blob: 4ebb23a086cab4bc6fa3fbc2e4a68cda4daefaf4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
This test data was produced by creating a self-signed RSA cert using OpenSSL,
and then extracting the relevant fields.
It uses RSA PKCS#1 v1.5 with SHA-512 and a 2048-bit key.
(1) Generate self-signed certificate
openssl genrsa -out rsa_key.pem 2048
openssl req -new -key rsa_key.pem -x509 -nodes -days 365 -sha512 -out cert.pem
(2) Extract public key
openssl x509 -in cert.pem -pubkey -noout > pubkey.pem
cat pubkey.pem
(3) Extract signed data (tbsCertificate)
openssl asn1parse -in cert.pem -out tbs -noout -strparse 4
base64 tbs
(4) Extract signature algorithm
# Find the offset of the signature algorithm near the end (589 in this case)
openssl asn1parse -in cert.pem
openssl asn1parse -in cert.pem -out alg -noout -strparse 589
base64 alg
(5) Extract the signature
# Find the final offset of BIT STRING (506 in this case)
openssl asn1parse -in cert.pem
openssl asn1parse -in cert.pem -out sig -noout -strparse 506
base64 sig
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=4 l= 290 cons: SEQUENCE
4:d=1 hl=2 l= 13 cons: SEQUENCE
6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
17:d=2 hl=2 l= 0 prim: NULL
19:d=1 hl=4 l= 271 prim: BIT STRING
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcu2shJRrXFAwMkf30y2AY1zIg9VF/h
egYcejzdR2AzUb8vU2TXld2i8pp44l+DrvtqmzS7G+yxx3uOx+zsoqBaUT0c9HfkbE+IRmcLkQF
vYpSpm6Eu8OS14CSmEtiR91Et8LR0+bd0Gn3pgmb+epFJBaBPeDSiI/smqKCs7yP04+tS4Q4r47
G04LhSp4/hmqH32b4Gcm9nsihHV9FfPfVdxDQUEJp3AgyBPwhPZEAyhoQS73TjjxXHqJRSz37Sl
ueMVPuNncqbT4nAMKz25J1CtRlQh21uZzfY2QRP3m6rAZquQUos1febC6A7qmhQljWKKmXtfVY+
fAamstdHrWwIDAQAB
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 13 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :sha512WithRSAEncryption
13:d=1 hl=2 l= 0 prim: NULL
-----BEGIN ALGORITHM-----
MA0GCSqGSIb3DQEBDQUA
-----END ALGORITHM-----
-----BEGIN DATA-----
MIICRaADAgECAgkA7jWRLkwHvHswDQYJKoZIhvcNAQENBQAwRTELMAkGA1UEBhMCQVUxEzARBgN
VBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xNT
A3MjgwMjIyMzFaFw0xNjA3MjcwMjIyMzFaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lL
VN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDNy7ayElGtcUDAyR/fTLYBjXMiD1UX+F6Bhx6PN1HYDNRvy9TZNeV
3aLymnjiX4Ou+2qbNLsb7LHHe47H7OyioFpRPRz0d+RsT4hGZwuRAW9ilKmboS7w5LXgJKYS2JH
3US3wtHT5t3QafemCZv56kUkFoE94NKIj+yaooKzvI/Tj61LhDivjsbTguFKnj+GaoffZvgZyb2
eyKEdX0V899V3ENBQQmncCDIE/CE9kQDKGhBLvdOOPFceolFLPftKW54xU+42dyptPicAwrPbkn
UK1GVCHbW5nN9jZBE/ebqsBmq5BSizV95sLoDuqaFCWNYoqZe19Vj58Bqay10etbAgMBAAGjUDB
OMB0GA1UdDgQWBBRsCPajkEscZM6SpLbNTa/7dY5azzAfBgNVHSMEGDAWgBRsCPajkEscZM6SpL
bNTa/7dY5azzAMBgNVHRMEBTADAQH/
-----END DATA-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=4 l= 257 prim: BIT STRING
-----BEGIN SIGNATURE-----
A4IBAQAhKSNq+X/CfzhtNsMo6MJpTBjJBV5fhHerIZr6e3ozCTBCR29vYsVnJ4/6i5lL1pNeOhM
ldthnuSlMzTS1Zme1OqRWB3U8QmwCFwhDxW/i4fdT8kxDAmELNp4z0GcXbe27V895PE0R/m8P47
B6xbra+SQlEMW12K1EndUqrO6vgLbobV14mveWdgc0KIOnDKgsTHV8NTV1w3qtp1ujfvizYfBZu
yyMOA1yZPDpREZtClro7lufwDQ7+LgSdtNLMDAMzapfIjAEPVNVLmJzMgzaHqMsZM8gP8vWAdfc
R4mCmWXVotrM6d1rjJGdRADAONYCC4/+d1IMkVGoVfpaej6I
-----END SIGNATURE-----
|
