检查CSR的签名（X.509证书签名请求） [英] Checking the signature of a CSR (X.509 certificate signing request)

问题描述

有人可以帮助我解决以下问题吗？

Can someone please help me with the following question

我要检查CSR上的签名（X509证书签名请求）是否为
有效
我相信我知道该怎么做（如下），但不确定我的理解是否正确，如果有人可以检查/纠正/确认我的方法，将不胜感激。

I want to check the signature on a CSR (X509 certificate signing request) is valid I believe I know how to do this (as follows) but not certain if my understanding is correct and would be very grateful if someone could check/correct/confirm my method.

我正在使用PowerShell（但也了解C'＃的基本概念）
硬盘上有一个文本文件，该文件基本上是base64编码的CSR，称为csr.txt

I am using PowerShell (but understand the basic concepts of C’# too) I have a text file on my hard drive which is basically a base64 encoded CSR called csr.txt

因此在PowerShell中，我将执行以下操作

So in PowerShell I do the following

$ CSR =获取内容c：\temp\csr.txt –原始
$ RequestComObj =新对象-ComObject X509enrollment.CX509CertificateRequestPkcs10
$ RequestComObj.InitializeDecode（$ CSR，6）

$CSR = get-content c:\temp\csr.txt –raw $RequestComObj = New-Object -ComObject X509enrollment.CX509CertificateRequestPkcs10 $RequestComObj.InitializeDecode($CSR,6)

现在我有了CSR它的CheckSignature方法需要在构造函数中使用Pkcs10AllowedSignatureTypes，当我查看此方法时，我看到有两个十六进制值表示可能的选项

Now I have the CSR there is a CheckSignature method on it which requires a Pkcs10AllowedSignatureTypes in the constructor, when I look into this I see there are two hex values representing the possible options

AllowedKeySignature = 0x1
AllowedNullSignature = 0x2

AllowedKeySignature = 0x1 AllowedNullSignature = 0x2

根据我到目前为止的阅读/尝试，我可以向构造函数传递两个值之一，即SHA1的0x1或SHA2的0x2（例如，SHA256）
因此，我的问题是我是否使用SHA1签名了CSR，并且我想检查此SHA1签名（如果最后一部分有效）

From what I have read/tried this far I can pass the constructor one of these two values either 0x1 for SHA1 or 0x2 for SHA2 (SHA256 for example) Therefore my question is if I have a CSR signed using SHA1 and I want to check this SHA1 signature if valid the last part of my script should look like this?

$ RequestComObj.CheckSignature（0x1）

$RequestComObj.CheckSignature(0x1)

或者可能只是

$ RequestComObj.CheckSignature（1）

$RequestComObj.CheckSignature(1)

如果已签名CSR SHA2，我将使用

If the CSR is signed SHA2 I would use

$ RequestComObj.CheckSignature（0x2）

$RequestComObj.CheckSignature(0x2)

或者可能只是

$ RequestComObj.CheckSignature（2）

$RequestComObj.CheckSignature(2)

当我尝试上述PowerShell时，不会向控制台返回任何内容（假设CSR已相应签名），这对于PowerShell是正常的，即如果没有错误什么都不返回。

When I try the above PowerShell does not return anything to the console (providing the CSR is signed accordingly) which is normal for PowerShell i.e. if no error return nothing.

以上是否正确？例如有效，用于检查签名，因为我认为是

Is the above correct? e.g. valid for checking signatures as I think it is

感谢所有

__ AUser

我正在编辑我的问题以回答以下答案（太大而无法发表评论）

您好vcsjones和Crypt32

Hello vcsjones and Crypt32

非常感谢你们双方抽出宝贵时间回答我的问题（COM> CRL包装器和错误屏蔽对我的更广泛的了解非常有帮助。）

Thanks very much to both of you for taking the time to reply to my question (the COM > CRL wrapper and error masking was very helpful to for my broader understanding).

因此，如果我正确理解了您的情况（请原谅我不是程序员/开发人员），如果我使用上面的0x1仅检查Digest（例如Hash）是否为SHA1且确定，并且不检查签名是否为该摘要的正确签名？换句话说，可能有一个有效的签名，但是对于不同的摘要，如果使用0x1，它仍然会通过

So if I understand you correctly (forgive me I am not a programmer/developer) if I use 0x1 as above it only checks if the Digest (e.g. Hash) is SHA1 and OK and does NOT check if the signature is the correct one for that digest? in other words it may be possible to have a valid signature but for a different digest and it would still pass if using 0x1

请问我上面的理解正确吗？

Is my understanding above correct please?

如果是的话，这是否也意味着使用上面的0x2会旧检查摘要是否为SHA2，而不是签名实际上属于该摘要？

if so does this also mean using 0x2 above would old check is the digest is SHA2 and not that the signature actually belongs to that digest?

您上面提到的
而不是使用 CheckSignature（），我应该使用KeySignature

Also you mentioned above rather than using CheckSignature() I should use KeySignature

上面的$ RequestComObj PowerShell对象的成员，我看不到名为 KeySignature 的成员（除非它被埋得更深），但我看到以下收集的COM成员

When I look at the members of the $RequestComObj PowerShell object above I do not see a member called KeySignature (unless it is buried further down) rather I see the following collecting of COM members

Type                        : 1
EnrollmentContext           : 1
Silent                      : False
ParentWindow                :
UIContextMessage            :
SuppressDefaults            : False
ClientId                    : 9
CspInformations             :
HashAlgorithm               : System.__ComObject
AlternateSignatureAlgorithm : False
TemplateObjectId            :
PublicKey                   : System.__ComObject
PrivateKey                  :
NullSigned                  : False
ReuseKey                    : False
Subject                     : System.__ComObject
CspStatuses                 :
SmimeCapabilities           : False
SignatureInformation        : System.__ComObject
KeyContainerNamePrefix      :
CryptAttributes             : System.__ComObject
X509Extensions              : System.__ComObject
CriticalExtensions          : System.__ComObject
SuppressOids                : System.__ComObject
PolicyServer                :
Template                    :
AttestPrivateKey            : False
EncryptionAlgorithm         :
EncryptionStrength          :
ChallengePassword           :
NameValuePairs              : System.__ComObject
ClaimType                   :
AttestPrivateKeyPreferred   : False

计算出我可以使用以下方法获得签名和公钥的Base64编码版本

From the above I worked out I can obtain a Base64 encoded version of the Signature and the Public Key using the following methods

$RequestComObj.Signature()

ysZ//Y3EvJnCy3UoBwhZlIoIh7w733+kocDJ9i3+jMdpFu/2YEF6jQQ3UZ8vbrdC
eq6ORbL9yZX2LlBM/H5w30in/ipM9KR3Ynv1ssc0eLyCNL5HILxdgREAFqpTDM6F
3XFpRtzffHs0C5czrIgDmncncKLsUeRVtd4Z9QfP7NnFoiUaquKLFou0ANn7X5cK
LLe9nzYsi9/fuAj6gQAgBTKWWY17ke8nFlPtQsQlxP3nIPLEpDVDZCcvTRcgaamA
xwKsf4isW1zjHkv6pvMEtjuxkrX0/Y91VuPx2WnbciFmpYIH9cE1oKG3L3J34w6d
mcHwPy0EmPZ8bJjL9hiBMA==


$RequestComObj.PublicKey.EncodedKey()

MIIBCgKCAQEAlQdqVHQgzd1uJ9MFb935Vfyg1Y1mZXn4OMwJudOhEzx7m1+4C8lD
OXn5hglHG0FFad+KkLok/GcAzdc2iwBOholJ2MYPXCnfkJLYXHLRj+CKRvhCHWJO
XkQQQ0apdXh1MhiDBD/BIKqmMm54XLFhZqjQiNeIVHFb9GS06Ps/xuOWzqY54xSM
/047nzYNU50FrTHuBCiqtJtHpKtdrCWyhWi7was0noCx/XGm6g8nVnzPTQCSeAPp
6mSt4kSMtdoVZYg1n5pmMW+QYAero/UWrbNp1WlkpUH4s96H6pUrbF7RIkXpCwWo
cxBHAXVcMst2HYvwstAETxvqeKTOvVEEAQIDAQAB

所以现在我想我拥有CSR，我具有签名以及我从这三部分信息中获得的公钥，我必须能够检查CSR上的签名是否有效？

So now I am thinking I have the CSR, I have the signature and I have the public key from these three pieces of information I must be able to check if the signature on the CSR is valid?

如果您愿意的话，我只是需要一些代码方面的帮助，所以找到了C＃，因为我可以将其与PowerShell等配合使用。

I just need a bit of help with the code if you would be so kind please, C# is find as I can use this in line with PowerShell etc.

再次非常感谢

__ AUser

推荐答案

从到目前为止的阅读和尝试中，我可以向构造函数传递以下两个值之一：SHA1为0x1，SHA2为0x2（例如SHA256）。

From what I have read and tried thus far, I can pass the constructor one of these two values: either 0x1 for SHA1, or 0x2 for SHA2 (SHA256 for example).

那并不完全正确。 CheckSignature 带有一个参数，该参数指示允许的签名类型，必要时可以按位组合。

That's not entirely correct. CheckSignature takes a parameter that indicates what kind of signatures are allowed, and can be bitwise-combined if necessary.

如果使用 NullSignature ，则您根本不需要验证签名，正在验证的只是CSR的摘要。如果使用 KeySignature ，则将根据用于验证CSR的公钥验证CSR的签名。

If NullSignature is used, then you aren't verifying the signature at all, all that is being validated is the digest of the CSR. If KeySignature is used, then the CSR's signature is validated against the public key that is used to verify the CSR.

除非明确需要不验证不对称签名，否则应该始终将 0x01 传递给 CheckSignature 。

You should always be passing 0x01 in to CheckSignature unless you have a clear need to not validate the asymmetric signature.

这篇关于检查CSR的签名（X.509证书签名请求）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！