堆栈内存溢出
  简体   繁体   English

x509证书信息

[英]x509 certificate Information

 原文  2010-04-28 12:48:38       openssl

问题描述

Certificate:
Data:
    Version: 3 (0x2)
    Serial Number: 95 (0x5f)
    Signature Algorithm: sha1WithRSAEncryption
    Issuer: C=, O=, CN=
    Validity
        Not Before: Apr 22 16:42:11 2008 GMT
        Not After : Apr 22 16:42:11 2009 GMT
    Subject: C=, O=, CN=, L=, ST=
    Subject Public Key Info:
        Public Key Algorithm: rsaEncryption
        RSA Public Key: (1024 bit)
            Modulus (1024 bit):
                ...
                ...
                ...
            Exponent: 65537 (0x10001)
    X509v3 extensions:
        X509v3 Key Usage: critical
            Digital Signature, Key Encipherment
        X509v3 Extended Key Usage: critical
            Code Signing
        X509v3 Authority Key Identifier:
            keyid: ...

Signature Algorithm: sha1WithRSAEncryption
    a9:55:56:9b:9e:60:7a:57:fd:7:6b:1e:c0:79:1c:50:62:8f:
    ...
    ...
-----BEGIN CERTIFICATE-----
...
...
...
-----END CERTIFICATE-----

In This Certificate, Which is the public key? 在此证书中,哪个是公钥? is Modulus? 是模量? what does the Signature Algorithm, a9:55:56:... represent (is it message digest)? 签名算法,a9:55:56:...代表什么(消息摘要)? And what is between -----BEGIN CERTIFICATE----- & -----END CERTIFICATE-----, is That the whole certificate? ----- BEGIN证书-----和----- END证书-----之间是什么,那是整个证书吗?

As I am novice, little bit confusing between the message digest and public key? 由于我是新手,因此在消息摘要和公钥之间是否有些混淆?

Thanks in Advance-opensid 感谢Advance-opensid

2 个解决方案

解决方案1
 4 已采纳  2010-04-28 12:55:23

An RSA public key consists of a modulus and exponent pair, which is shown in the "RSA Public Key" stanza. RSA公钥由模数和指数对组成,这在“ RSA Public Key”节中显示。 So that is the raw public key. 这就是原始的公钥。

An x509 certificate is also signed by the certification authority- so the data in the "Signature Algorithm" stanza is that signature, an RSA-encrypted SHA1 digest of the preceding "Data:" section. x509证书也由证书颁发机构签名-因此“签名算法”节中的数据是该签名,即前面“数据:”部分的RSA加密的SHA1摘要。

The base64-encoded data between "BEGIN CERTIFICATE" and "END CERTIFICATE" is the x509 certificate in machine-readable form (all the textual data above is for human consumption). “ BEGIN证书”和“ END证书”之间的base64编码数据是机器可读形式的x509证书(上面的所有文本数据供人类使用)。 When processing a PEM-format file such as this, only the data between the "BEGIN" and "END" lines is actually read. 当处理这样的PEM格式的文​​件时,实际上仅读取“ BEGIN”和“ END”行之间的数据。

解决方案2
 1  2010-04-28 12:55:49

Public key is made of modulus and public exponent. 公用密钥由模数和公用指数组成。

The hex strings after signature algorithm is the signature. 签名算法之后的十六进制字符串是签名。

The X509 is encoded in a binary encoding (DER) of ASN.1. X509以ASN.1的二进制编码(DER)进行编码。 It's normally converted to a text format called PEM, which is all the text between the begin/end markers (inclusive). 通常会将其转换为称为PEM的文本格式,该格式是开始/结束标记(含)之间的所有文本。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 具有自己的rsa公钥信息的openssl X509证书 - openssl X509 certificate with own rsa public key information 解析X509证书 - Parsing X509 certificate Google Cloud HSM 的 X509 证书 - X509 certificate for Google Cloud HSM x509:由未知权限签署的证书 - x509: certificate signed by unknown authority x509证书使用者替代名称 - x509 certificate subject alternative name C中的X509 *证书序列化和反序列化 - X509* certificate serialization and deserialization in C 打印X509证书C ++ - Print an x509 certificate c++ 将X509证书保存到文件中 - Save X509 certificate to a file 如何篡改X509格式证书? - How to tamper a X509 format certificate? 如何在C中验证X509证书 - How to verify a X509 certificate in C
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM