（SSL固定）设备上的公钥CA如何检查服务器的证书 [英] (SSL Pining) How can a Public Key CA on a Device check the server's certificate

问题描述

我的设备上的CA如何检查数字签名是真实的还是假的？如果黑客获得了我的数字签名，他们可以将我的数字签名和他们自己的公共密钥结合起来并将证书发送给客户端吗？如果是这样，客户端如何知道证书不是来自正确的服务器？

How CA on my device check that a digital signature is genuine or fake?. If a hacker gets my digital signature, can they combine my digital signature and their own public key and send the certificate to a client? If so, how can a client know that the certificate does not come from the right server?

结论：我想知道从服务器检查数字签名的方法。他们如何使用CA的公共密钥从服务器检查数字签名？

Conclusion: I want to know the method of checking the digital signature from Server. How can they use CA's public key checking Digital signature from the Server?

谢谢您的回答。

推荐答案

自第一个答案以来，我已经对其进行了进一步更新，以添加更多详细信息和清晰度。

证书颁发机构（CA）和证书的背景证书

1. 证书颁发机构或CA为个人或企业实体颁发证书。 CA形成一个层次结构，其中最上方是根CA


2. 证书不能被攻击者篡改，因为证书是由颁发CA的证书进行数字签名的。


3. 根CA拥有自签名证书


4. 根CA签署下一级中间CA证书


5. 根CA证书和其他各种全球认可的证书CA证书存储在浏览器，操作系统或应用程序的受信任密钥存储中


6. 中间CA可以颁发其他中间CA证书以创建链


7. 证书链包含到受信任的根CA的最终证书，包括中间的所有中间CA


8. 要成功验证证书，验证代理必须从证书所有者那里获得链证书，或者在其受信任的密钥存储区中拥有最终证书

1. Certificate Authorities or CAs issue certificates for individuals or business entities. CAs form a hierarchical structure where at the top, there is Root CA
2. Certificates cannot be tampered by the attackers because the certificates are digitally signed by the certificate issuing CA
3. Root CA has self-signed certificates
4. Root CA signs next-level intermediate CA certificates
5. Root CA certificate and various other globally recognized CA certificates are stored in trusted key store of browsers, operating systems or applications
6. Intermediate CA may issue other intermediate CA certificates creating a chain
7. Certificate chain contains the end certificate to the trusted Root CA including all intermediate CAs in the middle
8. For successful verification of a certificate, the verifying agent must either get the chain certificate from the certificate owner, or, have the end certificate in its trusted key store

数字签名提供：

数字证书用于对文档进行数字签名。证书与签名文档一起发送，因此收件人可以验证签名文档的真实性和完整性。

Digital certificates are used to digitally sign documents. The certificate is sent along with the signed document, so that the recipient can verify the authenticity and integrity of the signed document.

对消息进行数字签名意味着使用预定义的算法计算消息的哈希（单向），然后使用证书所有者的私钥对哈希进行加密。因为，除了拥有者本人之外，没有人应该知道证书的私钥，因此没有其他人可以产生可以用证书的公钥解密的相同签名。

Digitally signing a message means computing a hash (one-way) of the message using a pre-defined algorithm and then encrypting the hash with the private key of the certificate owner. since, no-one is supposed to know the private key of the certificate other than the owner himself/herself, no-one else can produce the same signature that can be decrypted with the public key of the certificate.

因此，数字签名提供了三项内容：

Digital signature thus provides 3 things:

1. 身份验证-通过验证数字证书（使用证书链（如上面提到的证书链）），收件人知道邮件确实是由受信任方发送的

1. Authentication - By verifying the digital certificate (using the certificate chain as mentioned above), the recipient knows that the message has been indeed sent by a trusted party

不可否认性-邮件发件人以后无法拒绝消息不是由它发送的，因为没有其他人拥有消息发送者的私钥，因此没有其他人可以使用相同的私钥对消息签名

Non-Repudiation - The message sender cannot deny later that the message was not sent by it, because nobody else has the private key of the message sender and therefore nobody else can sign the message with the same private key

完整性-由于收件人计算的接收消息的哈希值与发件人发送的哈希值（使用发件人的公钥解密后）相同，因此可以证明客户端已收到使用与发件人发送的邮件完全相同的邮件，否则，如果邮件被蓄意的攻击或无意的网络错误篡改，则哈希值将有所不同。

Integrity - Since the hash of the received message computed by the recipient is the same as the hash (after decryption using sender's public key) sent by the sender (after decryption using sender's public key), it proves that the client has received the exact same message as sent by the sender, otherwise if the message has been tampered by a deliberate attack or an unintentional network error, the hashes would have been different.

数字签名创建
数字签名由

Digital Signature Creation Digital signature is created by

创建
• 使用散列函数计算消息的散列（签名所有者希望发送给对方）


• 使用私钥对散列进行加密

签名验证

任何经过数字签名的文档的收件人都希望验证签名以确保文档的真实性和完整性。验证可以通过以下方式完成：

Any recipient of a digitally signed document would want to verify the signature to ensure the authenticity and integrity of the document. Verification can be done in the following way:

1. 使用相同的散列函数计算消息的散列

1. Compute the hash of the message using the same hashing function

使用发送者的公钥（证书中可用）解密签名

Decrypt the signature using the public key (available in the certificate) of the sender

计算出的哈希值并且解密的哈希应该相同

The computed hash and the decrypted hash should be the same

因此，只要证书私钥没有受到破坏，它就是健壮的机制。

Therefore as long as the certificate private key is not compromised, it is a robust mechanism.

一些技术细节

关于证书的两个重要标准是： X.509 和 PKCS12 。详细信息可以在链接的Wikipedia页面中找到。

Two important standards with respect to certificates are: X.509 and PKCS12. The details can be found in the linked Wikipedia pages.

使用Java keytool 实用程序，任何人都可以创建自签名。但是，除非收件人将证书添加到其设备信任存储中，否则此类证书或签名将不会在任何地方被信任。

Using the Java keytool utility anyone can create a self-signed signature. However, such certificates or signature will not be trusted anywhere unless the recipient add the certificate in their device trust store.

这篇关于（SSL固定）设备上的公钥CA如何检查服务器的证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！