使用 openSSL 验证 EU GreenPass
[英]Verify EU GreenPass with openSSL
问题描述
I just received my Covid Green Pass.
我刚收到我的 Covid Green Pass。 I've started to decode it, using only Unix command line tools.我已经开始解码它,只使用 Unix 命令行工具。 See my blog post: http://www.corentindupont.info/blog/posts/Programming/2021-08-13-GreenPass.html见我的博文: http : //www.corentindupont.info/blog/posts/Programming/2021-08-13-GreenPass.html
Here are the fields I get after decoding the green pass:以下是我在解码绿色通行证后得到的字段:
header: a20448349a42b0c2d0728e0126
payload: a4041a645d8180061a61053b9501624954390103a101a4617681aa62646e01626d616d4f52472d3130303033313138346276706a313131393334393030376264746a323032312d30372d313462636f624954626369782630314954303544314444
signature: 6f422bd436e216177de025d3d31681a27bead6115f480630754db6f1498bbc782cdc975f4c4d79af77dbe02c31de6af4ba94d7fe11510a5ca6121cb0bf10890a
All fields are hexadecimals in this example.在这个例子中所有字段都是十六进制的。 The payload is a CBOR structure, it can be further decoded to get your data.有效载荷是 CBOR 结构,可以进一步解码以获取您的数据。
Verifying the GreenPass验证绿色通行证
What I would like to do now, is to verify the signature using the Unix tool openssl .我现在想做的是使用 Unix 工具openssl验证签名。 I figured out that the green pass signature is created with Elliptic Curve Digital Signature Algorithm (ECDSA), using the P–256 parameters, in combination with the SHA–256 hash algorithm.我发现绿色通道签名是使用椭圆曲线数字签名算法 (ECDSA) 创建的,使用 P–256 参数,并结合 SHA–256 哈希算法。
With openssl , I should be able to verify this greenpass:使用openssl ,我应该能够验证这个绿色通行证:
$ openssl dgst -sha256 -verify public_key_it -signature my_signature my_data
I need three parameters: public_key_it , my_signature and my_data .我需要三个参数: public_key_it 、 my_signature和my_data 。
-
public_key_itis a file containing the public key capable of checking the green pass signature.public_key_it是一个包含能够检查绿色通行证签名的公钥的文件。 It is available online, for Italy it is:它可以在线获得,对于意大利,它是:
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnL9+WnIp9fvbcocZSGUFlSw9ffW/jbMONzcvm1X4c+pXOPEs7C4/83+PxS8Swea2hgm/tKt4PI0z8wgnIehojw==
-----END PUBLIC KEY-----
-
my_signatureis a file containing the signature part of the green pass.my_signature是一个包含绿色通行证签名部分的文件。 I get it with:我得到它:
echo "6f422bd436e216177de025d3d31681a27bead6115f480630754db6f1498bbc782cdc975f4c4d79af77dbe02c31de6af4ba94d7fe11510a5ca6121cb0bf10890a" | xxd -r -p > my_signature
- The
my_datapart is more mysterious.my_data部分更加神秘。 It seems that it should be aSig_structure, as specified in https://datatracker.ietf.org/doc/html/rfc8152#section-4.4 .似乎它应该是一个Sig_structure,如https://datatracker.ietf.org/doc/html/rfc8152#section-4.4 中所指定。 Anyway, I tried to compose it:无论如何,我尝试编写它:
jSignature1MH4Br&@Y7d]a;bIT9avbdnbmamORG-100031184bvpj1119349007bdtj2021-07-14bcobITbcix&01IT05D1DDD951474B1C93D161A4F4663B8E#3bmplEU/1/20/1507bisvMinistero della Salutebsdbtgi840539006cnamcfntfDUPONTbfnfDUPONTcgntxCORENTIN<NICOLAS<MARIE<FRANCOISbgnx"CORENTIN, NICOLAS, MARIE, FRANCOIScvere1.0.0cdobj1978-11-17
Some characters are not printable, so here it is again in hexadecimals:有些字符是不可打印的,所以这里又是十六进制的:
846a5369676e6174757265314da20448349a42b0c2d0728e012640590137a4041a645d8180061a61053b9501624954390103a101a4617681aa62646e01626d616d4f52472d3130303033313138346276706a313131393334393030376264746a323032312d30372d313462636f62495462636978263031495430354431444444393531343734423143393344313631413446343636334238452333626d706c45552f312f32302f31353037626973764d696e69737465726f2064656c6c612053616c7574656273640162746769383430353339303036636e616da463666e74664455504f4e5462666e664455504f4e5463676e74781f434f52454e54494e3c4e49434f4c41533c4d415249453c4652414e434f495362676e7822434f52454e54494e2c204e49434f4c41532c204d415249452c204652414e434f49536376657265312e302e3063646f626a313937382d31312d3137
Well, if I try the openssl command above, I get:好吧,如果我尝试上面的 openssl 命令,我会得到:
$ openssl dgst -sha256 -verify public_key_it -signature my_signature my_data
Error Verifying Data
140529059103168:error:0D07209B:asn1 encoding routines:ASN1_get_object:too long:../crypto/asn1/asn1_lib.c:91:
140529059103168:error:0D068066:asn1 encoding routines:asn1_check_tlen:bad object header:../crypto/asn1/tasn_dec.c:1137:
140529059103168:error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error:../crypto/asn1/tasn_dec.c:309:Type=ECDSA_SIG
Any hint?任何提示? Am I even on the right track??我什至在正确的轨道上吗?? Thanks谢谢
EDIT: I now solved the problem and updated my blog article with all the details (link above).编辑:我现在解决了这个问题并用所有细节更新了我的博客文章(上面的链接)。
1 个解决方案
解决方案1
0 2021-08-27 09:33:16
With the help of @MichaelFehr, I managed to solve this problem!在@MichaelFehr 的帮助下,我设法解决了这个问题!
Signature conversion签名转换
The GreenPass has a signature in "raw" (P1363) format. GreenPass 具有“原始”(P1363) 格式的签名。 However, openssl only accepts DER format.但是, openssl只接受 DER 格式。 So we need to convert it.所以我们需要转换它。
Here is my signature:这是我的签名:
6f422bd436e216177de025d3d31681a27bead6115f480630754db6f1498bbc782cdc975f4c4d79af77dbe02c31de6af4ba94d7fe11510a5ca6121cb0bf10890a
It is 64 bytes long.它是 64 字节长。 It is composed of two integers, R and S. R is the first half, while S is the second half.它由两个整数组成,R 和 S。R 是前半部分,而 S 是后半部分。
R = 6f422bd436e216177de025d3d31681a27bead6115f480630754db6f1498bbc78
S = 2cdc975f4c4d79af77dbe02c31de6af4ba94d7fe11510a5ca6121cb0bf10890a
According to DER encoding, I need to add some more bytes:根据DER编码,我需要添加更多字节:
30 -- fixed value for composed structure
44 -- size of everything that follows
02 -- fixed value for integer
20 -- size of the R integer
6f422bd436e216177de025d3d31681a27bead6115f480630754db6f1498bbc78 -- R
02 -- fixed value for integer
20 -- size of the S integer
2cdc975f4c4d79af77dbe02c31de6af4ba94d7fe11510a5ca6121cb0bf10890a -- S
If I assemble it, I can obtain my DER signature:如果我组装它,我可以获得我的 DER 签名:
echo -n "304402206f422bd436e216177de025d3d31681a27bead6115f480630754db6f1498bbc7802202cdc975f4c4d79af77dbe02c31de6af4ba94d7fe11510a5ca6121cb0bf10890a" | xxd -r -p > my_signature.der
Data conversion数据转换
The data part needs to be composed, too.数据部分也需要组合。 According to the COSE spec , I need to build a "Sig_structure" from the green pass data.根据COSE 规范,我需要从绿色通行证数据构建一个“Sig_structure”。 This Sig_structure is used both for creating the signature, and verifying it.此 Sig_structure 用于创建签名和验证签名。
Here is the "Sig_structure" completed:这是完成的“Sig_structure”:
846a5369676e6174757265314d -- "Signature1" in hexadecimals
a20448349a42b0c2d0728e0126 -- My header (see original post above)
40590137 -- some separator... not sure
a4041a645d8180061a61053b9501624954390103a101a4617681aa62646e01626d616d4f52472d3130303033313138346276706a313131393334393030376264746a323032312d30372d313462636f62495462636978263031495430354431444444393531343734423143393344313631413446343636334238452333626d706c45552f312f32302f31353037626973764d696e69737465726f2064656c6c612053616c7574656273640162746769383430353339303036636e616da463666e74664455504f4e5462666e664455504f4e5463676e74781f434f52454e54494e3c4e49434f4c41533c4d415249453c4652414e434f495362676e7822434f52454e54494e2c204e49434f4c41532c204d415249452c204652414e434f49536376657265312e302e3063646f626a313937382d31312d3137 -- my payload (see above)
We can now create my_data :我们现在可以创建my_data :
echo -n "846a536967..." | xxd -r -p > my_data.bin
It now works!!现在可以用了!!
$ openssl dgst -sha256 -verify public_key_it -signature my_signature.der my_data
Verified OK
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.