Question

我正在使用数字证书来签署交易结果，同时，我需要在其上打印出带有信息和数字签名的单据。

我想知道是否有专门为印刷媒体设计的X.509数字签名的更短代表？也许某种哈希或类似的东西...

非常感谢！

Answer 1

“openssl x509”工具使用“-text”选项为x.509证书提供了一个漂亮，简洁，人类可读的文本表示：

openssl x509 -noout -text -in CA_2048bit.pem

输出如下：

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            00:11:22:33:44:55:66:77:88:99
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: CN=Some CA, OU=Dept, O=MyOrganization, ST=Mazowieckie, C=PL
        Validity
            Not Before: Jun 17 14:24:59 2009 GMT
            Not After : Jun 17 14:24:57 2029 GMT
        Subject: CN=Some Party, OU=Dept, O=MyOrganization, ST=Mazowieckie, C=PL
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (2048 bit)
                Modulus (2048 bit):
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:
                    00:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE, pathlen:0
    Signature Algorithm: sha1WithRSAEncryption
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:
        00:11:22:33

由于签名和模数信息，这当然有点长。

不幸的是，所有这些数据都需要完整用于验证证书的真实性，并使用它来验证分别使用它验证的数字签名。

如果没有这些，其他证书内容就无法证明。

打印X.509数字签名

1 个答案: