Subject Key Identifier hash method

Corey Bonnell Corey.Bonnell at
Wed Jun 7 14:37:37 UTC 2023

The hash method isn't explicitly encoded in the certificate, but it can be 
derived if you have the SubjectPublicKey(Info). If you have the public key, 
then you can calculate the IDs using the various methods and seeing which one 
matches the ID encoded in the certificate. The first method defined in RFC 
5280, section 
(SHA-1 of the subjectPublicKey field (not the SPKI as a whole)) is by far the 
most common method. The two methods in RFC 5280 require only the 
subjectPublicKey, whereas some of the methods defined in RFC 7093 use the 
SubjectPublicKeyInfo as a whole.


-----Original Message-----
From: openssl-users <openssl-users-bounces at> On Behalf Of Robert 
Sent: Wednesday, June 7, 2023 8:57 AM
To: openssl-users at
Subject: Subject Key Identifier hash method

I am trying to figure out if the Subject Key Identifier hash method is carried 
in the certificate.  An asn1dump of a "regular" cert shows:

   276:d=4  hl=2 l=  29 cons:     SEQUENCE
   278:d=5  hl=2 l=   3 prim:      OBJECT            :X509v3 Subject Key 
   283:d=5  hl=2 l=  22 prim:      OCTET STRING      [HEX 
   307:d=4  hl=2 l=  31 cons:     SEQUENCE
   309:d=5  hl=2 l=   3 prim:      OBJECT            :X509v3 Authority Key 
   314:d=5  hl=2 l=  24 prim:      OCTET STRING      [HEX

I cannot easily see if the hashing method is contained here.  I am assuming it 
is a sha2 hash of the EdDSA public keys, but how do I tell?

Of course I am asking as I want to use the rfc9374 DETs here.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4990 bytes
Desc: not available
URL: <>

More information about the openssl-users mailing list