Subject Key Identifier hash method

Robert Moskowitz rgm at
Wed Jun 7 14:46:28 UTC 2023

thanks all.  It is as I thought.  You have to pretty much know what the 
CA did.  You can guess, but go read the CP!

On 6/7/23 10:37, Corey Bonnell wrote:
> The hash method isn't explicitly encoded in the certificate, but it can be
> derived if you have the SubjectPublicKey(Info). If you have the public key,
> then you can calculate the IDs using the various methods and seeing which one
> matches the ID encoded in the certificate. The first method defined in RFC
> 5280, section
> (SHA-1 of the subjectPublicKey field (not the SPKI as a whole)) is by far the
> most common method. The two methods in RFC 5280 require only the
> subjectPublicKey, whereas some of the methods defined in RFC 7093 use the
> SubjectPublicKeyInfo as a whole.
> Thanks,
> Corey
> -----Original Message-----
> From: openssl-users <openssl-users-bounces at> On Behalf Of Robert
> Moskowitz
> Sent: Wednesday, June 7, 2023 8:57 AM
> To: openssl-users at
> Subject: Subject Key Identifier hash method
> I am trying to figure out if the Subject Key Identifier hash method is carried
> in the certificate.  An asn1dump of a "regular" cert shows:
>     276:d=4  hl=2 l=  29 cons:     SEQUENCE
>     278:d=5  hl=2 l=   3 prim:      OBJECT            :X509v3 Subject Key
> Identifier
>     283:d=5  hl=2 l=  22 prim:      OCTET STRING      [HEX
> DUMP]:04144F0C1A75F4AF13DC67EC18465C020FC22A82616B
>     307:d=4  hl=2 l=  31 cons:     SEQUENCE
>     309:d=5  hl=2 l=   3 prim:      OBJECT            :X509v3 Authority Key
> Identifier
>     314:d=5  hl=2 l=  24 prim:      OCTET STRING      [HEX
> DUMP]:30168014A8885F91878E4ED6AA2056C535E2212413F96BA2
> I cannot easily see if the hashing method is contained here.  I am assuming it
> is a sha2 hash of the EdDSA public keys, but how do I tell?
> Of course I am asking as I want to use the rfc9374 DETs here.
> thanks

More information about the openssl-users mailing list