简体繁体 English

Windows或浏览器是否保存X509证书的签名？

[英]Do Windows or browsers save the signature of X509 certificate?

原文 2018-10-18 14:21:35 3 1 c#/ firefox/ cryptography/ x509certificate

Windows has classes X509Certificate2 and X509Certificate for certificate data. Windows具有用于证书数据的类X509Certificate2和X509Certificate 。 But none provides the original signature, only the thumbprint. 但是没有人提供原始签名，只有指纹。 They provide the field RawData but it is only the certificate itself because I ran a hash on it and it matches the hash provided by X509Certificate. 它们提供了RawData字段，但它只是证书本身，因为我对其进行了哈希处理，并且它与X509Certificate提供的哈希值匹配。

Windows has tools to save each certificate into a file of different formats but none of them appears to include the signature. Windows具有将每个证书保存到不同格式的文件中的工具，但它们似乎都不包含签名。 Firefox has its own utility to display a certificate where it displays signature but it appears to be a bug because the signature matches the last bytes of RawData returned by X509Certificate , and this RawData is the raw certificate without the signature. Firefox拥有自己的实用程序来在证书上显示签名的地方显示证书，但它似乎是一个错误，因为签名与X509Certificate返回的RawData的最后字节匹配，并且此RawData是没有签名的原始证书。

I tried both the CA certificates and servers certificates from a HTTPS session and none of them include the signature. 我尝试了HTTPS会话中的CA证书和服务器证书，但都不包含签名。 It seems like Windows validates the signature, converts it into thumbprint, and just throws away the signature. 好像Windows验证了签名，将其转换为指纹，然后丢弃了签名。 Why? 为什么？

1 个解决方案

TL;DR: yes, the signature is saved, even if it is not shown . TL; DR：是的， 即使未显示签名也已保存。 The signature is required to create a trust chain . 创建签名链需要签名。 The signature consists of a large amount of binary data, so it is not all that useful to show it to the user. 签名由大量的二进制数据组成，因此将其显示给用户并不是很有用。

You're confused. 你很困惑 The last parts of a certificate is the signature value, as you can see in the X.509 specifications . 证书的最后一部分是签名值，如X.509规范所示。

The hash over the certificate that is shown is not the hash that is used to generate the signature. 所显示的证书在散列不被用于生成签名的散列。 It is a separate hash over all of the binary data that make up the certificate including the signature , while the hash within the certificate is only over the TBSCertificate - the To Be Signed" part of the certificate. 它是构成证书的所有二进制数据（ 包括签名 ）的单独哈希，而证书中的哈希仅在证书的TBSCertificate -To To Signed部分上。

Furthermore, the thumbprints over all certificates are generally calculated using one specific hash algorithm. 此外，通常使用一种特定的哈希算法来计算所有证书上的指纹。 This makes it easy to compare thumbprints. 这样可以轻松比较指纹。 The hash algorithm that is used for the signature is specified in the certificate itself - comprehensively called signatureAlgorithm . 在证书本身中指定了用于签名的哈希算法-统称为signatureAlgorithm 。 Although it could be the same algorithm as the thumbprint, it is usually a more modern hash function that doesn't allow collisions. 尽管它可以与指纹使用相同的算法，但是它通常是一种更现代的哈希函数，不允许发生冲突。 The thumbprint is generally still SHA-1 or MD-5 which is less secure, but easier for humans to grok. 指纹通常仍为SHA-1或MD-5，虽然安全性较差，但更容易被人窃取。