there is a self-installing Windows version of OpenSSL available. This was found by going to this page of the OpenSSL website: http://www.openssl.org/related/binaries.html. The link which was present went to this page: http://www.slproweb.com/products/Win32OpenSSL.html.

The instructions for downloading and installing OpenSSL are on the second page. When you install OpenSSL you should find a folder named "OpenSSL" on your hard drive. Open this folder. Inside the folder you will find a "bin" folder. Open this folder too.

Look for the file named "openssl.exe". Double click it. It will open a terminal window that says "OpenSSL>". Type the commands that you see above. (Don't type "openssl", just the material after that.)

When you are done you can close the OpenSSL.exe window. Refresh the contents of the OpenSSL>bin window. (If you don't know how, close the window and re-open it.) You will see three new files listed. You can open these files with Notepad to erase the headers.

Note that I do not have Bitwise Plus, so I could not test the keys which were created. But I have no reason to think they would not work.