ASN.1 DER 格式的私钥
为什么模数用前导零填充?我正在阅读 PKCS#1 和 PKCS#8 但没有找到任何相关内容。 在 C# 中,必须删除前导零,有人知道为什么吗?
在http://etherhack.co.uk/ametry/docs/rsa_key_breakdown.html,您可以看到模数和指数有前导零。问题是他们为什么有它,我还没有在任何地方找到解释。
Why is the modulus padded with leading zeros? I was reading PKCS#1 and PKCS#8 but didn't find anything about it.
In c# the leading zeros must be removed, does anybody know why?
At http://etherhack.co.uk/asymmetric/docs/rsa_key_breakdown.html, you can see that the modulus and exponent have leading zeros. The question is why they have it, I haven't found an explanation anywhere yet.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
私钥值被编码为 ASN.1 INTEGER,它们是二进制补码格式的有符号值。当设置(无符号)RSA 密钥值的 MSB 时,前导零字节是必需的。设置 MSB 而不带前导零字节将意味着负值。
ASN.1 规范是免费的,可从 Wikipedia 链接。这里的相关部分是 X.690,“8.3 整数值的编码”。
我将在此处提供一个示例,以防链接页面消失。
如果您有 openssl,则可以使用以下命令生成测试密钥:
以下是 test.der 中的示例数据:
30 82 01 3bASN.1 SEQUENCE,长度0x13b,内容遵循
02 01 00版本:ASN.1 INTEGER,存储长度 1,值 0
02 41 00 c0 8e ...(65 个数据字节)模数:ASN.1 INTEGER,存储长度 65,值 0xc08e...(需要前导零字节,因为模数 > 2^511)
02 03 01 00 01公共指数:0x10001(不需要前导零字节,因为指数 <2^23)
02 41 00 b5 87 ...(65 个数据字节)私有指数:0xb587...
02 21 00 e7 18 ...(33 个数据字节)prime1: 0xe718...
02 21 00 d5 43 ...(33 个数据字节)prime2: 0xd543...
02 20 75 67 a1 ...(32 个数据字节)exponent1: 0x7567...(不需要前导零字节,因为指数 <2^255)
02 20 0a f6 3f ...(32 个数据字节)指数2:0x0af6...
02 21 00 c7 13 ...(33个数据字节)系数:0xc713...
The private key values are encoded as ASN.1 INTEGERs, which are signed values in two's complement format. The leading zero byte is necessary when the MSB of the (unsigned) RSA key value is set. Having the MSB set without a leading zero byte would mean a negative value.
The ASN.1 specs are free and are linked from Wikipedia. The relevant section here is in X.690, "8.3 Encoding of an integer value".
I'll provide an example here in case the linked page goes away.
If you have openssl, you can generate test keys with:
Here's sample data from test.der:
30 82 01 3bASN.1 SEQUENCE, length 0x13b, contents follow
02 01 00version: ASN.1 INTEGER, stored length 1, value 0
02 41 00 c0 8e ...(65 data bytes)modulus: ASN.1 INTEGER, stored length 65, value 0xc08e... (leading zero byte required because modulus is > 2^511)
02 03 01 00 01public exponent: 0x10001 (leading zero byte not required because exponent is < 2^23)
02 41 00 b5 87 ...(65 data bytes)private exponent: 0xb587...
02 21 00 e7 18 ...(33 data bytes)prime1: 0xe718...
02 21 00 d5 43 ...(33 data bytes)prime2: 0xd543...
02 20 75 67 a1 ...(32 data bytes)exponent1: 0x7567... (leading zero byte not required because exponent is < 2^255)
02 20 0a f6 3f ...(32 data bytes)exponent2: 0x0af6...
02 21 00 c7 13 ...(33 data bytes)coefficient: 0xc713...