I have a generated public/private key pair 2048 bits that is from windows software from a reputable large company but the Modulus and/or private exponent seem to be invalid. The file generated is an XML which has private keyblob, public keyblob, (D I assume, it's 256 bytes) and (N I assume, 256 bytes also). The private keyblob shows the public exponent (0x010001) as well as the same two binary numbers.
Modulus (N): 0xB4...C5
Private Exp: 0xD7...B7
Now these are supposedly Little Endian which makes sense because N must be greater than D, also it's how MS stores RSA numbers, so the three values I have are:
- E: 0x10001
- N: 0xC5...B4 (256B)
- D: 0xB7...D7 (256B)
The issue I have is that the Modulus should be an odd number as it's the product of two primes and that is where mbedtls throws an error.
Somehow though, the proprietary software can generate a signature and which passes verification with just N and E.
Is there something I'm missing here?
The only thing I can think of is that one of the primes is 2 which doesn't seem likely.
The reason I'm trying to figure this out is to be able to use the keys with openssl or mbedtls to sign firmware on a linux build server. I can't give details of the proprietary software but there is no source code for it.