开发者

How do I get the keysize of a given CSR in bit?

开发者 https://www.devze.com 2023-02-08 12:40 出处:网络
I`m writing a program in .net(c#), using the Liping Share ASN1 Editor, which decodes the given CSRs very well.

I`m writing a program in .net(c#), using the Liping Share ASN1 Editor, which decodes the given CSRs very well.

So, my problem is: How do I get the bit size of a given CSR? (i want to test if it is 1024 or higher)

I already tried the .net X509Certificate class, but that only function with certificates, not with CSRs.

The开发者_StackOverflow中文版re is no possibility to use a Java class or parse a webside which contains a CSR Decoder. (although i already thought that would be much easier than solve the problem otherwise)

Maybe the solution is very simple and I just don´t get it, but if anyone can give me an advice, I would really appreciate it! (too much Google for the last two days!!)


I'm not familiar with c# but know with PHP you first need to get the CSR's public key from the CSR, then check the keysize in the public key.

openssl_pkey_get_details(openssl_csr_get_public_key($your_csr));

The return is an array of public key info including the bit size.

NOTE: I have found from testing and extensive research that the method mentioned by JSmitty is not reliable.


It seems to be pretty simple: just look at the first few characters of the CSR itself. If it starts with MIIC, it's 512-bit, MIID is 1024-bit. Here's a simpler view:

Beginning    Number of
Characters  bits in CSR
----------  -----------
MIIC        512-bits
MIID        1024-bits
MIIE        2048-bits
MIIG        4096-bits
MIIK        8192-bits
MIIS        16384-bits

I haven't gotten to verify (by terms of a spec document) that this is 100% reliable, but it seems to hold true, supported by the example-based research I've done (found on several sites and from my personal experience generating CSRs with differing numbers of bits).

0

精彩评论

暂无评论...
验证码 换一张
取 消