<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<br>
<br>
<div class="moz-cite-prefix">On 6/8/23 01:53, David von Oheimb
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:a3bee7ca4683910e2615fa84c4da7c7ed727e0f3.camel@von-Oheimb.de">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div>On Wed, 2023-06-07 at 10:46 -0400, Robert Moskowitz wrote:</div>
<blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px
#729fcf solid;padding-left:1ex">
<div>thanks all. It is as I thought. You have to pretty much
know what the <br>
</div>
<div>CA did. You can guess, but go read the CP!<br>
</div>
</blockquote>
<div><br>
</div>
<div>I doubt that you'll find such inessential info on SKIDs in a
CP.<br>
As Tomas wrote, it's just any identifier for the public key that
is unique per CA.<br>
Since RFC 5280 suggests using the SHA1 hash value of the key and
this is a reasonably<br>
unique and convenient way to achieve that, this is what most
implementations do.<br>
There is no need to use anything more involved such as any of
the SHA-2 algos.</div>
</blockquote>
<br>
Only to look for exceptions to the norm.<br>
<br>
Say that the keying is EdDSA448 which uses SHAKE256 internally. Why
require SHA code? So the SKIDs may be computed with SHAKE.<br>
<br>
There are other reasonable considerations. They will tend to be
noteworthy and thus noted accordingly.<br>
<br>
<br>
<blockquote type="cite"
cite="mid:a3bee7ca4683910e2615fa84c4da7c7ed727e0f3.camel@von-Oheimb.de">
<div><br>
</div>
<div><span class="Apple-tab-span" style="white-space:pre"> </span>David</div>
<div><br>
</div>
<blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px
#729fcf solid;padding-left:1ex">
<div><br>
</div>
<div>On 6/7/23 10:37, Corey Bonnell wrote:<br>
</div>
<blockquote type="cite" style="margin:0 0 0 .8ex;
border-left:2px #729fcf solid;padding-left:1ex">
<div>The hash method isn't explicitly encoded in the
certificate, but it can be<br>
</div>
<div>derived if you have the SubjectPublicKey(Info). If you
have the public key,<br>
</div>
<div>then you can calculate the IDs using the various methods
and seeing which one<br>
</div>
<div>matches the ID encoded in the certificate. The first
method defined in RFC<br>
</div>
<div>5280, section <a
href="https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2"
moz-do-not-send="true" class="moz-txt-link-freetext">https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2</a><br>
</div>
<div>(SHA-1 of the subjectPublicKey field (not the SPKI as a
whole)) is by far the<br>
</div>
<div>most common method. The two methods in RFC 5280 require
only the<br>
</div>
<div>subjectPublicKey, whereas some of the methods defined in
RFC 7093 use the<br>
</div>
<div>SubjectPublicKeyInfo as a whole.<br>
</div>
<div><br>
</div>
<div>Thanks,<br>
</div>
<div>Corey<br>
</div>
<div><br>
</div>
<div>-----Original Message-----<br>
</div>
<div>From: openssl-users <<a
href="mailto:openssl-users-bounces@openssl.org"
moz-do-not-send="true" class="moz-txt-link-freetext">openssl-users-bounces@openssl.org</a>>
On Behalf Of Robert<br>
</div>
<div>Moskowitz<br>
</div>
<div>Sent: Wednesday, June 7, 2023 8:57 AM<br>
</div>
<div>To: <a href="mailto:openssl-users@openssl.org"
moz-do-not-send="true" class="moz-txt-link-freetext">openssl-users@openssl.org</a><br>
</div>
<div>Subject: Subject Key Identifier hash method<br>
</div>
<div><br>
</div>
<div>I am trying to figure out if the Subject Key Identifier
hash method is carried<br>
</div>
<div>in the certificate. An asn1dump of a "regular" cert
shows:<br>
</div>
<div><br>
</div>
<div> 276:d=4 hl=2 l= 29 cons: SEQUENCE<br>
</div>
<div> 278:d=5 hl=2 l= 3 prim: OBJECT
:X509v3 Subject Key<br>
</div>
<div>Identifier<br>
</div>
<div> 283:d=5 hl=2 l= 22 prim: OCTET STRING
[HEX<br>
</div>
<div>DUMP]:04144F0C1A75F4AF13DC67EC18465C020FC22A82616B<br>
</div>
<div> 307:d=4 hl=2 l= 31 cons: SEQUENCE<br>
</div>
<div> 309:d=5 hl=2 l= 3 prim: OBJECT
:X509v3 Authority Key<br>
</div>
<div>Identifier<br>
</div>
<div> 314:d=5 hl=2 l= 24 prim: OCTET STRING
[HEX<br>
</div>
<div>DUMP]:30168014A8885F91878E4ED6AA2056C535E2212413F96BA2<br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>I cannot easily see if the hashing method is contained
here. I am assuming it<br>
</div>
<div>is a sha2 hash of the EdDSA public keys, but how do I
tell?<br>
</div>
<div><br>
</div>
<div>Of course I am asking as I want to use the rfc9374 DETs
here.<br>
</div>
<div><br>
</div>
<div>thanks<br>
</div>
<div><br>
</div>
</blockquote>
<div><br>
</div>
</blockquote>
</blockquote>
<br>
</body>
</html>