sha1withRSA md5withRSA分析
sha1withRSA哈希算法分析
2017年記
? 偶然翻到14年寫的這篇文章,覺得文章寫的比較模糊,再來補(bǔ)充說明下。
簡介
sha1withRSA哈希算法的原理跑剖析,sha1withRSA算法的本質(zhì)是 15字節(jié)算法標(biāo)識 + 20字節(jié)哈希值
請結(jié)合這篇文章
惡心的openssl。。。
2014原文
參考資料
? http://stackoverflow.com/questions/7646259/can-any-one-tell-what-i2d-x509-sig-function-do
? http://www.cnblogs.com/adylee/archive/2009/08/03/1537813.html
提問帖子
can any one tell what i2d_X509_SIG() function do..?
i am using openssl 0.9.8g. inside RSA_verify() function decrypoted data is given to the d21_X509_SIG function. what does this function do and why we are doing this step while signing and verifying the signature
我正在使用openssl (0.98g 版本)中的RSA_verify()函數(shù),發(fā)現(xiàn)解密后的數(shù)據(jù)傳遞給了d2i_x509_sig函數(shù),這個函數(shù)做了什么呢?為什么我們簽名、驗簽的時候需要調(diào)用這一個步。(譯者:翻譯的不好,各位看官見笑了 --2014年 jiftle)
openssl
asked Oct 4 '11 at 10:08
1 Answer
The signature is actually not just for the hash (e.g. SHA-256), but for a data structure containing the hash plus some metadata (which hashing algorithm, some parameters and the hash length).That's why after decrypting, the data is decoded into a X509_SIG object and the actual comparison against the reference only performed on sig->digest->data.
這個簽名事實上不僅是哈希(例如,SHA-256),而是一個哈希加上一些數(shù)據(jù)元素(哈希算法、一些參數(shù)和哈希長度)。這就是為什么解密到X509_SIG結(jié)構(gòu)的和
sig->digest->data的數(shù)據(jù)不一致。
Daniel Beck1,26311322
示例數(shù)據(jù)一
-------------------------------------------------------------------------------------------------------------------------------------------
哈希算法:sha1
簽名
3eda2b913d484b2ec347fe68200f25aadc041e1d199e1f288178bcbd08ad8d7009c17ac44d4de88286b8430553ba61948d317d1c06bd9b3359a08a57e9ce22503e982840b8b6e392ba4d793c5a3012f42edc88daf92376c1efe099ba4f9a045b1fe26c80290bcafe93f438aa2854eb89398896686b6f08932c7c26e7463154920bfeb75726cae1fdba3d26f2a11313def6b4b2c4cf8716c50403c0c928affda0652671dcd5cc66c72fd89d635850179dafe0adfb211e470ac5c9ee39ff012b44d0a9b707f96356f6f1e0ecb85a8ed18951bec317d30af0fa7998dc946123b7e2900600f65e2d66d089602c7b2aae713b55f9575a69ac4011080c24b877ad60bb
公鑰數(shù)據(jù)
3082010a0282010100a01ba9a2d772a1959533752c64f5cee4b5534e14c605b297bcbc23c6d4e9d083ffc3238c95a2c881f989106fec5dc4427ffb4b9358d6ded2ae7d87b8e447b597c921ae6054c77a2545283778d297ade3b15e77df0cd2eba51e8224ff0ca5c970a0e170134195e9c99ba4568f9c7295343c442447015e40d867f2db8a47ac56f7ec4e3596c3bc04e7c9e0a7a58f0ff3070b681017e45fea4f55a0e6e5ff28169f66b4b2da919229427be4be6c7ddb4c69270399bf0e3d990f67e116ddce96f7af323eb8373cf81d6c6118d2c32fffb16ff3d055e4cf1276a0a9e172fb6a17f016638ecf855c6e05b41253af84916c3da54de4a673d1ffe6c44b343fa367ba890f0203010001
解密結(jié)果
0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff003021300906052b0e03021a050004149bb631ae07153885e2d3ae693f0ff86ebf5d6f51
3021300906052b0e03021a050004149bb631ae07153885e2d3ae693f0ff86ebf5d6f51(15字節(jié) + 哈希值20字節(jié))
sha1哈希值應(yīng)該是20字節(jié)
數(shù)據(jù)拆分(ASN.1 結(jié)構(gòu))
3021300906052b0e03021a05000414 ? ? ? ? ? ? ? ? ?15字節(jié) ? 摘要算法標(biāo)識
9bb631ae07153885e2d3ae693f0ff86ebf5d6f51 ? ?20字節(jié) ?sha1哈希值
----------------------------------------
30 21 30 09 06052b0e03021a 05 00 04 14 ? ? ? ? ? ? ? ? ?15字節(jié)
30(類型Sequence) 21(總長度) 30(類型Sequence) 09(長度) 06052b0e03021a 05(類型NULL)00(長度為0) ?04(類型字符串) 14(長度)?
9bb631ae07153885e2d3ae693f0ff86ebf5d6f51(20字節(jié)哈希值)
示例數(shù)據(jù)二
----------------------------------------------------------------------------------------
為了驗證X509_sign調(diào)用PKCS#11接口的情況,自己實現(xiàn)了一個PKCS#11的包裝殼(68個導(dǎo)出函數(shù)),實現(xiàn)時注意C_GetFunctionList應(yīng)該指向本包裝殼的函數(shù),不然錯誤的使用實際的C_GetFunctionList作返回結(jié)構(gòu)便也就失去意義了。X509_sign的調(diào)用方式還是不同的,java中如果使用SHA1WithRSA傳入到PKCS#11接口的C_Sign或者C_SignUpdate的數(shù)據(jù)是完整的明文,但是X509_sign傳入的是一個ASN.1 Sequence的一個結(jié)構(gòu),結(jié)構(gòu)中包含待簽名數(shù)據(jù)的摘要散列。
舉例來說:
?
待加密的數(shù)據(jù)是Hello World! ,在C_Sign傳入的數(shù)據(jù)中就可以發(fā)現(xiàn)Hello World!的SHA-1的摘要散列。
待加密:Hello World!
SHA-1: 2EF7BDE608CE5404E97D5F042F95F89F1C232871?
C_Sign:
30 21 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 2e f7 bd e6 08 ce 54 04 e9 7d 5f 04 2f 95 f8 9f 1c 23 28 71?
使用ASN.1dump來觀察就看的更加清楚了。
帖子截圖:
總結(jié)
以上是生活随笔為你收集整理的sha1withRSA md5withRSA分析的全部內(nèi)容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: Openssl和PKCS#11的故事
- 下一篇: SSL应用系列