What is an RSA “key ID”?

前端 未结 4 1189
长情又很酷
长情又很酷 2021-01-02 06:34

I\'ve seen key IDs used in several places and would like to use them in my program, but I haven\'t been able to find a description of them. How are they generated?

相关标签:
4条回答
  • 2021-01-02 07:19

    The "key ID" used for RSA key in GPG/PGP is the last 8 hex digits of the modulus of the key.

    0 讨论(0)
  • 2021-01-02 07:24

    In the case of Strongswan one can display what it refers to as the keyid using its command line utilities. The main point of the keyid is that it can be used to identify the actual public key contained within a certificate so that a certificate might change but by checking the keyid one can check whether the key has changed or not.

    The pki command will list the keyids of an X.509 cert as follows (where the subjectPublicKeyInfo hash is the keyid):

    pki --keyid --in cert.pem --type x509
    

    Or for an RSA private key:

    pki --keyid --in key.pem
    

    The second command is ipsec which one can use to list all the certs (and config) installed in the /etc/ipsec.d subdirectories (this command will list the certificates and their corresponding keyid which is the same as their subjectPublicKeyInfo hash listed by the pki command):

    ipsec listall
    

    Also one can use openssl to generate Strongswan's idea of a keyid, which is basically the SHA1 of the actual RSA public key (the sed script just strips the '-----BEGIN PUBLIC KEY-----' and END banners) [Corrected after Micah's comment]:

    openssl x509 -in cert.pem -noout -pubkey | sed 's/--.*$//g' | base64 --decode | sha1sum
    
    0 讨论(0)
  • 2021-01-02 07:28

    In different formats (PGP, SSH, X.509 certificates) key ID has different meaning. Neither SSH nor X.509 have a "dedicated" concept of key ID, but some people use this term (including their software) - in this case it's usually a hash of the public key or of the certificate in whole.

    Update: the comments reminded me that "key identifier" extensions exist in X.509 certifiactes, and they sometimes are being referred to as key IDs. Yet, this is not common - usually the hash (also sometimes called the fingerprint) is referenced as key ID.

    0 讨论(0)
  • 2021-01-02 07:28

    Having just done this for my own purposes, I'll write this down while it's all fresh in my head...

    The "official" key ID (that is, the content of the "X509v3 Subject Key Identifier" extension in an X509 certificate) is the SHA1 hash of the DER-encoded ASN.1 sequence consisting of the modulus and exponent of an RSA public key. It takes piecing together about three different RFCs and a bit of experimentation to come up with that, but that's how it works.

    Some Ruby code to do the encoding looks like this -- feed it an RSA public or private key on stdin:

    require 'openssl'
    
    pkey = OpenSSL::PKey::RSA.new($stdin.read).public_key
    
    seq = OpenSSL::ASN1::Sequence([OpenSSL::ASN1::Integer.new(pkey.n),
                                   OpenSSL::ASN1::Integer.new(pkey.e)])
    puts Digest::SHA1.hexdigest(seq.to_der).upcase.scan(/../).join(':')
    
    0 讨论(0)
提交回复
热议问题