从SSL证书提取物系列 [英] Extract Serial from SSL Certificate

问题描述

一个客户端和服务器持有匹配的证书。

A client and server hold a matching certificate.

在服务器发送的通信，它代codeS串行证书中号码并将其传递到客户端。然后，客户机可以从证书的副本获得的序列，并比较其与由服务器psented所述一个$ P $。这些应该相匹配。

When the server sends a communication, it decodes the serial number in the certificate and passes that to the client. The client can then obtain the serial from its copy of the certificate and compare that with the one presented by the server. These should match.

重新显示为证书中的串行presentation的字符串如下： -

The string representation of the serial in the certificate is displayed as follows: -

58 17 9B 11 9E 0E F3 86 4A 41 DF A2 EE 60 92 08 58 17 11 9B 9E 0E F3 86 4A 41 DF A2 EE 60 92 08 的

在Windows服务器提取的方法字节：<一href="http://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509certificate.getserialnumber(v=vs.110).aspx"相对=nofollow> X509Certificate.GetSerialNumber 。提取出的字节被认为是： -

The Windows server extracts the bytes with the method: X509Certificate.GetSerialNumber. The bytes extracted are seen to be: -

8 146 96 238 162 223 65 74 134 243 14 158 17 155 23 88 8 146 96 238 162 223 65 74 134 243 14 158 17 155 23 88 的

在OS X（客户端），使用的核心基础功能<一href="https://developer.apple.com/library/mac/Documentation/Security/Reference/certifkeytrustservices/index.html#//apple_ref/c/func/SecCertificateCopySerialNumber"相对=nofollow> SecCertificateCopySerialNumber ，提取的字节的回报： -

On OS X (the client), using the Core Foundation function SecCertificateCopySerialNumber, the bytes extracted return: -

88 23 -101 -09 14 -13 -122 74 65 -33 -94 -18 96 -110 8 88 23 -101 -98 17 14 -13 -122 74 65 -33 -94 -18 96 -110 8 的

显然，这些不匹配。此外，使用Qt，它有可能使用 QSslCertificate 并获得串行致电的serialNumber（）。然而，这将返回以下字节： -

Clearly, these do not match. In addition, using Qt, it is possible to use QSslCertificate and obtain the serial by calling serialNumber(). However, this returns the following bytes: -

53 56 58 49 55 58 57 98 58 49 49 58 57 101 58 48 101 58 102 51 58 56 54 58 52 97 58 52 49 58 100 102 58 97 50 58 97 97 58 54 48 58 57 50 58 48 56 58 53 56 58 49 55 58 57 98 58 49 49 58 57 101 58 48 101 58 102 51 58 56 54 58 52 97 58 52 49 58 100 102 58 97 50 58 97 97 58 54 48 58 57 50 58 48 56 的

这是怎么回事，为什么没有一个字节数组匹配了，我怎么能提取串行从Windows服务器匹配OSX上的序列号？

What is going on here, why do none of the byte arrays match up and how can I extract the serial number on OSX that matches the serial from the Windows server?

推荐答案

字符串，无符号的字符，十六进制再presentation

String, unsigned chars, hexadecimal representation

58 17 9B 11 9E 0E F3 86 4A 41 DF A2 EE 60 92 08 58 17 9B 11 9E 0E F3 86 4A 41 DF A2 EE 60 92 08

Windows中，无符号的字符，小数重presentation逆序

Windows, unsigned chars, decimal representation with reverse order

8 146 96 238 162 223 65 74 134 243 14 158 17 155 23 88 8 146 96 238 162 223 65 74 134 243 14 158 17 155 23 88

OS X，签个字符，小数重presentation

OS X, signed chars, decimal representation

88 23 -101 -09 14 -13 -122 74 65 -33 -94 -18 96 -110 8 88 23 -101 17 -98 14 -13 -122 74 65 -33 -94 -18 96 -110 8

这三个重presentation等于彼此

All three representation equals with each other

这篇关于从SSL证书提取物系列的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！