golang x509.MarshalPKIXPublicKey与x509.MarshalPKCS1PublicKey() [英] golang x509.MarshalPKIXPublicKey vs x509.MarshalPKCS1PublicKey()
问题描述
有人可以帮助我了解MarshalPKIXPublicKey()和MarshalPKCS1PublicKey()之间的区别吗?
Can anyone help me understand the difference between MarshalPKIXPublicKey() and MarshalPKCS1PublicKey()?
根据评论: //MarshalPKIXPublicKey将公共密钥序列化为DER编码的PKIX格式.
according to the comment: // MarshalPKIXPublicKey serialises a public key to DER-encoded PKIX format.
//MarshalPKCS1PublicKey将RSA公钥转换为PKCS#1,ASN.1 DER形式.
// MarshalPKCS1PublicKey converts an RSA public key to PKCS#1, ASN.1 DER form.
什么是DER编码的PKIX格式?
what is a DER-encoded PKIX format ?
谢谢
推荐答案
您不清楚您不了解或不了解的程度.从基础开始:
You don't make clear how much you don't (or do) understand. To start from the basics:
ASN.1 (抽象语法符号一)是定义系统或程序之间要通信或交换的数据结构的通用方案.
ASN.1 (Abstract Syntax Notation One) is a general scheme for defining the structure of data to be communicated or interchanged between systems or programs.
DER (杰出的编码规则)是一种定义为将ASN.1数据编码为可以通信和/或存储的字节序列,并将这些字节序列无损解码回ASN.1数据的方案.
DER (Distinguished Encoding Rules) is a scheme defined to encode ASN.1 data to sequences of bytes that can be communicated and/or stored, and decode those sequences of bytes back to ASN.1 data losslessly.
PKCS1 ,又称为RFC 2313、2437、3447, 8017 (公钥加密标准#1)是定义有关使用RSA算法的一系列内容的标准,其中附录A 定义了一个名为RSAPublicKey的ASN.1结构,以表示RSA公钥,该公钥与任何ASN.1结构一样都可以进行DER编码.
PKCS1 aka RFCs 2313,2437,3447,8017 (Public Key Cryptography Standard #1) is a standard that defines a range of things about using the RSA algorithm, among which Appendix A defines an ASN.1 structure named RSAPublicKey to represent an RSA public key, which like any ASN.1 structure can be DER-encoded.
MarshalPKCS1PublicKey将RSA公钥转换为PKCS#1,ASN.1 DER形式.
MarshalPKCS1PublicKey converts an RSA public key to PKCS#1, ASN.1 DER form.
显然意味着PKCS1中RSA公钥的ASN.1结构的DER编码.
clearly means the DER encoding of the ASN.1 structure for an RSA public key in PKCS1.
PKIX (公钥基础结构X.509)是最初由当时的CCITT-ITU-T定义的X.509标准的Internet变体(形式上为配置文件),当前位于 rfc5280 . X.509和PKIX主要定义了公共密钥证书的格式,该格式将公共密钥与其他元数据绑定到身份.为此,它必须包含可以处理多种公钥算法的公钥表示,这可以使用用于识别算法的AlgorithmIdentifier,以及以算法相关方式包含实际公钥值的BIT STRING . RSA的算法相关部分在 rfc3279 sec 2.3.1 中指定如您所见,它是来自PKCS1的DER编码的RSAPublicKey结构.
PKIX (Public Key Infrastructure X.509) is an Internet variant (formally, a profile) of the X.509 standard originally defined by then-CCITT now-ITU-T, currently in rfc5280. X.509, and PKIX, primarily defines a format for a public-key certificate which binds a public-key to an identity along with other metadata. To do this it has to contain a representation of a public-key that can handle multiple public-key algorithms, which is done using the SubjectPublicKeyInfo structure which, fairly simply, consists of an AlgorithmIdentifier that identifies the algorithm, plus a BIT STRING that contains the actual public-key value in an algorithm-dependent manner. The algorithm-dependent part for RSA is specified in rfc3279 sec 2.3.1 and as you see it is the RSAPublicKey strucuture from PKCS1, DER encoded.
因此RSA公钥的'DER编码PKIX格式' 表示PKIX/X.509 SubjectPublicKeyInfo结构的DER编码,其中包含RSA的algorithmIdentifier(OID 1.2.840.113549.1.1.1和参数NULL),以及包含DER编码的PKCS1 RSAPublicKey的BIT STRING.
Thus 'DER-encoded PKIX format' of an RSA public key means the DER encoding of a PKIX/X.509 SubjectPublicKeyInfo structure containing the algorithmIdentifier for RSA (OID 1.2.840.113549.1.1.1 and parameters NULL) and a BIT STRING containing the DER encoded PKCS1 RSAPublicKey.
相关或相似的(尽管大多数包括私有的非公共和/或PEM而非DER):
如何存储/检索RSA公钥/私钥
如何将字符串从PEM转换为DER格式
发送RSA公钥,javaME,充气城堡的问题
在Java中以PKCS#1格式生成RSA密钥
如何以PEM格式生成PKCS#1 RSA密钥?
将RSA密钥从BigIntegers转换为SubjectPublicKeyInfo表单
将X509公钥转换为RSA公钥
加载公共密钥以创建用于公共加密的rsa对象
和交叉堆叠:
https://crypto.stackexchange.com/questions/19149/什么是公钥容器格式的技术名称
https://crypto.stackexchange.com/Questions/54121/rsa-key-differences-openssl-cli-vs-openssl-ssl-hc-function
Related or similar (although most include private not public and/or PEM not DER):
How to store/retrieve RSA public/private key
How do we convert a String from PEM to DER format
Problem transmiting a RSA public key, javaME , bouncy castle
Generating RSA keys in PKCS#1 format in Java
How to generate PKCS#1 RSA keys in PEM Format?
Converting RSA keys into SubjectPublicKeyInfo Form from BigIntegers
Convert a X509 Public key to RSA public key
Load public key to create rsa object for public encryption
and cross-stack:
https://crypto.stackexchange.com/questions/19149/what-is-the-technical-name-for-a-public-key-container-in-der-format
https://crypto.stackexchange.com/questions/54121/rsa-key-differences-openssl-cli-vs-openssl-ssl-h-c-function
这篇关于golang x509.MarshalPKIXPublicKey与x509.MarshalPKCS1PublicKey()的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
