golang x509.MarshalPKIXPublicKey 与 x509.MarshalPKCS1PublicKey()
golang x509.MarshalPKIXPublicKey vs x509.MarshalPKCS1PublicKey()
谁能帮我理解 MarshalPKIXPublicKey() 和 MarshalPKCS1PublicKey() 之间的区别?
根据评论:
// MarshalPKIXPublicKey 将 public 密钥序列化为 DER 编码的 PKIX 格式。
// MarshalPKCS1PublicKey 将 RSA public 密钥转换为 PKCS#1、ASN.1 DER 形式。
什么是 DER 编码的 PKIX 格式?
谢谢
你没有说清楚你不明白(或明白)多少。从基础开始:
ASN.1(抽象语法符号一)是一种通用方案,用于定义要在系统或程序之间通信或交换的数据结构。
DER(可分辨编码规则)是一种方案,用于将 ASN.1 数据编码为可以通信 and/or 存储的字节序列,并将这些字节序列解码回 ASN。 1 数据无损。
PKCS1 aka RFC 2313,2437,3447,8017 (Public Key Cryptography Standard #1) is a standard that defines a range of things about using the RSA algorithm, among which Appendix A 定义了一个名为 RSAPublicKey
的 ASN.1 结构来表示 RSA public密钥,它像任何 ASN.1 结构一样可以进行 DER 编码。
MarshalPKCS1PublicKey converts an RSA public key to PKCS#1, ASN.1 DER form.
明确表示 PKCS1 中 RSA public 密钥的 ASN.1 结构的 DER 编码。
PKIX (Public Key Infrastructure X.509) is an Internet variant (formally, a profile) of the X.509 standard originally defined by then-CCITT now-ITU-T, currently in rfc5280. X.509, and PKIX, primarily defines a format for a public-key certificate which binds a public-key to an identity along with other metadata. To do this it has to contain a representation of a public-key that can handle multiple public-key algorithms, which is done using the SubjectPublicKeyInfo
structure which, fairly simply, consists of an AlgorithmIdentifier that identifies the algorithm, plus a BIT STRING that contains the actual public-key value in an algorithm-dependent manner. The algorithm-dependent part for RSA is specified in rfc3279 sec 2.3.1 如您所见,它是 PKCS1 的 RSAPublicKey 结构,DER 编码。
因此 'DER-encoded PKIX format' 的 RSA public 密钥 表示 PKIX/X.509 SubjectPublicKeyInfo 结构的 DER 编码,其中包含 RSA 的算法标识符(OID 1.2.840.113549.1.1.1 和参数 NULL)和包含 DER 编码的 PKCS1 RSAPublicKey 的 BIT STRING。
相关或类似(尽管大多数包括私有而非 public and/or PEM 而非 DER):
How to store/retrieve RSA public/private key
How do we convert a String from PEM to DER format
Problem transmiting a RSA public key, javaME , bouncy castle
Generating RSA keys in PKCS#1 format in Java
How to generate PKCS#1 RSA keys in PEM Format?
Converting RSA keys into SubjectPublicKeyInfo Form from BigIntegers
和跨堆栈:
https://crypto.stackexchange.com/questions/19149/what-is-the-technical-name-for-a-public-key-container-in-der-format
https://crypto.stackexchange.com/questions/54121/rsa-key-differences-openssl-cli-vs-openssl-ssl-h-c-function
谁能帮我理解 MarshalPKIXPublicKey() 和 MarshalPKCS1PublicKey() 之间的区别?
根据评论: // MarshalPKIXPublicKey 将 public 密钥序列化为 DER 编码的 PKIX 格式。
// MarshalPKCS1PublicKey 将 RSA public 密钥转换为 PKCS#1、ASN.1 DER 形式。
什么是 DER 编码的 PKIX 格式?
谢谢
你没有说清楚你不明白(或明白)多少。从基础开始:
ASN.1(抽象语法符号一)是一种通用方案,用于定义要在系统或程序之间通信或交换的数据结构。
DER(可分辨编码规则)是一种方案,用于将 ASN.1 数据编码为可以通信 and/or 存储的字节序列,并将这些字节序列解码回 ASN。 1 数据无损。
PKCS1 aka RFC 2313,2437,3447,8017 (Public Key Cryptography Standard #1) is a standard that defines a range of things about using the RSA algorithm, among which Appendix A 定义了一个名为 RSAPublicKey
的 ASN.1 结构来表示 RSA public密钥,它像任何 ASN.1 结构一样可以进行 DER 编码。
MarshalPKCS1PublicKey converts an RSA public key to PKCS#1, ASN.1 DER form.
明确表示 PKCS1 中 RSA public 密钥的 ASN.1 结构的 DER 编码。
PKIX (Public Key Infrastructure X.509) is an Internet variant (formally, a profile) of the X.509 standard originally defined by then-CCITT now-ITU-T, currently in rfc5280. X.509, and PKIX, primarily defines a format for a public-key certificate which binds a public-key to an identity along with other metadata. To do this it has to contain a representation of a public-key that can handle multiple public-key algorithms, which is done using the SubjectPublicKeyInfo
structure which, fairly simply, consists of an AlgorithmIdentifier that identifies the algorithm, plus a BIT STRING that contains the actual public-key value in an algorithm-dependent manner. The algorithm-dependent part for RSA is specified in rfc3279 sec 2.3.1 如您所见,它是 PKCS1 的 RSAPublicKey 结构,DER 编码。
因此 'DER-encoded PKIX format' 的 RSA public 密钥 表示 PKIX/X.509 SubjectPublicKeyInfo 结构的 DER 编码,其中包含 RSA 的算法标识符(OID 1.2.840.113549.1.1.1 和参数 NULL)和包含 DER 编码的 PKCS1 RSAPublicKey 的 BIT STRING。
相关或类似(尽管大多数包括私有而非 public and/or PEM 而非 DER):
How to store/retrieve RSA public/private key
How do we convert a String from PEM to DER format
Problem transmiting a RSA public key, javaME , bouncy castle
Generating RSA keys in PKCS#1 format in Java
How to generate PKCS#1 RSA keys in PEM Format?
Converting RSA keys into SubjectPublicKeyInfo Form from BigIntegers
和跨堆栈:
https://crypto.stackexchange.com/questions/19149/what-is-the-technical-name-for-a-public-key-container-in-der-format
https://crypto.stackexchange.com/questions/54121/rsa-key-differences-openssl-cli-vs-openssl-ssl-h-c-function