x509 证书信息
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95 (0x5f)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=, O=, CN=
Validity
Not Before: Apr 22 16:42:11 2008 GMT
Not After : Apr 22 16:42:11 2009 GMT
Subject: C=, O=, CN=, L=, ST=
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
...
...
...
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage: critical
Code Signing
X509v3 Authority Key Identifier:
keyid: ...
Signature Algorithm: sha1WithRSAEncryption
a9:55:56:9b:9e:60:7a:57:fd:7:6b:1e:c0:79:1c:50:62:8f:
...
...
-----BEGIN CERTIFICATE-----
...
...
...
-----END CERTIFICATE-----
在此证书中, 哪个是公钥?是模数? 签名算法 a9:55:56:... 代表什么(是消息摘要)? -----BEGIN CERTIFICATE----- 和 -----BEGIN CERTIFICATE----- 之间是什么? -----END CERTIFICATE-----,这是整个证书吗?
由于我是新手,消息摘要和公钥之间有点混淆?
提前致谢-opensid
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95 (0x5f)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=, O=, CN=
Validity
Not Before: Apr 22 16:42:11 2008 GMT
Not After : Apr 22 16:42:11 2009 GMT
Subject: C=, O=, CN=, L=, ST=
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
...
...
...
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage: critical
Code Signing
X509v3 Authority Key Identifier:
keyid: ...
Signature Algorithm: sha1WithRSAEncryption
a9:55:56:9b:9e:60:7a:57:fd:7:6b:1e:c0:79:1c:50:62:8f:
...
...
-----BEGIN CERTIFICATE-----
...
...
...
-----END CERTIFICATE-----
In This Certificate,
Which is the public key? is Modulus?
what does the Signature Algorithm, a9:55:56:... represent (is it message digest)? And what is between -----BEGIN CERTIFICATE----- & -----END CERTIFICATE-----, is That the whole certificate?
As I am novice, little bit confusing between the message digest and public key?
Thanks in Advance-opensid
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
RSA 公钥由模数和指数对组成,如“RSA Public Key”节中所示。这就是原始公钥。
x509 证书也由证书颁发机构签名 - 因此“签名算法”节中的数据就是该签名,即前面“数据:”部分的 RSA 加密 SHA1 摘要。
“BEGIN CERTIFICATE”和“END CERTIFICATE”之间的base64编码数据是机器可读形式的x509证书(以上所有文本数据均供人类使用)。处理此类 PEM 格式文件时,实际上仅读取“BEGIN”和“END”行之间的数据。
An RSA public key consists of a modulus and exponent pair, which is shown in the "RSA Public Key" stanza. So that is the raw public key.
An x509 certificate is also signed by the certification authority- so the data in the "Signature Algorithm" stanza is that signature, an RSA-encrypted SHA1 digest of the preceding "Data:" section.
The base64-encoded data between "BEGIN CERTIFICATE" and "END CERTIFICATE" is the x509 certificate in machine-readable form (all the textual data above is for human consumption). When processing a PEM-format file such as this, only the data between the "BEGIN" and "END" lines is actually read.
公钥由模数和公共指数组成。
签名算法后的十六进制字符串就是签名。
X509 采用 ASN.1 的二进制编码 (DER) 进行编码。它通常会转换为称为 PEM 的文本格式,这是开始/结束标记(包括)之间的所有文本。
Public key is made of modulus and public exponent.
The hex strings after signature algorithm is the signature.
The X509 is encoded in a binary encoding (DER) of ASN.1. It's normally converted to a text format called PEM, which is all the text between the begin/end markers (inclusive).