PKI/ASN.1

ECDSA ๊ฐœ์ธํ‚ค ASN.1 ํ˜•์‹

JayKim๐Ÿ™‚ 2023. 5. 2. 10:30

์ด๋ฒˆ์—๋Š” ECDSA ์•Œ๊ณ ๋ฆฌ์ฆ˜์—์„œ ์‚ฌ์šฉํ•˜๋Š” ๊ฐœ์ธํ‚ค ํฌ๋งท์— ๋Œ€ํ•ด ์•Œ์•„ ๋ณด์ž
๋จผ์ € ECDSA ๊ฐœ์ธํ‚ค ํฌ๋งท์€ RFC5915 ์— ์ •์˜ ๋˜์–ด ์žˆ๋‹ค.

ASN.1 ํ˜•์‹

   ECPrivateKey { iso(1) identified-organization(3) dod(6)
     internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
     id-mod-ecprivateKey(65) }

   DEFINITIONS EXPLICIT TAGS ::=

   BEGIN

   -- EXPORTS ALL;

   IMPORTS

   -- FROM New PKIX ASN.1 [RFC5912]

   ECParameters, NamedCurve
     FROM PKIXAlgs-2009
       { iso(1) identified-organization(3) dod(6) internet(1)
         security(5) mechanisms(5) pkix(7) id-mod(0)
         id-mod-pkix1-algorithms2008-02(56) }

   ;

   ECPrivateKey ::= SEQUENCE {
     version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
     privateKey     OCTET STRING,
     parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
     publicKey  [1] BIT STRING OPTIONAL
   }

   END

์ฃผ์š” ๋‚ด์šฉ์€ ECPrivateKey ๋ถ€๋ถ„์ด ECDSA ๊ฐœ์ธํ‚ค ํŒŒ์ผ ํ˜•์‹์ด๋‹ค.
์—ฌ๊ธฐ์„œ ๋ณด๋ฉด ํ•ญ์ƒ ๊ฐœ์ธํ‚ค ํŒŒ์ผ์—๋Š” ์ฃผ์š” ๊ฐ’์ด ๋ฒ„์ „, ๊ฐœ์ธํ‚ค, ํŒŒ๋ผ๋ฏธํ„ฐ ๊ทธ๋ฆฌ๊ณ  ๊ณต๊ฐœํ‚ค ์ด๋ ‡๊ฒŒ 4๊ฐ€์ง€ ๊ฐ’์ด ์ •์˜ ๋œ๋‹ค.

  • version : ํ˜„์žฌ ์ด ๊ฐ’์€ 1 ์˜ ๊ณ ์ • ๊ฐ’์ด ์‚ฌ์šฉ ๋œ๋‹ค.
  • privateKey : ์ด ๊ฐ’์ด ๊ฐ€์žฅ ๋ณดํ˜ธ ๋˜์–ด์•ผ ํ•  ECDSA ์˜ ๊ฐœ์ธํ‚ค ๊ฐ’์ด๋‹ค.
  • parameters : ECC ๋„๋งค์ธ ํŒŒ๋ผ๋ฏธํ„ฐ ์ด๋ฆ„์ด๋‹ค. ์—ฌ๊ธฐ์„œ๋Š” namedCurve ๋ฐฉ์‹์„ ์‚ฌ์šฉํ•ด OID ๊ฐ’์ด ์‚ฌ์šฉ๋œ๋‹ค. (์˜ต์…˜)
  • publicKey : ๊ณต๊ฐœํ‚ค ๊ฐ’ ( ์˜ต์…˜ )

์ฐธ๊ณ ๋กœ parameters ์™€ publicKey ๊ฐ’์ด ์˜ต์…˜์ด์ œ๋งŒ ์‹ค์ œ ์‚ฌ์šฉ์— ์žˆ์–ด์„œ๋Š” ํ•„์ˆ˜ ๊ฐ’์ฒ˜๋Ÿผ ์š”๊ตฌ ๋œ๋‹ค.

PEM ํ˜•์‹์˜ ์ธ์ฝ”๋”ฉ ํ—ค๋”

์‹ค์ œ๋กœ ๊ฐœ์ธํ‚ค๋ฅผ ์ƒ์„ฑํ•ด์„œ PEM ํŒŒ์ผ์„ ์ƒ์„ฑ ํ•˜๋ฉด ์‚ฌ์šฉํ•˜๋Š” ํ—ค๋”๋Š” ๋‹ค์Œ ์ฒ˜๋Ÿผ ์ง€์ •ํ•œ๋‹ค.

-----BEGIN EC PRIVATE KEY-----
-----END EC PRIVATE KEY-----

OpenSSL ECDSA ๊ฐœ์ธํ‚ค ์ƒ์„ฑ

openssl ecparam -name prime256v1 -genkey -noout -out ecdsa_private_key.pem

์—ฌ๊ธฐ์„œ -name prime256v1 ์ธ secp256r1 ํŒŒ๋ผ๋ฏธํ„ฐ๋ฅผ ์‚ฌ์šฉ ํ•˜๋Š” ๊ฒฝ์šฐ๋ฅผ ๋‚˜ํƒ€๋‚ธ๋‹ค.

์ƒ์„ฑํ•œ PEM ํ˜•์‹์„ ๋ณด๋ฉด ๋‹ค์Œ ์ฒ˜๋Ÿผ ๋‚˜์˜จ๋‹ค.

-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIGT2Um3gW//u0sWCDZQ/XuD6Qizge3mLOZWXPLJrso9XoAoGCCqGSM49
AwEHoUQDQgAEowFoZg9qlBEGZJ46iWBeLV38Xy2P2FQWOMdNQoceqeevT+e1ZIu4
UZ03ePqB6FToUArLqHfW9O6FlsA9Bt2ZCA==
-----END EC PRIVATE KEY-----

ECDSA PrivateKey ๋ณด๊ธฐ

์ด์ œ ์ƒ์„ฑ ๋œ ๊ฐœ์ธํ‚ค๋ฅผ BerEditor ์—ด์–ด ๋ณธ ํ™”๋ฉด์ด๋‹ค.

์ด๋ ‡๊ฒŒ ์ด๋ฏธ์ง€์—์„œ ๋ณด๋ฉด ๊ฐœ์ธํ‚ค, ํŒŒ๋ผ๋ฏธํ„ฐ, ๊ณต๊ฐœํ‚ค ๊ฐ’์„ ํ™•์ธ ํ•  ์ˆ˜ ์žˆ๋‹ค.
ํ™”๋ฉด์—์„œ๋Š” ๋น„ํŠธ ์ŠคํŠธ๋ง์ด์ง€๋งŒ ์‹ค์ œ๋กœ๋Š” ํ—ฅ์‚ฌ ๊ฐ’์ด์—์š”^^

๊ฐœ์ธํ‚ค ํŒŒ์ผ์—๋Š” ํŒŒ๋ผ๋ฏธํ„ฐ OID๋ž‘ ๊ณต๊ฐœํ‚ค ๊ฐ’์ด ์˜ต์…˜์ด์ง€๋งŒ ์‹ค์ œ ๊ฐœ๋ฐœ ํ•˜๋‹ค ๋ณด๋ฉด ํ•ญ์ƒ ๊ฐ’์ด ํฌํ•จ์ด ๋˜์–ด ์žˆ๋‹ค.

ํŒŒ๋ผ๋ฏธํ„ฐ ์ •๋ณด์˜ ๊ฒฝ์šฐ CHOICE ํ˜•์‹์ธ๋ฐ ๊ทธ๋ง์€ ๋‹ค๋ฅธ ๊ฐ’๋„ ์กด์žฌํ•œ๋‹ค๊ณ  ๋ณด๋ฉด ๋œ๋‹ค.
์ด ํŒŒ๋ผ๋ฏธํ„ฐ์˜ ์ •๋ณด๋Š” RFC5480 ์—์„œ ์ฐธ์กฐ ํ•˜๋ฉด ๋œ๋‹ค.
์‹ค์ œ๋กœ ํŒŒ๋ผ๋ฏธํ„ฐ์˜ OID ๊ฐ’์œผ๋กœ ํ‘œํ˜„๋˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ์ผ๋ฐ˜์ ์ด์ง€๋งŒ ๊ฐ„ํ˜น ํŒŒ๋ผ๋ฏธํ„ฐ ๊ฐ’์˜ ์ •๋ณด๊ฐ€ ์ถ”๊ฐ€ ๋˜๊ธฐ๋„ ํ•œ๋‹ค.
ํ•˜์ง€๋งŒ ์ด ๊ฒฝ์šฐ๋Š” ์ž˜ ์‚ฌ์šฉ๋˜์ง€๋Š” ์•Š๋Š”๋‹ค.

๋ฐ˜์‘ํ˜•
์ €์ž‘์žํ‘œ์‹œ

'PKI > ASN.1' ์นดํ…Œ๊ณ ๋ฆฌ์˜ ๋‹ค๋ฅธ ๊ธ€

ASN.1 ์ธ์ฝ”๋”ฉ ๋ฐฉ์‹  (0) 2023.06.29
ASN.1 ์˜คํ”ˆ์†Œ์Šค ์ปดํŒŒ์ผ๋Ÿฌ asn1c ์‚ฌ์šฉ๋ฒ•  (0) 2023.05.09
Distinguished Encoding Rules  (0) 2022.11.07
Basic Encoding Rules (3/3)  (0) 2022.11.07
Basic Encoding Rules (2/3)  (0) 2022.11.07

'PKI/ASN.1'์˜ ๋‹ค๋ฅธ๊ธ€

  • ํ˜„์žฌ๊ธ€ECDSA ๊ฐœ์ธํ‚ค ASN.1 ํ˜•์‹

๊ด€๋ จ๊ธ€

๋Œ“๊ธ€

ํ‹ฐ์Šคํ† ๋ฆฌํˆด๋ฐ”