What is the structure of the public key of a signe

2020-07-29 23:54发布


Using this code to retrieve the public key bytes...

var pubKey = 

What is this common structure at the start (first 32 bytes) of the key? It's not ASN.1 and it might not be variable. I can google it and get repeats.

// 00 24 00 00 04 80 00 00 94 00 00 00 06 02 00 00 00 24 00 00 52 53 41 31

Is it all reversed or just part of it (e.g. the modulus at the end)? 52 53 41 31 is a string of RSA1. My key's modulus is 1024 bit, so I was looking for something that described the length. 0x0400 (00 04 B.E.) would be 1024 (bits), 0x80 would be 128 (bytes, 1024/8).

// 00 04 00 00 01 00 01 00

Are these last 4 to 6 the public exponent? Big or little endian? Is the last null a terminator or spacer?

Investigations into implementations (.NET and Mono) of RSAPKCS1SignatureFormatter and RSAPKCS1SignatureDeformatter are not easy going.

Removed edits, answering own question... unless someone comes up with a better answer or adds detail including the whys.


I couldn't stop biting my nails trying to work backwards from CALG_RSA_SIGN = 0x00002400, and stumbled upon RSAPUBKEY, then PUBLICKEYSTRUC and finally PublicKeyBlob. Well now I can parse it formally. Wonder if there is any struct already in the .NET framework for handling this?


Oh hey, these magical numbers look familiar. What do they mean...

Is it https://msdn.microsoft.com/en-us/library/ms232463.aspx ?

// 00 24 00 00 // 0x00002400 LE // PublicKeyBlob  SigAlgId ALG_ID = CALG_RSA_SIGN 
// 04 80 00 00 // 0x00008004 LE // PublicKeyBlob  HashAlgId ALG_ID = CALG_SHA1
// 94 00 00 00 // 0x00000094 LE // PublicKeyBlob  cbPublicKey dword = 148
// sizeof(PUBLICKEYSTRUC) is 8 + sizeof(RSAPUBKEY) is 12 + sizeof(modulus) is 128 = 148
// 06          // 0x06          // PUBLICKEYSTRUC bType byte = PUBLICKEYBLOB
// 02          // 0x02          // PUBLICKEYSTRUC bVersion byte = CUR_BLOB_VERSION
// 00 00       // 0x0000 LE     // PUBLICKEYSTRUC reserved word = 0
// 00 24 00 00 // 0x00002400 LE // PUBLICKEYSTRUC aiKeyAlg ALG_ID = CALG_RSA_SIGN 
// 52 53 41 31 // 'RSA1'        // RSAPUBKEY magic dword
// 00 04 00 00 // 0x00000400 LE // RSAPUBKEY bitlen dword
// 01 00 01 00 // 0x00010001 LE // RSAPUBKEY pubexp dword
// public modulus reversed follows in (bitlen/8) bytes

So using this information (couldn't get rsaCsp.ImportParameters to work right)...

var rsaCsp = new RSACryptoServiceProvider(BitLength);
    Convert.ToBase64String(PubExp), Convert.ToBase64String(PubMod)));

Now you have a valid rsaCsp for signature authentication from your assembly's SN PK.