本文介绍了使用RSA签名DTLSv1.0证书验证消息的内容的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在使用 DTLS v1.0 与服务器进行通信。我在弄清楚究竟该怎么做才能生成证书验证消息时遇到了一些麻烦。我一直在阅读 RFC (和(基于DTLS v1.0的)),但它们

I'm using DTLS v1.0 to communicate with a server. I'm having some trouble figuring out exactly what to do to generate the certificate verify message. I've been reading the RFCs (DTLSv1.0 and TLS1.1, which DTLS v1.0 is based on) but they're somewhat non-specific when it comes to this particular message.

我看到消息的结构如下,我知道签名类型为 RSA

I see the structure of the message is as below, and I know the signature type is RSA.

struct {
       Signature signature;
} CertificateVerify;

签名类型在7.4.3中定义。

The Signature type is defined in 7.4.3.

CertificateVerify.signature.md5_hash
      MD5(handshake_messages);

CertificateVerify.signature.sha_hash
      SHA(handshake_messages);


根据我所读的内容,这似乎是一个串联 sha1 哈希和 md5 哈希中所有以前发送和接收的消息(直到此消息除外)的值然后签名 RSA

Based on what I've read it seems to be a concatenation of the sha1 hash and the md5 hash of all the previous messages sent and received (up to and excluding this one) and then RSA signed.

让我有些困惑的是如何将消息组装为哈希他们。

The piece that's got me a bit confused though is how to assemble the messages to hash them.

是使用每个片段还是使用重新组合的消息?另外,它使用消息的哪些部分?

Does it use each fragment piece or does it use the re-assembled messages? Also, what parts of the messages does it use?

TLS 1.1的RFC表示

The RFC for TLS 1.1 says

但是DTLS特定部分如 message_seq fragment_offset fragment_length ,是否包含它们?

but what about the DTLS specific parts like message_seq, fragment_offset, and fragment_length, do I include them?

更新:
我曾尝试做为显示(表示使用所有握手字段(包括 DTLS 特定字段)将消息分段,不包括最初的客户Hello Hello验证请求消息),但我仍收到错误签名。我确实认为我已经正确签名,所以我认为我将数据以不正确的方式串联在一起。

UPDATE:I have tried doing as the RFC for DTLS 1.2 shows (meaning keeping the messages fragmented, using all the handshake fields including DTLS specific fields, and not including the initial Client Hello or Hello Verify Request messages) but I am still receiving "Bad Signature". I do believe I'm signing properly, so it's my belief that I'm concatenating the data improperly to be signed.

推荐答案

对于DTLS 1.2,已定义。阅读RFC 4347时,我的印象是RFC 6347没什么不同,它澄清了计算。

For DTLS 1.2 it is defined. And reading RFC 4347, my impression is, RFC 6347 doesn't differ, it clarifies the calculations.

这篇关于使用RSA签名DTLSv1.0证书验证消息的内容的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-24 12:45