PuTTY bug rsa-import-primeorder

This is a mirror. Follow this link to find the primary PuTTY web site.

Home | FAQ | Feedback | Licence | Updates | Mirrors | Keys | Links | Team
Download: Stable · Snapshot | Docs | Changes | Wishlist

summary: PuTTYgen shouldn't insist that p > q in imported OpenSSH RSA private keys
class: bug: This is clearly an actual problem we want fixed.
difficulty: tricky: Needs many tuits.
priority: medium: This should be fixed one day.
present-in: 0.58
fixed-in: r8202 ff294f4ffd306558dade2aa1192ac29ab440d454 2008-10-09 (0.61)

OpenSSH-format RSA private keys (also known as PEM format) contain a base64-encoded PKCS#1 RSAPrivateKey. When generated by OpenSSL, these always have p > q, but this isn't actually required by PKCS#1; there is a report that VanDyke SecureCRT generates them in a random order, for instance. At present, PuTTYgen will reject keys where p < q, but it should accept them and make whatever changes are necessary to have them work with PuTTY's RSA code.

This is not quite trivial to do in the current PuTTY code organisation, since the OpenSSH import code does not actually convert the input key to bignum format; it just massages it into one of the other private key blob formats and feeds that to an import function in sshrsa.c. In order to reverse the order of the primes, it would have to compute the new iqmp value, which would involve a conversion to bignums and back. Still not impossible by any means, but I'd guess more like a thirty-line job than three.

If you want to comment on this web site, see the Feedback page.
Audit trail for this bug.
(last revision of this bug record was at 2016-12-27 11:40:21 +0000)