What is an RSA "key ID"?
In the case of Strongswan one can display what it refers to as the keyid
using its command line utilities. The main point of the keyid
is that it can be used to identify the actual public key contained within a certificate so that a certificate might change but by checking the keyid one can check whether the key has changed or not.
The pki
command will list the keyids of an X.509 cert as follows (where the subjectPublicKeyInfo hash
is the keyid
):
pki --keyid --in cert.pem --type x509
Or for an RSA private key:
pki --keyid --in key.pem
The second command is ipsec
which one can use to list all the certs (and config) installed in the /etc/ipsec.d
subdirectories (this command will list the certificates and their corresponding keyid
which is the same as their subjectPublicKeyInfo hash
listed by the pki
command):
ipsec listall
Also one can use openssl
to generate Strongswan's idea of a keyid
, which is basically the SHA1 of the actual RSA public key (the sed
script just strips the '-----BEGIN PUBLIC KEY-----' and END banners) [Corrected after Micah's comment]:
openssl x509 -in cert.pem -noout -pubkey | sed 's/--.*$//g' | base64 --decode | sha1sum
When you decrypt using gpg it provides a "long" keyID hash. To verify which key was used list the keys in long format using:
gpg --list-keys --keyid-format long
To list the keys in a different keyring without updating the default keyring use:
gpg --keyring <path-to-pubring.kbx> --no-default-keyring --list-keys
In different formats (PGP, SSH, X.509 certificates) key ID has different meaning. Neither SSH nor X.509 have a "dedicated" concept of key ID, but some people use this term (including their software) - in this case it's usually a hash of the public key or of the certificate in whole.
Update: the comments reminded me that "key identifier" extensions exist in X.509 certifiactes, and they sometimes are being referred to as key IDs. Yet, this is not common - usually the hash (also sometimes called the fingerprint) is referenced as key ID.
Having just done this for my own purposes, I'll write this down while it's all fresh in my head...
The "official" key ID (that is, the content of the "X509v3 Subject Key Identifier" extension in an X509 certificate) is the SHA1 hash of the DER-encoded ASN.1 sequence consisting of the modulus and exponent of an RSA public key. It takes piecing together about three different RFCs and a bit of experimentation to come up with that, but that's how it works.
Some Ruby code to do the encoding looks like this -- feed it an RSA public or private key on stdin:
require 'openssl'
pkey = OpenSSL::PKey::RSA.new($stdin.read).public_key
seq = OpenSSL::ASN1::Sequence([OpenSSL::ASN1::Integer.new(pkey.n),
OpenSSL::ASN1::Integer.new(pkey.e)])
puts Digest::SHA1.hexdigest(seq.to_der).upcase.scan(/../).join(':')