Generating RSA keys with a specific public exponent

The crypto/rsa library has the below function to generate a new RSA private key.

func GenerateKey(random io.Reader, bits int) (*PrivateKey, error)

This appears to default to use 65537 as the public exponent value. Is there an API I can use to generate a RSA private key with a public exponent of my choice that does not have a dependency on OpenSSL or another C library?

You will not find such an API in Go.

This is because, for many reasons, 3 and 65537 match requirements needed for RSA to work and for RSA implementations to be fast.

Here are the explanations for these two properties:

• First, for RSA to work, the public exponent must be coprime with the cardinal number of the set of integers, between 1 and the modulus, that are coprime with the modulus (see RSA algorithm to understand why). So, choosing a prime number is a good way to have a chance for this number to be coprime with the cardinal number of the set described above, this is why people choose prime numbers as public exponents, most of the time (and if it is not the case, they compute a new modulus instead of changing the public exponent). Since the cardinal number of the set described above is even, you can not choose 2 (if the modulus is the product of primes p and q, this set has (p-1)(q-1) elements, that is obviously an even number).

• Moreover, for fast computation, the number of bits set to 1 in the binary representation of the public exponent must be lower as possible. 2 is the only prime number with one bit set to 1 in its binary representation. Since it can not be chosen, you will choose a prime number that only has 2 bits set to one in its binary representation. Therefore, the arithmetic product of such a prime with any other number only needs one addition and a logical shift left.

The only known integers (up to now) that match these requirements are 3, 5, 17, 257 and 65537.