douzhi1879 2015-06-03 16:10
浏览 46

返回密钥的问题是公钥长于私有

I am generating a Key Pair using openssl_pkey_new. There seems to be an issue with the returned keys as the public key is longer than the private. Data signed with Private Key can be validated with the public key. I just want to make sure I am not doing something wrong somewhere. Thank you

Here is the code I am using to generate the keys:

$config = array(
"digest_alg" => "sha512",
"private_key_bits" => 4096,
"private_key_type" => OPENSSL_ALGO_SHA1,
);

$res = openssl_pkey_new($config);
openssl_pkey_export($res, $privKey);
$pubKey = openssl_pkey_get_details($res);
$pubKey = $pubKey["key"];

Here is the code I am using to sign and validate

//sign data
openssl_sign($data, $signature, $privKey, OPENSSL_ALGO_SHA1) or die("ERROR");
$signature = base64_encode($signature); 

//validate signature
$signature = base64_decode($signature);  
$valid = openssl_verify($file, $signature, $pubKey, OPENSSL_ALGO_SHA1);

Here are sample keys returned from my server (Ubuntu 14.04):

-----BEGIN PRIVATE KEY-----
MIIEZQIBADCCBDoGByqGSM44BAEwggQtAoICAQC15h4XFOpUx1KgHisqrj0hkuyk
iGoLqS/qYqXCoBAN7jMO/vLdVpKlmy6jeGGl0aA/SfIgX4EUTMoMcTTEPi7YSbjg
JiAtuOEGLYHI+94/xbd8+9M//RGV5EhR4LqsaxQPIdQv9JY8EBeZ7hqab5Mx+nQI
zV7r4017dTQyvpxiXQg+3cAp/TZnY+ptlYLhup4RGL0VluJrEfkQj53n65YEm19f
YQMp2Qq5CPQu5mUzDJLXZYFinwlLV+rtKKFfkdhu7/KLyVVf+XTl/ftxWBgqJLS7
RuBJOKM1rNlDvrGAo9ow2vU/siTIxkaCM0LYSFEv5d+jmkkXR3tNaK+Yv6Z7oNix
f+MZBBvI+kOSZdLj2t+9K5CjpwstB4Um5iEFiFe6srE/PMnINlNrwLt34emY9nUs
ozzL9B6DkceTr8XygDRDHqWArbO62/rdx28el/OBkolCpQWyo32Jwu54DNLxZjbG
bVuyLQXSvPzoL+FJFSjqaO5DA0ThwcHk5BJEKEVijQPYTNW7s9RwSPSYDtAyIV17
ABfCE3SWmVEuc5lubRqpbBoNlYYav8SumNVmTPhb7SDpnKcoCGbRYxigiYZ3PkZ3
ylh3oOlmodNzKaCF6xoswgdYH5EBr4b6pvuEO3AHm8/Y4oRcsOBmkN83fx1daL/d
CPv9RJ/M84LNJ6ai4QIhAJyNUW+/L7Gz61Y2ZcDOT9ZNuzAjud9yL5y7/kMGJlxJ
AoICAQCSfv09VttO+p5V0d2Sb0BcFF00c9jMDlvhHvFi7EfZt7d0qVimyKegg2Rk
Ryw5xfF3iknWq5ogPOjHZuNurf/rMETZ9gHt2oKOutIWiYko//n1wXwXStjDdi/O
2IX87e84UCJeLDHkc6uK3FJvob+qyOKhosEWKiawtCTMQkCS645pJPk3JKK2LQTz
c596wmht9WmfJQVQU202OQHEzJwX/xiXyyRDdmYVSQ7/BFglqVsNsqZTFU7kBc1b
6WAb+V1VAg4KDm3/HhfUkx6TwKpPuU5RggJlNUFauGSZb6jTeEy4pGRaoMB0MUuA
1fsuzQgEe66OdMfVI1JxqV+MNHxH/scqz7hjdxjWemboQFVEAE7mxBy0bf/X58MJ
VZSrwn5WV03Jq/aE57Pmj4a5TMbDtKus8MxQwBgucPtK7jIyXqdHZXUPnpbdYVAM
qqvX3mP+jIepGvX+ijlShaaaIBnmuJzjBfqsez0uTRzfmoWUFX92okYn+1/DnbNX
DIXXrR1A6ZSuDolGyDj5lKXjbI6Uuln3Nfps/3UFKV3QDPzWDhCmGAG5hN6XhLMn
m+38IcHMuPNMt2QDAjH5fCHXI6wvcNLFI9U00arABSdxHBEET93/WgZj2S2HnAjG
wMgt9pjWUZ8PuFw6nJF4U9uEft/XiR6iwKzRzQy8fcyW6uv2bAQiAiB7M9Ej3OKN
DAGV1lKKijODBVsDjfwo4MNjiGqHjDvqug==
-----END PRIVATE KEY-----

-----BEGIN PUBLIC KEY-----
MIIGSDCCBDoGByqGSM44BAEwggQtAoICAQC15h4XFOpUx1KgHisqrj0hkuykiGoL
qS/qYqXCoBAN7jMO/vLdVpKlmy6jeGGl0aA/SfIgX4EUTMoMcTTEPi7YSbjgJiAt
uOEGLYHI+94/xbd8+9M//RGV5EhR4LqsaxQPIdQv9JY8EBeZ7hqab5Mx+nQIzV7r
4017dTQyvpxiXQg+3cAp/TZnY+ptlYLhup4RGL0VluJrEfkQj53n65YEm19fYQMp
2Qq5CPQu5mUzDJLXZYFinwlLV+rtKKFfkdhu7/KLyVVf+XTl/ftxWBgqJLS7RuBJ
OKM1rNlDvrGAo9ow2vU/siTIxkaCM0LYSFEv5d+jmkkXR3tNaK+Yv6Z7oNixf+MZ
BBvI+kOSZdLj2t+9K5CjpwstB4Um5iEFiFe6srE/PMnINlNrwLt34emY9nUsozzL
9B6DkceTr8XygDRDHqWArbO62/rdx28el/OBkolCpQWyo32Jwu54DNLxZjbGbVuy
LQXSvPzoL+FJFSjqaO5DA0ThwcHk5BJEKEVijQPYTNW7s9RwSPSYDtAyIV17ABfC
E3SWmVEuc5lubRqpbBoNlYYav8SumNVmTPhb7SDpnKcoCGbRYxigiYZ3PkZ3ylh3
oOlmodNzKaCF6xoswgdYH5EBr4b6pvuEO3AHm8/Y4oRcsOBmkN83fx1daL/dCPv9
RJ/M84LNJ6ai4QIhAJyNUW+/L7Gz61Y2ZcDOT9ZNuzAjud9yL5y7/kMGJlxJAoIC
AQCSfv09VttO+p5V0d2Sb0BcFF00c9jMDlvhHvFi7EfZt7d0qVimyKegg2RkRyw5
xfF3iknWq5ogPOjHZuNurf/rMETZ9gHt2oKOutIWiYko//n1wXwXStjDdi/O2IX8
7e84UCJeLDHkc6uK3FJvob+qyOKhosEWKiawtCTMQkCS645pJPk3JKK2LQTzc596
wmht9WmfJQVQU202OQHEzJwX/xiXyyRDdmYVSQ7/BFglqVsNsqZTFU7kBc1b6WAb
+V1VAg4KDm3/HhfUkx6TwKpPuU5RggJlNUFauGSZb6jTeEy4pGRaoMB0MUuA1fsu
zQgEe66OdMfVI1JxqV+MNHxH/scqz7hjdxjWemboQFVEAE7mxBy0bf/X58MJVZSr
wn5WV03Jq/aE57Pmj4a5TMbDtKus8MxQwBgucPtK7jIyXqdHZXUPnpbdYVAMqqvX
3mP+jIepGvX+ijlShaaaIBnmuJzjBfqsez0uTRzfmoWUFX92okYn+1/DnbNXDIXX
rR1A6ZSuDolGyDj5lKXjbI6Uuln3Nfps/3UFKV3QDPzWDhCmGAG5hN6XhLMnm+38
IcHMuPNMt2QDAjH5fCHXI6wvcNLFI9U00arABSdxHBEET93/WgZj2S2HnAjGwMgt
9pjWUZ8PuFw6nJF4U9uEft/XiR6iwKzRzQy8fcyW6uv2bAOCAgYAAoICAQCX8KyH
tig1Zfk/QxC5d5cNEICobFmjq1UwbgtmCCwnP2A4Y5nxJS5Inf3VIJzp/10XMSMp
6OjS0bXgaor6Urznl0aDPfSucXpYpkKJBvPBeBC60NhHYLgFMPapIHPR9erlTlpN
j/5jmXjSselV3aZd/gVt5TLBbevQdlJYmrGsrM8y8ZohgZGGnIGTqByu7x4q+8oV
53+Li5T/u9zmmZxwzABBLuxlrDlVsfyQLl31AULbYM+d08DoBWxX/NNb/1cvZZSS
x2/lYpv+NYbNrzGI0RzkOyUZjkNmgZ2TZOY3r7DoAmHbCam3dDXfrgV25wnGX0Kr
q+WK2TLgTPvf3DyPLCmgfgcDYKXx1spQRWwoBoKd8BaLbqob3r56U+v25hflSWHK
y57uWSRPxLe6UUQ6IRoOEJ3Ld4WbW6y7Repn0DXog1JjjrAivbvXCDVDsVETDYr4
K+C4IypX6uasT498TsZ65WGyk/woNABgQesgv0UPSOYMGIfILe0MALK1MGOzJuXE
pCf60ydWCMo+keVDA+mZpXh/yZR3Gc/myA/eKw7GoiD+d9ulHyOhjaXV02PsW112
YlkdmJLJ+FkCKt7TqJPSeWTV0/1TTYZMgX7av8uZQKQEcNNNXUYinSq75BrdH/tg
wVDtl2d4MKvtijLhHpzxtAHuhax6hBg2ViuUjg==
-----END PUBLIC KEY-----
  • 写回答

1条回答 默认 最新

  • dongxixian7803 2015-06-03 21:42
    关注

    Those are DSA keys with a 256 bit prime q and a 4096 bit modulus p. For DSA keys the random secret x is of the order of q and the public y value is of order p (y = g^x mod p). In this case both the public and private key contain all the parameters p, q and the generator g. But as y is bigger than x the public key is still bigger than the private key. This is by design.

    RSA keys on the other hand usually have a small public exponent e and a private exponent the size of the modulus d. Furthermore, the private key often contains all the parameters required to perform Chinese Remainder Theorem calculations (which speed up RSA with a factor of 4). So for RSA the private key is often much larger than the public key.

    You can check the value of the public key and private key using an online ASN.1 decoder (don't copy the lines starting with ---). Then you can use the OID repository to look up the DSA OID. I won't go into visiting the DSA wikipedia page if you don't mind.

    评论

报告相同问题?

悬赏问题

  • ¥20 腾讯企业邮箱邮件可以恢复么
  • ¥15 有人知道怎么将自己的迁移策略布到edgecloudsim上使用吗?
  • ¥15 错误 LNK2001 无法解析的外部符号
  • ¥50 安装pyaudiokits失败
  • ¥15 计组这些题应该咋做呀
  • ¥60 更换迈创SOL6M4AE卡的时候,驱动要重新装才能使用,怎么解决?
  • ¥15 让node服务器有自动加载文件的功能
  • ¥15 jmeter脚本回放有的是对的有的是错的
  • ¥15 r语言蛋白组学相关问题
  • ¥15 Python时间序列如何拟合疏系数模型