如何验证 x509 证书的签名？

Question

I have two X509Certificate objects x1 and x2.

I want to verify that x2 was signed by x1.

I think this is done with the public key of x1 and the signature of x2.

How to exactly do this?

I also want to know if it is common practice to compare the issuer of x2 with the subject of x1 byte-by-byte and show an error if they differ.

I found this 12456079 post but I can't figure it out.

Answer 1

You are looking for certificate chain which is a common thing in PKI (Public Key Infrastructure). One certificate can sign another certificate to show that this certificate can be trusted.

In simple example there would be a Root certificate which is self signed and is trusted - everyone trusts this certificate. Next you can ask the owner of this certificate to sign your certificate with Root's certificate private key. So if someone wants to use your certificate, he can check that your certificate was signed by Root certificate and if he trusts Root certificate - he can also trust you.

In Java you can check if a certificate was signed by the private key of corresponding certificate using something like this:

X509Certificate yourCert = ...
X509Certificate root = ...

try {
    yourCert.verify(root.getPublicKey()); } 
catch (CertificateException | NoSuchAlgorithmException | InvalidKeyException | NoSuchProviderException e) {
    //handle wrong algos
} catch (SignatureException ex) {
    //signature validation error
}

The Certificate::verify serves this purpose:

Verifies that this certificate was signed using the private key that corresponds to the specified public key.

Since X509Certificate extends Certificate you can use this method on X509Certificate implementations (since X509Certificate is an abstract class).

Also you can have a look at X509Certificate::verify(PublicKey, Provider) which takes PublicKey and Provider implementation.