SSL证书签名验证 [英] SSL certificate signature verification

问题描述

我正在尝试手动验证嵌入式板上的证书，因为它不支持Openssl或其他库。但是，它确实具有用于MD5和SHA1哈希以及RSA加密的库。

I'm trying to verify certificate on an embedded board manually because it doesn't support Openssl or other libraries. However it does have libraries for MD5 and SHA1 hashes and RSA encryption.

根据我的理解来验证证书，首先计算证书的SHA1哈希（或MD5）；然后使用CA的公钥对签名进行解码，以获取哈希值。这两个哈希值应相同。

From what I understand to verify the certificate, first compute the SHA1 hash (or MD5) of the certificate; then decode the signature using CA's public key to obtain a hashed value. These two hash values should be the same.

SHA1哈希产生20字节的值，而MD5产生16字节的值。但是，签名的RSA解码没有。如果CA的密钥为1024位，则解码签名为80bytes；如果CA的密钥是512位，则解码的签名将是40个字节。因此，我无法真正将20字节的SHA1值与40或80字节的解码签名进行比较。

SHA1 hash produces a 20 byte value and MD5 produces 16 byte value. However, RSA decoding of the signature does not. If the CA's key is 1024 bits, the decode signature will be 80bytes; if the CA's key is 512 bits, the decoded signature will be 40 bytes. So I can't really compare the 20 bytes SHA1 value against the 40 or 80 bytes Decoded Signature.

我做错了吗？还是我错过了一步？

Am I doing something wrong? Or am I missing a step?

推荐答案

缺少的是填充算法。

您将RSA与特定的填充算法配合使用，该算法还告诉您如何获取结果（解密签名时）并从中提取实际数据（哈希）。

You use RSA with a specific padding algorithm, and the same algorithm also tells you how to take the result (when you decrypt the signature) and extract from it the actual data (the hash).

这篇关于SSL证书签名验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！