[foaf-protocols] The case for massive simplification and foaf:key

Nathan nathan at webr3.org
Tue Sep 21 17:17:01 CEST 2010

Henry Story wrote:
> So just to take the following two points of your argument:
> On 21 Sep 2010, at 14:10, Nathan wrote:
>> typically you won't have to parse it at all, you'll be string comparing base64 DER with base64 DER, stripping whitespace is the most that is needed.
>> When I say DER formatted public key, i am talking about 'just the public key', and as above, to the best of my knowledge, most languages/runtimes/tooling support DER formatted keys better than modulus/exponent only (in fact most don't support modulus/exponent only).
> So this will work if encoding a public key in DER format always gives the same
> binary result. 
> So given a public key defined by a modulus exponent pair (m,e) 
> and given any method of encoding it  E1, E2, E3, ... that results 
> in a DER encoded string we have the following
> E1(m1,e1) = s1
> E2(m2,e2) = s2
> E3(m3,e3) = s3
> ....
> What we need to show is that whenever s1 == s2 then (m1,e1) = (m2,e2) . Right?

Yes we need to prove that..

For a short answer, s1 contains (m1,e1) as is, it doesn't pack or encode 
it in any way that could lead to ambiguity.

An RSA public key should be represented with the ASN.1 type

  RSAPublicKey ::= SEQUENCE {
    modulus           INTEGER,  -- n
    publicExponent    INTEGER   -- e

typically in ASN.1 that's a structure like:
identifier: 30
Length: ???
identifier: 30
Length: 13
identifier: 6
Length: 9
string 1.2.840.113549.1.1.1 // "rsaEncryption"
identifier: 5
Length: 0
identifier: 3
Length: ???
identifier: 30
Length: ???
identifier: 2
Length: ???
string "FDB6FB1159710..." // modulus
identifier: 2
Length: 3
int(65537) // exponent

or in hex:

30 ?L 30 ?TYPE 5 0 3 ?L 0 30 ?L 2 ?L 0 ?MODULUS 2 3 1 0 1

where ?L is a length, ?TYPE is one of "rsaEncryption" 
"md5withRSAEncryption" "sha1withRSAEncryption" and ?MODULUS is modulus, 
the last 5 octets are the modulus, usually int(2), length(3) and the 
value 65537(1 0 1)

ASN.1 structure doesn't change, the rules are set (digital encoding 
rules - DER), and base64 doesn't produce variable results either.

So, unless somebody can point me to something strange abnormality or 
varying encoding rule I'd be fine to assert that:

  whenever s1 == s2 then (m1,e1) == (m2,e2)



More information about the foaf-protocols mailing list