“手动”验证证书

信息安全 证书
2021-08-24 05:56:46

我想“手动”验证证书,这样做的第一步是访问 paypal.com 并获得以下 RSA 模数和签名值。

modulus = 'c0f8ac40a691bbee111561e7e13e5051e7a84341f953a2974dd5e911f8ef7420e10094230c0e2ac07c39d78cc1720ad5215fdcdb6c94b2bf9106705867fadd94289918f4f491561a97db6c5c9c8115fbd2dead97300cc1839235ef581e3fb1b8e956cc0577d5900a07d73343eceec070d8dbef3e38a098042efca66a5990cd3adf98ded13e3a2c7c626b4330a73004d3d14a7de3222dd489afe7209abd6ac863522672e4a350cc531da4720f78ed9e9d9a042fa385fa19609f1adae33afa3e61d20629684b0bab98a5156a6fb07a0a6b56508addbfa7fc84f7ee94a0202e24760946270730dbf711d64cb7bc558b930a1425fb1fe64e9871ee66274378bd2051'

signatureValue = 'a140021a1b18b80304b7ee36d18faaf7b2a918119f443c3ee66245b844757b7a7af4a02c159441b9f25b0632426d8df25a0aa7353bc5fa4943be8938f7d83c239d7eddfa3fc1d44e5fe7f27a8afed16f0dbfb43fb4d43727981909aa0d4f8c9839d4f6c32b303b31cb69026134d71395bc72d25121ddfdd2d383278690788d509a911bce465534143d911b8a071a1349aad849739e1fe72be5be15e2e5a73d84777c9fe1bce9d4ba408fd05af920d845e6d3fea1b922cfd81bedcfa0926d2fad79f54655e8b486f16f94cfd95646961b226f417962f4c9d0775161f829211a038949a189dbf3cce3bcf31a9dce2ea8788cc11b34ba1b90874b919d85f6360c0f'

模量

签名值

使用 python 我计算了签名 ** e mod 模数,如下: 在此处输入图像描述

从我在这里读到的,这个计算的结果应该有结构:1fffff..ffff + some_bytes + hash_value,但我的结果没有这种形式。其实结果是:

s ** e mod n = '0x8b6c4d9e87f31da82b2a886cb66daa159cae517ce5370ba8f9aa1f41b7192e02dd9137695871682b65f15d6a71d84b2de0e841ff8ae3b7b20697064e8a18a4f51c4aad77503bc84f9a453d85e1c9f2591115573523c0060a5b5cff838a18bd21deb32d799a9c8f06508546fe07247ea869456bdf54b4d9a84c94975d87c94cd496df0adbddce92d78bf756106eb09148bd1db319a7a3d28dd099316f997e7014c14644f0bf20a0bff22cb3f529fce3d5292aeea73bf18b400a94a14e952d7250792a0f55278c7523c80e29510ab38e9bc200ac56d458174e31e56559a847bc8e25bc5719230f79799840dd6cbbc9f012acdd96c20d5a0bab1b985b0bb84b353dL'

有谁知道为什么上面的计算没有表格1ffff..fff + bytes

1个回答

事实上,您使用错误的公钥来解码签名。

作为 PKI 的一部分,paypal 证书由名为“Symantec Class 3 EV SSL CA - G2”的发行者签署。如果您使用浏览器显示证书,您应该会看到它。

您也可以在证书中找到他们的公钥:

daecc56a361186db2021a3ec4c21fd0fc55c3abeeca26e980e82996b7a7aeb6ef225c92d60205dd62be6dd99d9f1545c769b0bf92742247cead4e63c2ace239ffb78c91544f4562c55ce56b730f04989fe0dd86e017c61d34499665e9648188709c8c349e935ecbb4c7a159155ed6080950bd718f3a74be6e8740c2e6b45f417f9cbbf5456ee36d44ee6cfad1f4d7d8fb35535dd62d26e54859e45537aee6096227fb81aaf6fa00ea68e13b685a1cc5c8c9ead1d71b80894e6cebc38d0d1e93f7143fb9723a86cf431dc023bde2955f2a0be1e216caf1a5cdf6a3764029ad05171a57fba69c52c8967703b130572ed2123102b232a1aae3a0964237a276212d1

使用此模数,您将计算 :hex(s, e, n)为 :

0x1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff003021300906052b0e03021a05000414e80a2b06b2b3c004b770831bdb9429f0e631376f
其它你可能感兴趣的问题
上一篇element.setAttribute在什么情况下可以允许XSS? 下一篇嵌入式设备上的 AES 加密:这可以安全吗?