Mirrors | Updates | Feedback | Changes | Wishlist | Team
OpenSSH-format RSA private keys (also known as PEM format) contain a base64-encoded PKCS#1 RSAPrivateKey. When generated by OpenSSL, these always have p > q, but this isn't actually required by PKCS#1; there is a report that VanDyke SecureCRT generates them in a random order, for instance. At present, PuTTYgen will reject keys where p < q, but it should accept them and make whatever changes are necessary to have them work with PuTTY's RSA code.
This is not quite trivial to do in the current PuTTY code
organisation, since the OpenSSH import code does not actually
convert the input key to bignum format; it just massages it into one
of the other private key blob formats and feeds that to an import
function in sshrsa.c. In order to reverse the order of the primes,
it would have to compute the new
iqmp value, which
would involve a conversion to bignums and back. Still not impossible
by any means, but I'd guess more like a thirty-line job than three.
Audit trail for this bug.