I've seen key IDs used in several places and would like to use them in my program, but I haven't been able to find a description of them. How are they generated?
What is an RSA "key ID"?
Asked Answered
WHM/cPanel, an Apache-based website manager, says this: "Navigate to the “SSL/TLS Manager” interface if you require the private key for this certificate. The key ID for the private key is “efe15_f8dad_aee7dcf0a11181a2d0d8968ee10ea9a4”. Obviously, the term "key ID for a private key" means SOMETHING, but I cannot find it in a Web search. it would be nice to have an answer to this variant of the question. –
Photina
In different formats (PGP, SSH, X.509 certificates) key ID has different meaning. Neither SSH nor X.509 have a "dedicated" concept of key ID, but some people use this term (including their software) - in this case it's usually a hash of the public key or of the certificate in whole.
Update: the comments reminded me that "key identifier" extensions exist in X.509 certifiactes, and they sometimes are being referred to as key IDs. Yet, this is not common - usually the hash (also sometimes called the fingerprint) is referenced as key ID.
Actually, there is a concept of "key identifier" for X.509: it is a sequence of opaque bytes which you can include in a certificate extension ("Subject Key Identifier"); you can also include the key identifier from the CA ("Authority Key Identifier") and the point is to help in path building. X.509 does not mandate any specific way to generate a key identifier, it could be just random bytes (but it suggests using a hash value computed over the public key). Key identifiers are optional. –
Bellew
@Thomas Excellent, thank you for the reminder! Indeed key identifier extensions exist. Yet in practice what is shown by software and referenced to by people is usually the SHA1 hash of the key. Fingerprint is another synonym. –
Acne
In SSH, the there's a
Key Id as well, but it seems like the default principal. Not sure if there's a meaning to it beyond that. –
Impound Having just done this for my own purposes, I'll write this down while it's all fresh in my head...
The "official" key ID (that is, the content of the "X509v3 Subject Key Identifier" extension in an X509 certificate) is the SHA1 hash of the DER-encoded ASN.1 sequence consisting of the modulus and exponent of an RSA public key. It takes piecing together about three different RFCs and a bit of experimentation to come up with that, but that's how it works.
Some Ruby code to do the encoding looks like this -- feed it an RSA public or private key on stdin:
require 'openssl'
pkey = OpenSSL::PKey::RSA.new($stdin.read).public_key
seq = OpenSSL::ASN1::Sequence([OpenSSL::ASN1::Integer.new(pkey.n),
OpenSSL::ASN1::Integer.new(pkey.e)])
puts Digest::SHA1.hexdigest(seq.to_der).upcase.scan(/../).join(':')
In different formats (PGP, SSH, X.509 certificates) key ID has different meaning. Neither SSH nor X.509 have a "dedicated" concept of key ID, but some people use this term (including their software) - in this case it's usually a hash of the public key or of the certificate in whole.
Update: the comments reminded me that "key identifier" extensions exist in X.509 certifiactes, and they sometimes are being referred to as key IDs. Yet, this is not common - usually the hash (also sometimes called the fingerprint) is referenced as key ID.
Actually, there is a concept of "key identifier" for X.509: it is a sequence of opaque bytes which you can include in a certificate extension ("Subject Key Identifier"); you can also include the key identifier from the CA ("Authority Key Identifier") and the point is to help in path building. X.509 does not mandate any specific way to generate a key identifier, it could be just random bytes (but it suggests using a hash value computed over the public key). Key identifiers are optional. –
Bellew
@Thomas Excellent, thank you for the reminder! Indeed key identifier extensions exist. Yet in practice what is shown by software and referenced to by people is usually the SHA1 hash of the key. Fingerprint is another synonym. –
Acne
In SSH, the there's a
Key Id as well, but it seems like the default principal. Not sure if there's a meaning to it beyond that. –
Impound In the case of Strongswan one can display what it refers to as the keyid using its command line utilities. The main point of the keyid is that it can be used to identify the actual public key contained within a certificate so that a certificate might change but by checking the keyid one can check whether the key has changed or not.
The pki command will list the keyids of an X.509 cert as follows (where the subjectPublicKeyInfo hash is the keyid):
pki --keyid --in cert.pem --type x509
Or for an RSA private key:
pki --keyid --in key.pem
The second command is ipsec which one can use to list all the certs (and config) installed in the /etc/ipsec.d subdirectories (this command will list the certificates and their corresponding keyid which is the same as their subjectPublicKeyInfo hash listed by the pki command):
ipsec listall
Also one can use openssl to generate Strongswan's idea of a keyid, which is basically the SHA1 of the actual RSA public key (the sed script just strips the '-----BEGIN PUBLIC KEY-----' and END banners) [Corrected after Micah's comment]:
openssl x509 -in cert.pem -noout -pubkey | sed 's/--.*$//g' | base64 --decode | sha1sum
The openssl command as written does not work. Before calling sha1sum, you must first decode the base64 data into binary, like so:
openssl x509 -in cert.pem -noout -pubkey | sed 's/--.*$//g' | base64 --decode | sha1sum –
Crowning When you decrypt using gpg it provides a "long" keyID hash. To verify which key was used list the keys in long format using:
gpg --list-keys --keyid-format long
To list the keys in a different keyring without updating the default keyring use:
gpg --keyring <path-to-pubring.kbx> --no-default-keyring --list-keys
The "key ID" used for RSA key in GPG/PGP is the last 8 hex digits of the modulus of the key.
Other ways to word: 'last 8 hex digits' -> 'the last 4 bytes' and 'modulus of the key' -> 'fingerprint (MD5 or SHA-1 hash) of the key' (two-spaces for linebreaks not working in comments?) –
Tetrapody
An RSA key modulus is most assuredly not the same thing as a hash of anything. –
Avent
How do you produce the last 8 hex digits of the modulus of the key? –
Hazaki
© 2022 - 2024 — McMap. All rights reserved.