解析X509 DSS证书以获得P、Q、G和Y

发布于 2024-08-27 13:57:05 字数 507 浏览 13 评论 0原文

我正在尝试解析包含数字签名算法 (DSA) 公钥的 X509 证书。

使用 javax.security.cert.X509Certificate 类和 getPublicKey() 方法我已经能够获取 P、Q、G 和 Y：

P: 0279b05d bd36b49a 6c6bfb2d 2e43da26 052ee59d f7b5ff38 f8288907 2f2a5d8e 2acad76e ec8c343e eb96edee 11
Q: 036de1
G: 03 
Y: 02790a25 22838207 4fa06715 1def9df5 474b5d84 a28b2b9b 360a7fc9 086fb2c6 9aab148f e8372ab8 66705884 6d

但是，我不确定这是什么格式以及如何解析它以将其转换为Java 中的 long\BigInteger。

有人知道如何进行这种转换吗？

我目前假设它是十六进制，并且我正在解析它 - 但我不能 100% 确定这是否正确。

原文

I am trying to parse a X509 Certificate that contains a Digital Signature Algorithm (DSA) public key.

Using the javax.security.cert.X509Certificate class and getPublicKey() method I've been able to get P, Q, G and Y:

P: 0279b05d bd36b49a 6c6bfb2d 2e43da26 052ee59d f7b5ff38 f8288907 2f2a5d8e 2acad76e ec8c343e eb96edee 11
Q: 036de1
G: 03 
Y: 02790a25 22838207 4fa06715 1def9df5 474b5d84 a28b2b9b 360a7fc9 086fb2c6 9aab148f e8372ab8 66705884 6d

However, I'm not sure what format this is and how to parse it to convert it to long\BigInteger in Java.

Does anybody know how to do this conversion?

I am currently assuming it is Hex and I am parsing it as so - but I'm not 100% sure if this is correct.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

浸婚纱 2024-09-03 13:57:05

您应该已经拥有大整数。我的情况是这样的：

X509Certificate xc = X509Certificate.getInstance(ecert);
PublicKey pkey = xc.getPublicKey();
DSAPublicKey dk = (DSAPublicKey)pkey;
DSAParams pp = dk.getParams();
System.out.printf("p = 0x%X\n", pp.getP());
System.out.printf("q = 0x%X\n", pp.getQ());
System.out.printf("g = 0x%X\n", pp.getG());
System.out.printf("y = 0x%X\n", dk.getY());

假设编码的证书位于 ecert 中。接口 DSAPublicKey 和 DSAParams 位于 java.security.interfaces 中。

您还可以通过 KeyFactory 并使用 getKeySpec() 方法将公钥导出为 DSAPublicKeySpec，这将提供相同的值作为 BigInteger 实例。不过，我不确定走这条路是否有收获。

您显示的可能是某种编码，但我很不知道是哪种编码。无论如何，在正确的 DSA 公钥中，“Q”参数应至少为 160 位宽。

You should already have the big integers. Here is how it goes for me:

X509Certificate xc = X509Certificate.getInstance(ecert);
PublicKey pkey = xc.getPublicKey();
DSAPublicKey dk = (DSAPublicKey)pkey;
DSAParams pp = dk.getParams();
System.out.printf("p = 0x%X\n", pp.getP());
System.out.printf("q = 0x%X\n", pp.getQ());
System.out.printf("g = 0x%X\n", pp.getG());
System.out.printf("y = 0x%X\n", dk.getY());

assuming the encoded certificate is in ecert. Interfaces DSAPublicKey and DSAParams are in java.security.interfaces.

You can also go through a KeyFactory and use the getKeySpec() method to export the public key as a DSAPublicKeySpec, which will offer the same values as BigInteger instances. I am not sure if there is a gain to go through that road, though.

What you show is probably some kind of encoding, but I am quite at a loss to know which one. Anyway, the 'Q' parameter shall be at least 160-bit wide in a proper DSA public key.

回复收藏 0 原文

~没有更多了~