读取 ASN.1 DER 编码的 RSA 公钥
我正在编写一个应用程序来更好地了解 DKIM。 规范说我从域 TXT 记录中检索“ASN.1 DER 编码”公钥。 我可以在“s1024._domainkey.yahoo.com”=“MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrEee0Ri4Juz+QfiWYui/E9UGSXau/2P8LjnTD8V4Unn+2FAZVGE3kL23bzeoULYv4PeleB3gfm”上看到密钥。
如何使用 .net 中的此密钥? 我见过的示例从 X509Certificate2 或包含 RSAParameters 的 XML 文件获取密钥。
更正:我从 network-tools.com DNS 工具复制/粘贴了上面的密钥,这肯定已经缩短了它。 nslookup 给了我完整的密钥:
s1024._domainkey.yahoo.com 文本 = “k=rsa;t=y;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrEee0Ri4Juz+QfiWYui/E9UGSXau2P8LjnTD8V4Unn+2FAZVGE3kL23bzeoULYv4PeleB3gfm” “JiDJOKU3Ns5L4KJAUUHjFwDebt0NP+sBK0VKeTATL2Yr/S3bTxhy+1xtj4RkdV7fVxTn56Lb4udUnwuxK4V5b5PdOKj+XcwIDAQAB;n=A 1024 位密钥;”
所以 abelenky 的 BASE64 走在正确的道路上。
I'm writing an app to get a better understanding of DKIM. The spec says I retrieve a "ASN.1 DER-encoded" public key from the domain TXT record. I can seen the key on "s1024._domainkey.yahoo.com" = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrEee0Ri4Juz+QfiWYui/E9UGSXau/2P8LjnTD8V4Unn+2FAZVGE3kL23bzeoULYv4PeleB3gfm".
How can I use this key from .net? The examples I've seen get the key from a X509Certificate2, or an XML file containing the RSAParameters.
CORRECTION: I copy/pasted the key above from the network-tools.com DNS tool, which must've cut it short. nslookup gives me the full key:
s1024._domainkey.yahoo.com text =
"k=rsa; t=y; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrEee0Ri4Juz+QfiWYui/E9UGSXau2P8LjnTD8V4Unn+2FAZVGE3kL23bzeoULYv4PeleB3gfm"
"JiDJOKU3Ns5L4KJAUUHjFwDebt0NP+sBK0VKeTATL2Yr/S3bTxhy+1xtj4RkdV7fVxTn56Lb4udUnwuxK4V5b5PdOKj+XcwIDAQAB; n=A 1024 bit key;"
So abelenky was on the right track with BASE64..
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
对于任何对此事感兴趣的人,我建议 System.Security .Cryptography.X509Certificates.PublicKey 可用于读取 DER 编码的公钥。
For anyone interested in this matter I would suggest the System.Security.Cryptography.X509Certificates.PublicKey which can be used to read a DER encoded public key.
该字符串看起来像是某种 Base-64 编码。
如果将该字符串从 base-64 转换为 BLOB,则它应该采用有效的 ASN.1 格式。
That string looks like its some sort of base-64 encoding.
If you convert that string from base-64 to a BLOB, it should then be in valid ASN.1 format.
尝试使用 bouncycastle 库,它为此类情况提供了强大的功能。
Try the bouncycastle library, it provides great functionality for such cases.
这是包含 RSA 公钥的 ASN.1 PublicKeyInfo 的 DER 编码的 Base64 编码。
翻译如下:
OBJECT IDENTIFIER 表示后面的 BIT STRING 包含 RSAPublicKey 的编码。 INTEGER 是模数和公共指数。
您可以使用 Convert.FromBase64String 解码 Base64,但是我不认为 .NET 具有用于解析 PublicKeyInfos 的内置功能,因此您需要使用像 BouncyCastle 这样的第 3 方工具。
This is the base64-encoding of the DER-encoding of an ASN.1 PublicKeyInfo containing an RSA public key.
Here is a translation:
The OBJECT IDENTIFIER indicates that the following BIT STRING contains the encoding of an RSAPublicKey. The INTEGERs are the modulus and the public exponent.
You can decode the base64 with Convert.FromBase64String, but I don't think .NET has built-in functionality for parsing PublicKeyInfos, so you need to use a 3rd party tool like BouncyCastle.