打印 X.509 数字签名

发布于 2024-07-16 20:56:10 字数 128 浏览 12 评论 0原文

我正在使用数字证书签署交易结果，此外，我需要打印一张带有信息和数字签名的单据。

我想知道是否有专门为印刷媒体设计的 X.509 数字签名的更短表示形式？也许某种哈希或类似的东西......

非常感谢！

原文

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

猫九 2024-07-23 20:56:10

“openssl x509”工具使用“-text”选项为 x.509 证书提供了一个漂亮、简洁、人类可读的文本表示形式：

openssl x509 -noout -text -in CA_2048bit.pem

输出如下所示：

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            00:11:22:33:44:55:66:77:88:99
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: CN=Some CA, OU=Dept, O=MyOrganization, ST=Mazowieckie, C=PL
        Validity
            Not Before: Jun 17 14:24:59 2009 GMT
            Not After : Jun 17 14:24:57 2029 GMT
        Subject: CN=Some Party, OU=Dept, O=MyOrganization, ST=Mazowieckie, C=PL
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (2048 bit)
                Modulus (2048 bit):
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE, pathlen:0
    Signature Algorithm: sha1WithRSAEncryption
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33

由于签名和模数，这当然有点长信息。

不幸的是，所有这些数据都需要完整地验证证书的真实性以及使用它来验证通过它验证的数字签名。

没有这些，证书的其余内容就不能证明任何事情。

The "openssl x509" tool gives a nice, concise, human readable text representation of a x.509 certificate using the "-text" option:

openssl x509 -noout -text -in CA_2048bit.pem

The output looks like this:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            00:11:22:33:44:55:66:77:88:99
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: CN=Some CA, OU=Dept, O=MyOrganization, ST=Mazowieckie, C=PL
        Validity
            Not Before: Jun 17 14:24:59 2009 GMT
            Not After : Jun 17 14:24:57 2029 GMT
        Subject: CN=Some Party, OU=Dept, O=MyOrganization, ST=Mazowieckie, C=PL
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (2048 bit)
                Modulus (2048 bit):
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE, pathlen:0
    Signature Algorithm: sha1WithRSAEncryption
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33

This is of course a bit long due to the signature and the modulus information.

Unfortunately, all of this this data is required in full for verifying the certificate authenticity and for using it to verify the digital signatures authenticated with it, respectively.

Without these the rest of certificate contents don't prove anything.

回复收藏 0 原文

~没有更多了~