签名和交换密钥类型它们是什么以及何时使用它们(Makecert -sky)?
-sky switch 指定主体的密钥类型,必须是签名, 交换,或一个整数 代表提供者类型。经过 默认情况下,您可以传递 1 作为 交换密钥和 2 来签名 关键。
如果我理解正确的话,那么 signature
和 exchange
是两种关键类型?分别在什么情况下使用?
谢谢
-sky switch Specifies the subject's key type, which must be signature,
exchange, or an integer that
represents a provider type. By
default, you can pass 1 for an
exchange key and 2 for a signature
key.
If I understand this correctly, then signature
and exchange
are two key types? In what situations is each used?
thank you
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
是的,这是两种类型的非对称密钥(公钥/私钥)。非对称密钥通常有两个目的,
1)加密会话密钥
2)创建数字签名
在谈论密钥类型时:
Exchange = 加密会话密钥
签名 = 创建数字签名
这是一个有很好解释的链接。 非对称密钥
That is correct, these are the two type of asymmetric keys (public/private keys). Asymmetric keys are generally used for two purposes,
1)encrypt session keys
2)creating a digital signature
When talking about the key type:
Exchange = encrypt session keys
Signature = create digital signature
Here is a link that has a good explanation. Asymmetric Keys
答案隐藏在 的最后其他答案中引用的文章。
TL;DR:签名密钥和交换密钥之间没有技术差异。
这只是关于密钥存储。典型的用户将拥有两个不同的密钥对用于两个不同的目的(“交换”和“签名”)。它们将被存储在密钥库的相应“槽”中。如果需要,密钥存储实际上可以包含更多密钥对。
The answer is hidden in the very end of the article referenced in other answer.
TL;DR: There is no technical difference between Signature and Exchange keys.
It is just about the key storage. Typical user will have two different key pairs for two different purposes ("exchange" and "sign"). They will be stored in corresponding "slots" of the key store. And the key store can actually contain more key pairs, if needed.
SIGNATURE 或 EXCHANGE 密钥类型之间存在差异。
密钥类型:交换 - 用于签名和加密
密钥类型:签名 - 仅用于签名
除非另有建议,否则当您创建 CSR 时,您将选择密钥类型 Exchange。
There is a difference between SIGNATURE or EXCHANGE key types.
Key type: Exchange - used for both signing and encryption
Key type: Signature - used only for signing
Unless otherwise advised, when you create your CSR, you would choose the key type Exchange.
我有同样的问题。我没有找到任何与此相关的文档,但我的猜测是这些选项决定了密钥和证书的预期用途,无论是用于签名还是密钥交换。在大多数情况下我们需要一个签名密钥。
I have the same question. I did not find any documentation about this but my guess is the options determine the intended usage of the key and the certificate, whether it is for signing or key exchange. In most situations we need a signature key.