Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

golang x509.MarshalPKIXPublicKey vs x509.MarshalPKCS1PublicKey()

Tags:

go

rsa

pkix

Can anyone help me understand the difference between MarshalPKIXPublicKey() and MarshalPKCS1PublicKey()?

according to the comment: // MarshalPKIXPublicKey serialises a public key to DER-encoded PKIX format.

// MarshalPKCS1PublicKey converts an RSA public key to PKCS#1, ASN.1 DER form.

what is a DER-encoded PKIX format ?

Thanks

like image 816
Feng Xi Avatar asked Apr 17 '18 11:04

Feng Xi


1 Answers

You don't make clear how much you don't (or do) understand. To start from the basics:

ASN.1 (Abstract Syntax Notation One) is a general scheme for defining the structure of data to be communicated or interchanged between systems or programs.

DER (Distinguished Encoding Rules) is a scheme defined to encode ASN.1 data to sequences of bytes that can be communicated and/or stored, and decode those sequences of bytes back to ASN.1 data losslessly.

PKCS1 aka RFCs 2313,2437,3447,8017 (Public Key Cryptography Standard #1) is a standard that defines a range of things about using the RSA algorithm, among which Appendix A defines an ASN.1 structure named RSAPublicKey to represent an RSA public key, which like any ASN.1 structure can be DER-encoded.

MarshalPKCS1PublicKey converts an RSA public key to PKCS#1, ASN.1 DER form.

clearly means the DER encoding of the ASN.1 structure for an RSA public key in PKCS1.

PKIX (Public Key Infrastructure X.509) is an Internet variant (formally, a profile) of the X.509 standard originally defined by then-CCITT now-ITU-T, currently in rfc5280. X.509, and PKIX, primarily defines a format for a public-key certificate which binds a public-key to an identity along with other metadata. To do this it has to contain a representation of a public-key that can handle multiple public-key algorithms, which is done using the SubjectPublicKeyInfo structure which, fairly simply, consists of an AlgorithmIdentifier that identifies the algorithm, plus a BIT STRING that contains the actual public-key value in an algorithm-dependent manner. The algorithm-dependent part for RSA is specified in rfc3279 sec 2.3.1 and as you see it is the RSAPublicKey strucuture from PKCS1, DER encoded.

Thus 'DER-encoded PKIX format' of an RSA public key means the DER encoding of a PKIX/X.509 SubjectPublicKeyInfo structure containing the algorithmIdentifier for RSA (OID 1.2.840.113549.1.1.1 and parameters NULL) and a BIT STRING containing the DER encoded PKCS1 RSAPublicKey.

Related or similar (although most include private not public and/or PEM not DER):
How to store/retrieve RSA public/private key
How do we convert a String from PEM to DER format
Problem transmiting a RSA public key, javaME , bouncy castle
Generating RSA keys in PKCS#1 format in Java
How to generate PKCS#1 RSA keys in PEM Format?
Converting RSA keys into SubjectPublicKeyInfo Form from BigIntegers
Convert a X509 Public key to RSA public key
Load public key to create rsa object for public encryption
and cross-stack:
https://crypto.stackexchange.com/questions/19149/what-is-the-technical-name-for-a-public-key-container-in-der-format
https://crypto.stackexchange.com/questions/54121/rsa-key-differences-openssl-cli-vs-openssl-ssl-h-c-function

like image 76
dave_thompson_085 Avatar answered Dec 09 '22 12:12

dave_thompson_085