Hi all,
I have a small question - I am trying to calculate the HASH over a
public key, and I want it to be reliable across different environments.
In particular, I would like to be able to calculate an HASH over the
public key (e.g., loaded from the keypair file) and or a key in a
certificate and get the same value (given that they are the same keys :D).
It seems that by using the d2i_PUBKEY(), I get some extra data and that
does not allow me to calculate correctly the HASH.
in particular, here's the output i2d_PUBKEY() and X509_get0_pubkey_bitstr():
*[DEBUG] Cert Key Bit String X509_get0_pubkey_bitstr**()**:*
30:82:01:0A:02:82:01:01:00:BD:ED:42:7E:D4:2D:BD:7C:EC:CB:E6:
B2:93:0D:E1:E1:A8:81:0C:01:A5:71:24:D6:65:D3:56:FD:D1:A6:53:
F3:3F:F6:80:68:16:BF:7E:A9:2C:E2:10:10:77:FC:EF:35:52:4E:A9:
0D:15:AF:8F:2C:2D:30:BC:60:C3:31:EE:6C:CC:66:86:5E:DA:46:45:
D3:31:2D:0E:D1:C0:96:63:0C:C2:D1:CF:C6:47:C3:97:9A:DA:95:E9:
98:92:3B:AB:14:CF:58:5B:B8:50:EB:25:0F:CA:25:07:E7:A4:B0:FA:
50:B5:1E:6B:DE:D8:F7:BE:BA:35:9A:E9:D9:5A:05:22:F0:18:2C:BD:
FC:DF:E7:38:70:E0:8D:DD:C3:53:EE:B4:21:26:66:84:8A:29:5C:11:
12:59:C8:09:E4:C2:49:BA:3F:CC:3D:15:22:0F:EC:F6:6C:8F:41:BA:
A7:7B:D0:66:C9:4A:89:1A:73:E9:E8:67:17:20:00:8F:4C:70:A3:A0:
85:05:C9:60:CD:18:17:F4:28:BA:59:F2:49:88:C9:87:1B:61:98:E8:
55:AD:A7:C2:B0:81:6C:63:C2:4E:92:6C:7B:45:F4:A5:57:C7:CD:E0:
28:83:E7:F4:AB:E1:E2:79:71:31:F5:AE:05:A4:32:AB:61:7A:82:74:
33:30:AF:32:FF:02:03:01:00:01:
*[DEBUG] i2d_PUBKEY() Bit String:*
00:00:00:00:00:00:00:00:2A:86:48:86:F7:0D:01:01:01:05:00:03:
82:01:0F:00:30:82:01:0A:02:82:01:01:00:BD:ED:42:7E:D4:2D:BD:
7C:EC:CB:E6:B2:93:0D:E1:E1:A8:81:0C:01:A5:71:24:D6:65:D3:56:
FD:D1:A6:53:F3:3F:F6:80:68:16:BF:7E:A9:2C:E2:10:10:77:FC:EF:
35:52:4E:A9:0D:15:AF:8F:2C:2D:30:BC:60:C3:31:EE:6C:CC:66:86:
5E:DA:46:45:D3:31:2D:0E:D1:C0:96:63:0C:C2:D1:CF:C6:47:C3:97:
9A:DA:95:E9:98:92:3B:AB:14:CF:58:5B:B8:50:EB:25:0F:CA:25:07:
E7:A4:B0:FA:50:B5:1E:6B:DE:D8:F7:BE:BA:35:9A:E9:D9:5A:05:22:
F0:18:2C:BD:FC:DF:E7:38:70:E0:8D:DD:C3:53:EE:B4:21:26:66:84:
8A:29:5C:11:12:59:C8:09:E4:C2:49:BA:3F:CC:3D:15:22:0F:EC:F6:
6C:8F:41:BA:A7:7B:D0:66:C9:4A:89:1A:73:E9:E8:67:17:20:00:8F:
4C:70:A3:A0:85:05:C9:60:CD:18:17:F4:28:BA:59:F2:49:88:C9:87:
1B:61:98:E8:55:AD:A7:C2:B0:81:6C:63:C2:4E:92:6C:7B:45:F4:A5:
57:C7:CD:E0:28:83:E7:F4:AB:E1:E2:79:71:31:F5:AE:05:A4:32:AB:
61:7A:82:74:33:30:AF:32:FF:02:03:01:00:01:
Now, the output of the i2d_PUBKEY() has an extra 24 Bytes at the
beginning (the match starts from 30:82010A... ) - what are those bytes?
I guess some extra encoding that is needed... but is there a way to
obtain the same values that does not depend on the type or size of the
keys ? Is the 24 Bytes a constant size or ... ? Is there any
documentation that would help me... ?
Cheers,
Max
--
Best Regards,
Massimiliano Pala, Ph.D.
OpenCA Labs Director
OpenCA Logo
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
