How to be sure that public key belongs to private key (RSA) without modulus check?

Question

I'm generating RSA key pairs using Node.js and they are both stored in database (private keys are AES-encrypted).

I want to check if the decrypted private key matches the public key, to make sure that the public key has not been replaced/tampered while at rest.

I found no way to get the keys modulus with the Node.js API.

If I simply encrypt a random message and get the original message when decrypting, is it ok ?

I just want to know if this is safe, i don't really care if it's slow or not optimal.

Is there any way i can do it without any external libraries ?

I don't really want to directly use openssl CLI from node either.

Thanks a lot.

Answer 1

Generally we create a signature over some known message and verify that (even over an empty octet string), but encryption / decryption would work as well. Probably best to make sure you use the operation that the key was originally intended for Do make sure you don't sign or encrypt a message that could be used by an adversary and/or don't leak the result.

It is impossible that a different private key can be used that isn't functionality equivalent. There may still be differences though, e.g. a private key can contain the private exponent for direct exponentiation with that private exponent (plain RSA), or it can contain the key generation parameters used for the Chinese Remainder Theorem. In that case it doesn't require the private exponent.