0

The client store its private key locally and use to sign messages send to server, the server stores the public key of the user in a database to verify messages from client.

Here's my problem, if the client lose its private key due to some accident(like hard-disk being destroyed), it will never be able to connect to server(unless call the administrator of the server to reset his key).

So I'm thinking, if there's an algorithm to generate a deterministic RSA key-pair from a password(which can be kept in the client's human brain), the problem mentioned above will be eliminated.

Is that possible to implement such algorithm using Rust-openssl?

炸鱼薯条德里克
  • 899
  • 8
  • 25
  • 2
    those should be two questions. one whether such an algorithm exists (it does)/how it would work and one how it can be implemented in rust. – the8472 Apr 02 '18 at 07:44
  • 1
    For asking whether such an algorithm exists, [security.se](https://security.stackexchange.com/) might be a better place to start. But after understanding how the algorithm works, you shouldn't just ask on StackOverflow: you should try to implement it yourself first and if you have a specific problem, then you can ask here. Just asking "How would I implement this algorithm?" is a bit broad and thus off-topic here on StackOverflow. – Lukas Kalbertodt Apr 02 '18 at 08:29

2 Answers2

0

Doing this basically boils down to using the password as input to seed a pseudo-random number generator. The same seed will yield the same pseudo-random numbers. An example of doing that to deterministically generate a prime number (which would be used to eventually generate an RSA key) can be found here. If this is a single-purpose standalone executable, you could then execute RSA_generate_key_ex, otherwise write an RSA key generator (using the BN functions) and import the key.

mnistic
  • 10,866
  • 2
  • 19
  • 33
  • Reason for downvote? If something's inaccurate, I'd like to know it. – mnistic Apr 02 '18 at 15:14
  • Implementing a whole engine for these seems to be way over the top. Just write an RSA key generator (using the BN functions) and import the key. A `rand` engine is at the wrong level of abstraction because it is global and affects everything else in the process, not just generation of a single key. – Florian Weimer Apr 02 '18 at 17:51
  • @FlorianWeimer OK, thanks for the explanation. You're right of course. Couldn't you just execute `RSA_generate_key_ex` after seeding the PRNG though? – mnistic Apr 02 '18 at 19:59
  • OpenSSL might need randomness for something else, in a non-deterministic fashion. And it won't work if the process is multi-threaded and something else calls a randomness-consuming OpenSSL function. – Florian Weimer Apr 02 '18 at 20:16
  • I was thinking of it as a standalone executable just to generate the key (since the larger application is Rust-based apparently) but, it's up to the OP – mnistic Apr 02 '18 at 21:57
-1

Check out dOpenSSL: https://github.com/bernardoaraujor/dopenssl.rs

It consists of a deterministic implementation of some of the OpenSSL functionalities, namely:

  • Deterministic Big Number Generation
  • Deterministic Pseudo Random Number Generation
  • Deterministic RSA Keypair Generation

I started this repository as an exercise. I am also maintaining https://github.com/bernardoaraujor/dopenssl (fork), which is written in C.

My goal in dopenssl.rs is to use bindgen to autogenerate Rust Wrappers. dOpenSSL functionality is stable, but Rust Wrappers are a work-in-progress.

Contributions are welcome.

Bernardo Araujo
  • 1
  • 1
  • 1