Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=CN, ST=GuangDong, L=ShenZhen, O=COMPANY Technologies Co., Ltd, OU=IT_SECTION, CN=registry.example.com.net/emailAddress=zhouxiao@example.com.net
Validity
Not Before: Feb 11 06:04:56 2015 GMT
Not After : Feb 8 06:04:56 2025 GMT
Subject: C=CN, ST=GuangDong, L=ShenZhen, O=TP-Link Co.,Ltd., OU=Network Management, CN=172.31.1.210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a4:b0:dd:eb:c1:cf:5d:47:61:a6:ea:ef:8b:aa:
4b:f0:b4:2c:d8:96:c7:7c:ac:fa:c7:35:88:53:d0:
...
8a:76:dc:8f:8c:44:c8:0b:3c:36:88:5f:01:f0:44:
4e:81:e6:7a:2b:ff:ba:da:33:a5:27:11:c6:f0:08:
6e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
07:C6:87:B7:C1:1E:28:E8:96:3F:EB:40:1E:82:41:45:CA:81:B6:3D
X509v3 Authority Key Identifier:
keyid:A4:C2:14:6A:39:D1:95:1E:BD:DF:3B:92:4A:5C:12:42:1B:BC:53:B8
Signature Algorithm: sha256WithRSAEncryption
0c:c6:81:70:cd:0a:2d:94:4f:cb:a4:1d:ef:9e:8e:e4:73:ae:
50:62:a8:9c:64:ef:56:0f:41:fe:6b:b4:d3:07:37:39:2c:ed:
...
6f:62:61:b8:03:d7:97:31:ab:05:44:20:07:65:8b:ad:e2:cc:
ad:65:73:f6:82:0f:9e:65:d0:ae:b7:1e:fd:9f:c1:d7:41:6c:
0f:06:95:ee
-----BEGIN CERTIFICATE-----
MIIEMDCCAxigAwIBAgIBCTANBgkqhkiG9w0BAQsFADCBtTELMAkGA1UEBhMCQ04x
EjAQBgNVBAgMCUd1YW5nRG9uZzERMA8GA1UEBwwIU2hlblpoZW4xJjAkBgNVBAoM
...
ujwwRar6pPzusO95WuS93HsNmL2ZFZ63DS4LcW9iYbgD15cxqwVEIAdli63izK1l
c/aCD55l0K63Hv2fwddBbA8Gle4=
-----END CERTIFICATE-----
如上,是一张ssl公钥证书
,它有两行:Signature Algorithm: sha256WithRSAEncryption
为什么要两行?是否为了表示CA只对两行之间的数据(以下简称D)做哈西和并用私钥加密?
附在第2行Signature Algorithm: sha256WithRSAEncryption之后的数据是否就是对D哈西并加密的结果(以下简称H)?
如果这是一张CA自己的证书,那么中间 Modulus:下面那一块数据(以下简称P)是否是CA自己的公钥?
验证这张证书的有效性的过程是否如下:
提取证书中的公钥P, 用P对H解密,得到X
对D做哈西,得到Y
比较X和Y是否一样。
用户如何手动实现上面的验证过程?
伊谢尔伦2017-04-17 15:58:16
I have also been reading information on this recently
About the CA certificate structure, you can read this:
RFC5280, mainly section 4.1: Basic Certificate Fields
The first Signature Algorithm is a field in tbsCertificate, and the second one is a field at the same level as tbsCertificate. The values of these two fields must be equal.
About RSA signatures, you can read this:
RFC2313, mainly section 10: Signature algorithms
The combination of Module and Exponent is a public key, where Module is n, which is the product of two prime numbers p and q, and Exponent is the exponent e. See Sections 6 and 7 of RSA WiKi or the previous link.
In the certificate authentication process, except for the root certificate (that is, a self-signed certificate, usually provided by the operating system and browser), which uses its own public key to authenticate itself, other certificates are authenticated by the public key of the organization that issued the certificate. .
After the rsa public key decrypts the signature, what is obtained is not the hash value directly, but also the ASN.1 structure information obtained through BER decoding. This structure contains the hash algorithm type and hash value.
Please correct me if there are any errors.
