I`m writing a program in .net(c#), using the Liping Share ASN1 Editor, which decodes the given CSRs very well.
So, my problem is: How do I get the bit size of a given CSR? (i want to test if it is 1024 or higher) I already tried the .net X509Certificate class, but that only function with certificates, not with CSRs. The开发者_StackOverflow中文版re is no possibility to use a Java class or parse a webside which contains a CSR Decoder. (although i already thought that would be much easier than solve the problem otherwise)Maybe the solution is very simple and I just don´t get it, but if anyone can give me an advice, I would really appreciate it! (too much Google for the last two days!!)
I'm not familiar with c# but know with PHP you first need to get the CSR's public key from the CSR, then check the keysize in the public key.
openssl_pkey_get_details(openssl_csr_get_public_key($your_csr));
The return is an array of public key info including the bit size.
NOTE: I have found from testing and extensive research that the method mentioned by JSmitty is not reliable.
It seems to be pretty simple: just look at the first few characters of the CSR itself. If it starts with MIIC, it's 512-bit, MIID is 1024-bit. Here's a simpler view:
Beginning Number of Characters bits in CSR ---------- ----------- MIIC 512-bits MIID 1024-bits MIIE 2048-bits MIIG 4096-bits MIIK 8192-bits MIIS 16384-bits
I haven't gotten to verify (by terms of a spec document) that this is 100% reliable, but it seems to hold true, supported by the example-based research I've done (found on several sites and from my personal experience generating CSRs with differing numbers of bits).
精彩评论