1. 首页
  2. 问答
  3. 作为公钥使用返回的密钥的问题长于私有密钥

作为公钥使用返回的密钥的问题长于私有密钥

2015-06-03 140 views
1

我正在使用openssl_pkey_new生成密钥对。由于公钥长于私钥,返回的密钥似乎存在问题。用私钥签名的数据可以用公钥进行验证。我只是想确保我没有在某个地方做错事。谢谢作为公钥使用返回的密钥的问题长于私有密钥

这里是我用来生成密钥的代码:

$config = array(
"digest_alg" => "sha512", 
"private_key_bits" => 4096, 
"private_key_type" => OPENSSL_ALGO_SHA1, 
); 

$res = openssl_pkey_new($config); 
openssl_pkey_export($res, $privKey); 
$pubKey = openssl_pkey_get_details($res); 
$pubKey = $pubKey["key"];

这里是我使用的签名和验证

//sign data 
openssl_sign($data, $signature, $privKey, OPENSSL_ALGO_SHA1) or die("ERROR"); 
$signature = base64_encode($signature); 

//validate signature 
$signature = base64_decode($signature); 
$valid = openssl_verify($file, $signature, $pubKey, OPENSSL_ALGO_SHA1);

下面是样品键从返回的代码我服务器(Ubuntu 14.04):

-----BEGIN PRIVATE KEY----- 
MIIEZQIBADCCBDoGByqGSM44BAEwggQtAoICAQC15h4XFOpUx1KgHisqrj0hkuyk 
iGoLqS/qYqXCoBAN7jMO/vLdVpKlmy6jeGGl0aA/SfIgX4EUTMoMcTTEPi7YSbjg 
JiAtuOEGLYHI+94/xbd8+9M//RGV5EhR4LqsaxQPIdQv9JY8EBeZ7hqab5Mx+nQI 
zV7r4017dTQyvpxiXQg+3cAp/TZnY+ptlYLhup4RGL0VluJrEfkQj53n65YEm19f 
YQMp2Qq5CPQu5mUzDJLXZYFinwlLV+rtKKFfkdhu7/KLyVVf+XTl/ftxWBgqJLS7 
RuBJOKM1rNlDvrGAo9ow2vU/siTIxkaCM0LYSFEv5d+jmkkXR3tNaK+Yv6Z7oNix 
f+MZBBvI+kOSZdLj2t+9K5CjpwstB4Um5iEFiFe6srE/PMnINlNrwLt34emY9nUs 
ozzL9B6DkceTr8XygDRDHqWArbO62/rdx28el/OBkolCpQWyo32Jwu54DNLxZjbG 
bVuyLQXSvPzoL+FJFSjqaO5DA0ThwcHk5BJEKEVijQPYTNW7s9RwSPSYDtAyIV17 
ABfCE3SWmVEuc5lubRqpbBoNlYYav8SumNVmTPhb7SDpnKcoCGbRYxigiYZ3PkZ3 
ylh3oOlmodNzKaCF6xoswgdYH5EBr4b6pvuEO3AHm8/Y4oRcsOBmkN83fx1daL/d 
CPv9RJ/M84LNJ6ai4QIhAJyNUW+/L7Gz61Y2ZcDOT9ZNuzAjud9yL5y7/kMGJlxJ 
AoICAQCSfv09VttO+p5V0d2Sb0BcFF00c9jMDlvhHvFi7EfZt7d0qVimyKegg2Rk 
Ryw5xfF3iknWq5ogPOjHZuNurf/rMETZ9gHt2oKOutIWiYko//n1wXwXStjDdi/O 
2IX87e84UCJeLDHkc6uK3FJvob+qyOKhosEWKiawtCTMQkCS645pJPk3JKK2LQTz 
c596wmht9WmfJQVQU202OQHEzJwX/xiXyyRDdmYVSQ7/BFglqVsNsqZTFU7kBc1b 
6WAb+V1VAg4KDm3/HhfUkx6TwKpPuU5RggJlNUFauGSZb6jTeEy4pGRaoMB0MUuA 
1fsuzQgEe66OdMfVI1JxqV+MNHxH/scqz7hjdxjWemboQFVEAE7mxBy0bf/X58MJ 
VZSrwn5WV03Jq/aE57Pmj4a5TMbDtKus8MxQwBgucPtK7jIyXqdHZXUPnpbdYVAM 
qqvX3mP+jIepGvX+ijlShaaaIBnmuJzjBfqsez0uTRzfmoWUFX92okYn+1/DnbNX 
DIXXrR1A6ZSuDolGyDj5lKXjbI6Uuln3Nfps/3UFKV3QDPzWDhCmGAG5hN6XhLMn 
m+38IcHMuPNMt2QDAjH5fCHXI6wvcNLFI9U00arABSdxHBEET93/WgZj2S2HnAjG 
wMgt9pjWUZ8PuFw6nJF4U9uEft/XiR6iwKzRzQy8fcyW6uv2bAQiAiB7M9Ej3OKN 
DAGV1lKKijODBVsDjfwo4MNjiGqHjDvqug== 
-----END PRIVATE KEY----- 

-----BEGIN PUBLIC KEY----- 
MIIGSDCCBDoGByqGSM44BAEwggQtAoICAQC15h4XFOpUx1KgHisqrj0hkuykiGoL 
qS/qYqXCoBAN7jMO/vLdVpKlmy6jeGGl0aA/SfIgX4EUTMoMcTTEPi7YSbjgJiAt 
uOEGLYHI+94/xbd8+9M//RGV5EhR4LqsaxQPIdQv9JY8EBeZ7hqab5Mx+nQIzV7r 
4017dTQyvpxiXQg+3cAp/TZnY+ptlYLhup4RGL0VluJrEfkQj53n65YEm19fYQMp 
2Qq5CPQu5mUzDJLXZYFinwlLV+rtKKFfkdhu7/KLyVVf+XTl/ftxWBgqJLS7RuBJ 
OKM1rNlDvrGAo9ow2vU/siTIxkaCM0LYSFEv5d+jmkkXR3tNaK+Yv6Z7oNixf+MZ 
BBvI+kOSZdLj2t+9K5CjpwstB4Um5iEFiFe6srE/PMnINlNrwLt34emY9nUsozzL 
9B6DkceTr8XygDRDHqWArbO62/rdx28el/OBkolCpQWyo32Jwu54DNLxZjbGbVuy 
LQXSvPzoL+FJFSjqaO5DA0ThwcHk5BJEKEVijQPYTNW7s9RwSPSYDtAyIV17ABfC 
E3SWmVEuc5lubRqpbBoNlYYav8SumNVmTPhb7SDpnKcoCGbRYxigiYZ3PkZ3ylh3 
oOlmodNzKaCF6xoswgdYH5EBr4b6pvuEO3AHm8/Y4oRcsOBmkN83fx1daL/dCPv9 
RJ/M84LNJ6ai4QIhAJyNUW+/L7Gz61Y2ZcDOT9ZNuzAjud9yL5y7/kMGJlxJAoIC 
AQCSfv09VttO+p5V0d2Sb0BcFF00c9jMDlvhHvFi7EfZt7d0qVimyKegg2RkRyw5 
xfF3iknWq5ogPOjHZuNurf/rMETZ9gHt2oKOutIWiYko//n1wXwXStjDdi/O2IX8 
7e84UCJeLDHkc6uK3FJvob+qyOKhosEWKiawtCTMQkCS645pJPk3JKK2LQTzc596 
wmht9WmfJQVQU202OQHEzJwX/xiXyyRDdmYVSQ7/BFglqVsNsqZTFU7kBc1b6WAb 
+V1VAg4KDm3/HhfUkx6TwKpPuU5RggJlNUFauGSZb6jTeEy4pGRaoMB0MUuA1fsu 
zQgEe66OdMfVI1JxqV+MNHxH/scqz7hjdxjWemboQFVEAE7mxBy0bf/X58MJVZSr 
wn5WV03Jq/aE57Pmj4a5TMbDtKus8MxQwBgucPtK7jIyXqdHZXUPnpbdYVAMqqvX 
3mP+jIepGvX+ijlShaaaIBnmuJzjBfqsez0uTRzfmoWUFX92okYn+1/DnbNXDIXX 
rR1A6ZSuDolGyDj5lKXjbI6Uuln3Nfps/3UFKV3QDPzWDhCmGAG5hN6XhLMnm+38 
IcHMuPNMt2QDAjH5fCHXI6wvcNLFI9U00arABSdxHBEET93/WgZj2S2HnAjGwMgt 
9pjWUZ8PuFw6nJF4U9uEft/XiR6iwKzRzQy8fcyW6uv2bAOCAgYAAoICAQCX8KyH 
tig1Zfk/QxC5d5cNEICobFmjq1UwbgtmCCwnP2A4Y5nxJS5Inf3VIJzp/10XMSMp 
6OjS0bXgaor6Urznl0aDPfSucXpYpkKJBvPBeBC60NhHYLgFMPapIHPR9erlTlpN 
j/5jmXjSselV3aZd/gVt5TLBbevQdlJYmrGsrM8y8ZohgZGGnIGTqByu7x4q+8oV 
53+Li5T/u9zmmZxwzABBLuxlrDlVsfyQLl31AULbYM+d08DoBWxX/NNb/1cvZZSS 
x2/lYpv+NYbNrzGI0RzkOyUZjkNmgZ2TZOY3r7DoAmHbCam3dDXfrgV25wnGX0Kr 
q+WK2TLgTPvf3DyPLCmgfgcDYKXx1spQRWwoBoKd8BaLbqob3r56U+v25hflSWHK 
y57uWSRPxLe6UUQ6IRoOEJ3Ld4WbW6y7Repn0DXog1JjjrAivbvXCDVDsVETDYr4 
K+C4IypX6uasT498TsZ65WGyk/woNABgQesgv0UPSOYMGIfILe0MALK1MGOzJuXE 
pCf60ydWCMo+keVDA+mZpXh/yZR3Gc/myA/eKw7GoiD+d9ulHyOhjaXV02PsW112 
YlkdmJLJ+FkCKt7TqJPSeWTV0/1TTYZMgX7av8uZQKQEcNNNXUYinSq75BrdH/tg 
wVDtl2d4MKvtijLhHpzxtAHuhax6hBg2ViuUjg== 
-----END PUBLIC KEY-----

来源

2015-06-03 crazy8

+0

是https://stackoverflow.com/questions/19343022/can-a-public-key-have-a-different-length-encryption-than-the-private-key有关吗? –

回答

1

这些是带有256位素数的DSA密钥q和4096位模数p。对于DSA密钥,随机秘密x的订单为q,公众y的值为订单p(y = g^x模p)。在这种情况下,公钥和私钥都包含所有参数p,q和生成器g。但是由于y大于x,公钥仍然大于私钥。这是设计。

,另一方面RSA密钥通常有一个小型公共指数e和私人指数模d的大小。此外,私钥通常包含执行中国剩余定理计算所需的所有参数(以4的倍数加速RSA)。因此,对于RSA,私钥通常比公钥更大。

您可以检查使用在线ASN.1解码器(不要复制开始---线)的public key和私钥的值。然后,您可以使用OID存储库查找DSA OID。如果你不介意的话,我不会去探访DSA wikipedia page

来源

2015-06-03 21:42:53

相关问题

 相关问题