There are two different coding formats for X.509 standard certificates. pem coding is generally used pem as the file extension,
If der coding is adopted, it shall be in der as the extension. But common certificate extensions also include crt,. cer,. p12 et al,
They may adopt different coding formats and contents, but most of them can be converted to each other.
Key format and coding
x.509: public key certificate standard, which is the content of an integer;
RSA: asymmetric encryption algorithm, which can be used to encrypt text, usually 1024 4086 bits;
ASN.1: Abstract syntax tags describe a data format that represents, encodes, transmits and decodes data;
PKCS (the public key Cryptography Standards): a series of standards related to public key cryptography;
PKCS#1 (RSA Cryptography Standard): defines the syntax format of RSA public key and private key;
PKCS#8 (private key information Syntax Standard): defines a syntax for private key information and also provides a syntax for encryption keys;
DER Code: conform to ASN 1. The key or certificate file of syntax is output as binary file;
PEM encoding: encode the binary data encoded by DER with Base64, and output the text data plus the start and end lines,
Such as "---- BEGIN CERTIFICATE ------" and "---- END CERTIFICATE ------" in the certificate file;
Several extensions of certificates
. PEM: file extension of X.509 certificate in PEM encoding format;
. DER: file extension of X.509 certificate in DER encoding format;
. crt(certificate): certificate format, common in UNIX like systems, PEM or DER coding, most of which adopts PEM coding;
. cer(certificate): certificate format, which is common in Windows system. Similarly, PEM or DER coding is adopted for most of them;
. p12(.pfx): encryption standard, PKCS #12, is a kind of Public Key Cryptography Standards (PKCS) series,
Contains the corresponding X.509 certificate and the private key corresponding to the certificate. Simple understanding: one p12 file = X.509 certificate + private key;
. csr(Certificate Signing Request): a certificate signing request, which is not in the form of a certificate. It is used to apply for a certificate from a CA,
Contains an RSA public key and other attached information in generating this When applying for csr, a paired RSA private key will also be generated.
. key: it is usually used to store an RSA public key or private key. It is not in the format of X.509 certificate. The code may also be PEM or DER. The viewing method is as follows:
PEM Coding format: openssl rsa -in xxx.key -text -noout DER Coding format: openssl rsa -in xxx.key -text -noout -inform der
PKCS#1 format
Contains a series of data, from which you can export the private key and public key. I can't understand how to generate it
secret key
# PKCS#1 format key data structure RSAPrivateKey ::= SEQUENCE { version Version, // Version number. The version number in V2 should be 0, but if multiple prime numbers are used, the version number should be 1 modulus INTEGER, -- n //Modulus of RSA n publicExponent INTEGER, -- e //RSA's public key exponent e privateExponent INTEGER, -- d //RSA's public key power exponent d prime1 INTEGER, -- p //Prime factor p of n prime2 INTEGER, -- q //Prime factor q of n exponent1 INTEGER, -- d mod (p-1) exponent2 INTEGER, -- d mod (q-1) coefficient INTEGER, -- (inverse of q) mod p,//Represents the coefficient of CRT (Chinese remainder theorem) otherPrimeInfos OtherPrimeInfos OPTIONAL //If version is 0, it is ignored; If version is 1, it should contain at least one instance of OtherPrimeInfo } OtherPrimeInfo ::= SEQUENCE { prime INTEGER, -- ri exponent INTEGER, -- di coefficient INTEGER -- ti }
Using openssl to generate, pkcs#1 format, PEM encoded key file prikey pkcs1. pem
openssl genrsa -out prikey.pkcs1.pem
# cat prikey.pkcs1.pem -----BEGIN RSA PRIVATE KEY----- MIICWwIBAAKBgQC2FKCULiab15n1BD6QvFz382kt4GsDvuOM5tmYeZD7l8MucSyP pPORFyaWGoKI+pTwAKKbDy2epqq7WtYxOfqA1AzU1mNsk6XRTBHa2XzuSF+/0rXY ... j78p2hP4dnYPVbpCZCdrXNMWl+7hmrKfXNB7PvPAe0fQctUno7WElS37qwIDAQAB -----END RSA PRIVATE KEY-----
The file is base64 coded and can be decoded by tools
openssl rsa -inform PEM -outform DER -in prikey.pkcs1.pem -out prikey.pkcs1.der
Got it The der file is the binary output of the key in pkcs#1 format
# xxd prike.pkcs#1.der 0000000: 3082 025b 0201 0002 8181 00f0 7f55 6009 0..[.........U`. 0000010: cd94 e296 4870 4ee1 f960 64bc 5379 7f52 ....HpN..` 0000020: 3521 5fb9 5a34 8d15 c416 aa08 cfdf 3835 5!_.Z4........ 0000030: 499d 3ffb 31a2 b72e 8256 81f7 9eec cbc4 I.?.1....V...... ...
Direct binary is useless. You can view the information of each field with opnssl
openssl asn1parse -i -in prikey.pkcs1.pem
# cat prikey.pkcs1.pem 0:d=0 hl=4 l= 603 cons: SEQUENCE 4:d=1 hl=2 l= 1 prim: INTEGER :00 7:d=1 hl=3 l= 129 prim: INTEGER :B614A0942E269BD799F5043...07B47D072D527A3B584952DFBAB 139:d=1 hl=2 l= 3 prim: INTEGER :010001 144:d=1 hl=3 l= 128 prim: INTEGER :69132647DD0A32CD0CEFB46F...D2AC424E1E4064BCB85B3AAB9AE1AC1 275:d=1 hl=2 l= 65 prim: INTEGER :D9232CD625CFF3512F2C26D2E9...68327792926561E64C600013781E5EC569 342:d=1 hl=2 l= 65 prim: INTEGER :D6AB36F17373EF5B73229939DA11...6054E2E813FF00B 409:d=1 hl=2 l= 64 prim: INTEGER :1EDA40A4ACFABF37E9DBFC283BC...C80E4DCC71258D2BC0FFFC7390B43864E1BF2105104BA701 475:d=1 hl=2 l= 64 prim: INTEGER :A1D672959574D1...62CFAFB6A7FE42C90DDBDBEE147D749445BA7EE5802B76E7C8A4B55D9FC181D62773 541:d=1 hl=2 l= 64 prim: INTEGER :7AC9618673B62E277A8FB...D83C21460E2A6BEE
Left half
0:d=0 hl=4 l= 603 cons: SEQUENCE
0 indicates the offset length of the node in the whole file
d=0 = node depth
hl=4 = length of node header byte
l=603 indicates the length of node data bytes
The node or the sub structure of cons indicates that the node contains data
prim # indicates that the node is the original node and contains data
OCTET STRING [HEX DUMP] is the encrypted private key data.
//SEQUENCE and OCTETSTRING are ASN 1. Refer to ASN for details 1 format description.
Right half
Referring to the format of the above two paragraphs, you can correspond to the values of each field one by one. This paper does not involve rsa codec operation, so it's good to know the composition of the certificate. After all, I won't
There is another way to view it
openssl rsa -text -noout -in prikey.pkcs1.pem
# cat prikey.pkcs1.pem Private-Key: (1024 bit) modulus: 00:b6:14:a0:94:2e:26:9b:d7:99:f5:04:3e:90:bc: 5c:f7:f3:69:2d:e0:6b:03:be:e3:8c:e6:d9:98:79: 90:fb:97:c3:2e:71:2c:8f:a4:f3:91:17:26:96:1a: 82:88:fa:94:f0:00:a2:9b:0f:2d:9e:a6:aa:bb:5a: d6:31:39:fa:80:d4:0c:d4:d6:63:6c:93:a5:d1:4c: 11:da:d9:7c:ee:48:5f:bf:d2:b5:d8:8f:bf:29:da: 13:f8:76:76:0f:55:ba:42:64:27:6b:5c:d3:16:97: ee:e1:9a:b2:9f:5c:d0:7b:3e:f3:c0:7b:47:d0:72: d5:27:a3:b5:84:95:2d:fb:ab publicExponent: 65537 (0x10001) privateExponent: 69:13:26:47:dd:0a:32:cd:0c:ef:b4:6f:56:9f:1d: ...
Generally, the output content is similar.
Public key
# PKCS#1 public key data structure RSAPublicKey ::= SEQUENCE { modulus INTEGER, -- n //Is the RSA modulus, which is a positive integer publicExponent INTEGER -- e //Is the RSA public key power exponent, which is a positive integer }
Using openssl to export pkcs1 public key from pkcs1 key
openssl rsa -in prikey.pkcs1.pem -RSAPublicKey_out -out pubkey.pkcs1.
# cat pubkey.pkcs1.pem -----BEGIN RSA PUBLIC KEY----- MIGJAoGBALYUoJQuJpvXmfUEPpC8XPfzaS3gawO+44zm2Zh5kPuXwy5xLI+k85EX JpYagoj6lPAAopsPLZ6mqrta1jE5+oDUDNTWY2yTpdFMEdrZfO5IX7/StdiPvyna Eh2dg9VukJkJ2tc0xaX7uGasp9c0Hs+88B7R9By1SejtYSVLfurAgMBAAE= -----END RSA PUBLIC KEY-----
Get to know the private key part and check the value of each field
openssl asn1parse -i -in pubkey.pkcs1.pem
# cat pubkey.pkcs1.pem 0:d=0 hl=3 l= 137 cons: SEQUENCE 3:d=1 hl=3 l= 129 prim: INTEGER :B614A0942E269BD799...D527A3B584952DFBA 135:d=1 hl=2 l= 3 prim: INTEGER :010001
PKCS#8 format
The operation and viewing methods are similar to those above. Briefly introduce their mechanism and generation method
Private key
# PKCS#8 key data structure PrivateKeyInfo ::= SEQUENCE { verion Version, // edition privateKeyAlgorithm PrivateKeyAlgorithmIdentifier ::= SEQUENCE // Private key algorithm privateKey PrivateKey ::= OCTET STRING , // Encrypted private key data, the last OCTET STRING data block attributes [0] IMPLICIT Attributes OPTIONAL ::= SET OF Attribute }
Convert pkcs1 private key to pkcs8 private key
openssl pkcs8 -topk8 -in prikey.pkcs1.pem -out prikey.pkcs8.pem -nocrypt
openssl asn1parse -i -in prikey.pkcs8.pem
# cat prikey.pkcs8.pem # It depends on indentation to distinguish which group of information is, so it should be arranged better 0:d=0 hl=4 l= 710 cons: SEQUENCE 4:d=1 hl=2 l= 64 cons: SEQUENCE 6:d=2 hl=2 l= 9 prim: OBJECT :PBES2 17:d=2 hl=2 l= 51 cons: SEQUENCE 19:d=3 hl=2 l= 27 cons: SEQUENCE 21:d=4 hl=2 l= 9 prim: OBJECT :PBKDF2 32:d=4 hl=2 l= 14 cons: SEQUENCE 34:d=5 hl=2 l= 8 prim: OCTET STRING [HEX DUMP]:7A61B055165A89CA 44:d=5 hl=2 l= 2 prim: INTEGER :0800 48:d=3 hl=2 l= 20 cons: SEQUENCE 50:d=4 hl=2 l= 8 prim: OBJECT :des-ede3-cbc 60:d=4 hl=2 l= 8 prim: OCTET STRING [HEX DUMP]:110E8A184EFEAB9C 70:d=1 hl=4 l= 640 prim: OCTET STRING [HEX DUMP]: C94F34F0CFF56B3E92D437C49559B1BD6 ... 87948FD5C7526D569BB8
Public key
Export private key from pkcsck8
openssl rsa -in prikey.pkcs1.pem -pubout -out pubkey.pkcs8.pem
Get to know the private key part and check the value of each field
openssl asn1parse -i -in pubkey.pkcs8.pem
# cat pubkey.pkcs8.pem -----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2FKCULiab15n1BD6QvFz382kt 4GsDvuOM5tmYeZD7l8MucSyPpPORFyaWGoKI+pTwAKKbDy2epqq7WtYxOfqA1AzU 1mNsk6XRTBHa2XzuSF+/0rXYj78p2hP4dnYPVbpCZCdrXNMWl+7hmrKfXNB7PvPA e0fQctUno7WElS37qwIDAQAB -----END PUBLIC KEY-----
openssl asn1parse -i -in pubkey.pkcs8.pem
# cat pubkey.pkcs8.pem 0:d=0 hl=3 l= 159 cons: SEQUENCE 3:d=1 hl=2 l= 13 cons: SEQUENCE 5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 6:d=2 hl=2 l= 0 prim: NULL 18:d=1 hl=3 l= 141 prim: BIT STRING
PKCS#1/8 public-private key conversion
# PKCS#1 / 8 public-private key conversion #generate #1 Public: ` OpenSSL genrsa - out prikey pkcs1. pem 1024` #1 Private transfer #8 private: ` OpenSSL pkcs8 - in prikey pkcs1. pem -out prikey. pkcs8. pem -nocrypt ` #8 Private transfer #1: ` OpenSSL RSA - in prikey pkcs8. pem -out prikey. pkcs1. pem` #1 Private transfer #1 Public: ` OpenSSL RSA - in prikey pkcs1. pem -out pubkey. pkcs1. pem -RSAPublicKey_ out` #8 Private transfer #8 public: ` OpenSSL RSA - in prikey pkcs8. pem -out pubkey. pkcs8. pem -pubout` #1 revolution #8 public: ` OpenSSL RSA - in pubkey pkcs1. pem -out pubkey. pkcs8. pem -pubout -RSAPublicKey_ in` #8 revolution #1 Public: ` OpenSSL RSA - in pubkey pkcs8. pem -out pubkey. pkcs1. pem -pubin -RSAPublicKey_ out` #1 Private transfer #8 public: ` OpenSSL RSA - in prikey pkcs1. pem -out pubkey. pkcs8. pem -pubout`
reference resources
#Secret key / Certificate / https handshake / CA related concepts
#Analyze RSA private key file format with openssl command
#RSA public private key format analysis and its conversion method between Java and Openssl
#Principle of RSA algorithm (I)
#openssl RSA key format PKCS1 and PKCS8 convert to each other