SSL证书签名验证
[英]SSL certificate signature verification
问题描述
I'm trying to verify certificate on an embedded board manually because it doesn't support Openssl or other libraries. 
我正在尝试手动验证嵌入式板上的证书,因为它不支持Openssl或其他库。 However it does have libraries for MD5 and SHA1 hashes and RSA encryption. 但是,它确实具有用于MD5和SHA1哈希以及RSA加密的库。
From what I understand to verify the certificate, first compute the SHA1 hash (or MD5) of the certificate; 根据我对验证证书的了解,首先计算证书的SHA1哈希(或MD5); then decode the signature using CA's public key to obtain a hashed value. 然后使用CA的公钥解码签名以获得散列值。 These two hash values should be the same. 这两个哈希值应相同。
SHA1 hash produces a 20 byte value and MD5 produces 16 byte value. SHA1哈希产生一个20字节的值,而MD5产生16个字节的值。 However, RSA decoding of the signature does not. 但是,签名的RSA解码没有。 If the CA's key is 1024 bits, the decode signature will be 80bytes; 如果CA的密钥为1024位,则解码签名为80bytes; if the CA's key is 512 bits, the decoded signature will be 40 bytes. 如果CA的密钥是512位,则解码的签名将是40个字节。 So I can't really compare the 20 bytes SHA1 value against the 40 or 80 bytes Decoded Signature. 因此,我无法真正将20字节的SHA1值与40或80字节的解码签名进行比较。
Am I doing something wrong? 难道我做错了什么? Or am I missing a step? 还是我错过了一步?
1 个解决方案
解决方案1
1 已采纳 2011-10-08 11:58:33
The missing bit is the padding algorithm. 缺少的位是填充算法。
You use RSA with a specific padding algorithm, and the same algorithm also tells you how to take the result (when you decrypt the signature) and extract from it the actual data (the hash). 您将RSA与特定的填充算法一起使用,并且相同的算法还告诉您如何获取结果(解密签名时)并从中提取实际数据(哈希)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.