On 1/12/2017 3:03 AM, Weijun Wang wrote:
I am writing a tool to warn about weak key usage in a certificate or
CRL. One of the warnings is if it's signed by a cert with a small key
size.
But the signer's cert is not always available. I can see that the
signature's size depends on the signer's key size. Is there a reliable
way to calculate this key size? The only existing knowledge is the
signature bytes and the signature algorithm.
Thanks
Max
If it's an RSA key then signature length == key length.
If it's an EC key then a good approximation is (signature size in bytes
- 7)/2 * 8. The EC signature is encoded as an ASN1 sequence of two
INTEGERS. The ASN1 encoding overhead is about 3 bytes for the sequence
and 2 for each of the integers. If you want an absolute floor on the
key size, find the body of each of the integers (the octets that make up
the value field) and normalize them (remove leading zeros). Take the
maximum of the two lengths. That's the floor of the key size. Once in
about 65K signatures that floor is going to be less than the actual key
size.
