Re: [pkix] [RFC 6960] How to calculate the issuerKeyHash?
Russ Housley <housley@vigilsec.com> Mon, 15 September 2014 14:48 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B6B91A036B for <pkix@ietfa.amsl.com>; Mon, 15 Sep 2014 07:48:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bp11TjiCt2E1 for <pkix@ietfa.amsl.com>; Mon, 15 Sep 2014 07:48:34 -0700 (PDT)
Received: from odin.smetech.net (mail.smetech.net [209.135.209.4]) by ietfa.amsl.com (Postfix) with ESMTP id C01531A031D for <pkix@ietf.org>; Mon, 15 Sep 2014 07:48:33 -0700 (PDT)
Received: from localhost (unknown [209.135.209.5]) by odin.smetech.net (Postfix) with ESMTP id 89E56F2C105; Mon, 15 Sep 2014 10:48:23 -0400 (EDT)
X-Virus-Scanned: amavisd-new at smetech.net
Received: from odin.smetech.net ([209.135.209.4]) by localhost (ronin.smeinc.net [209.135.209.5]) (amavisd-new, port 10024) with ESMTP id HV-d6C3q-D+O; Mon, 15 Sep 2014 10:48:02 -0400 (EDT)
Received: from [192.168.2.108] (pool-96-255-133-207.washdc.fios.verizon.net [96.255.133.207]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by odin.smetech.net (Postfix) with ESMTP id 74C86F2C0BD; Mon, 15 Sep 2014 10:48:02 -0400 (EDT)
Mime-Version: 1.0 (Apple Message framework v1085)
Content-Type: text/plain; charset="us-ascii"
From: Russ Housley <housley@vigilsec.com>
X-Priority: 3 (Normal)
In-Reply-To: <2240.79.218.218.86.1410441462.squirrel@www2.informatik.hu-berlin.de>
Date: Mon, 15 Sep 2014 10:47:51 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <54EA8AB8-3F25-4BE4-AC67-8E807D6DD3A6@vigilsec.com>
References: <2240.79.218.218.86.1410441462.squirrel@www2.informatik.hu-berlin.de>
To: Annie Yousar <a.yousar@informatik.hu-berlin.de>
X-Mailer: Apple Mail (2.1085)
Archived-At: http://mailarchive.ietf.org/arch/msg/pkix/P7V0-0FxivPI6GN4NoSZpAPBuMI
Cc: pkix@ietf.org
Subject: Re: [pkix] [RFC 6960] How to calculate the issuerKeyHash?
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Sep 2014 14:48:35 -0000
You need to look at SubjectPublicKey, not SubjectPublicKeyInfo. So, this is the BIT STRING. And, the BIT STRING length and tags are omitted from the hash calculation.
Russ
On Sep 11, 2014, at 9:17 AM, Annie Yousar wrote:
> Dear all,
> on p. 13 in RFC 6960 we read
>
> o issuerKeyHash is the hash of the issuer's public key. The hash
> shall be calculated over the value (excluding tag and length) of
> the subject public key field in the issuer's certificate.
>
> It is not clear which tag is exluded.
> Let us make an example. Take the public key:
>
> -----BEGIN PUBLIC KEY-----
> MDwwDQYJKoZIhvcNAQEBBQADKwAwKAIhAJ6Yu4Y8e3ENVMwV0U/BczPwPtRTh1yB
> BeLcW4yQeqtTAgMBAAE=
> -----END PUBLIC KEY-----
>
> This is Peter's ASN.1 dump:
> 0 60: SEQUENCE {
> 2 13: SEQUENCE {
> 4 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
> 15 0: NULL
> : }
> 17 43: BIT STRING, encapsulates {
> 20 40: SEQUENCE {
> 22 33: INTEGER
> : 00 9E 98 BB 86 3C 7B 71 0D 54 CC 15 D1 4F C1 73
> : 33 F0 3E D4 53 87 5C 81 05 E2 DC 5B 8C 90 7A AB
> : 53
> 57 3: INTEGER 65537
> : }
> : }
> : }
>
> Therefore this public RSA key is in fact of type SubjectPublicKeyInfo as
> described in RFC 5280, and could appear in a certificate:
>
> SubjectPublicKeyInfo ::= SEQUENCE {
> algorithm AlgorithmIdentifier,
> subjectPublicKey BIT STRING }
>
> The hex data for the key identifier used in AKI and SKI (refer to RFC
> 5280) is
> 30280221009E98BB863C7B710D54CC15D14FC17333F03
> ED453875C8105E2DC5B8C907AAB530203010001
>
> with the BIT STRING's tag, length and unused bits peeled off.
> The keyIdentifier value is computed as
> 92:FB:90:FA:21:0B:77:8C:91:3E:C2:0F:A7:C2:54:56:CA:F6:A0:03
>
> Which tag is excluded for IssuerKeyHash calculation?
> The SEQUENCE's tag or the BIT STRINGS's tag?
> And what about the unused bits byte in the latter case?
>
> Regards,
> Ann.
>
> _______________________________________________
> pkix mailing list
> pkix@ietf.org
> https://www.ietf.org/mailman/listinfo/pkix
- [pkix] [RFC 6960] How to calculate the issuerKeyH… Annie Yousar
- Re: [pkix] [RFC 6960] How to calculate the issuer… Russ Housley