logo资料库

GMSSL双向认证分析.docx

发布时间:2022-05-31 发布人:admin 分类:说明书 资料大小:0.09M 资料格式:docx 举报 版权申诉
第1页 / 共16页
第2页 / 共16页
第3页 / 共16页
第4页 / 共16页
第5页 / 共16页
第6页 / 共16页
第7页 / 共16页
第8页 / 共16页
资料共16页,剩余部分请下载后查看
    1. Client Hello
    2. Server Hello
    3. Certificate (Server)
    4. Server Key Exchange
    5. Certifcate Request
    6. Server Hello Done
    7. Certificate(Client)
    8. Client Key Exchange
    9. ChangeCipherSpec (Client -> Server)
    10. Finish
    11. ChangeCipherSpec(Server->Client)
    12. Finish
    附A:数据发送接收, 明文和密文的加密关系
    附B: GMSSL源码涉及文件
    CLIENT SERVER TLS 协议 分两层: 1. TLS 握手协议 (身份认证、密钥协商) 2. TLS 记录协议 (数据加密、压缩、发送接收等) 1. Client Hello read from 0xb8880ab8 [0xb888a2e3] (5 bytes => 5 (0x5)) 0000 - 16 03 01 00 7b Received Record Header: ....{ Version = TLS 1.0 (0x301)
    Content Type = Handshake (22) Length = 123 read from 0xb8880ab8 [0xb888a2e8] (123 bytes => 123 (0x7B)) 0000 - 01 00 00 77 03 03 5e 28-01 6a b5 0a fd d0 11 1f 0010 - f4 7e 4d 66 82 67 7d 05-33 a2 70 81 4f e4 62 5d 0020 - 32 d5 c4 98 07 5e 00 00-04 e1 02 00 ff 01 00 00 0030 - 4a 00 0b 00 04 03 00 01-02 00 0a 00 0c 00 0a 00 0040 - 1e 00 1d 00 17 00 19 00-18 00 23 00 00 00 0d 00 0050 - 22 00 20 06 01 06 02 06-03 05 01 05 02 05 03 04 0060 - 01 04 02 04 03 03 01 03-02 03 03 02 01 02 02 02 0070 - 03 07 07 00 16 00 00 00-17 007b - ...w..^(.j...... .~Mf.g}.3.p.O.b] 2....^.......... J............... ..........#..... ". ............. ................ ......... ClientHello, Length=119 client_version=0x303 (TLS 1.2) Random: gmt_unix_time=0x5E28016A (时间戳) random_bytes (len=28): B50AFDD0111FF47E4D6682677D0533A270814FE4625D32D5C 498075E (随机数, 用于后续用伪随机方法散列生产会话过程的对称 SM4 密钥) session_id (len=0): cipher_suites (len=4) {0xE1, 0x02} GMTLS_ECDHE_SM2_WITH_SMS4_SM3 {0x00, 0xFF} TLS_EMPTY_RENEGOTIATION_INFO_SCSV compression_methods (len=1) No Compression (0x00) extensions, length = 74 extension_type=ec_point_formats(11), length=4 uncompressed (0) ansiX962_compressed_prime (1) ansiX962_compressed_char2 (2) extension_type=elliptic_curves(10), length=12 sm2p256v1 (30) ecdh_x25519 (29) secp256r1 (P-256) (23) secp521r1 (P-521) (25) secp384r1 (P-384) (24) extension_type=session_ticket(35), length=0 extension_type=signature_algorithms(13), length=34 sha512+rsa (6+1) sha512+dsa (6+2) sha512+ecdsa (6+3) sha384+rsa (5+1) sha384+dsa (5+2) sha384+ecdsa (5+3)
    sha256+rsa (4+1) sha256+dsa (4+2) sha256+ecdsa (4+3) sha224+rsa (3+1) sha224+dsa (3+2) sha224+ecdsa (3+3) sha1+rsa (2+1) sha1+dsa (2+2) sha1+ecdsa (2+3) sm3+sm2sign (7+7) extension_type=encrypt_then_mac(22), length=0 extension_type=extended_master_secret(23), length=0 .... TLS client extension "EC point formats" (id=11), len=4 0000 - 03 00 01 02 TLS client extension "elliptic curves" (id=10), len=12 0000 - 00 0a 00 1e 00 1d 00 17-00 19 00 18 TLS client extension "session ticket" (id=35), len=0 TLS client extension "signature algorithms" (id=13), len=34 0000 - 00 20 06 01 06 02 06 03-05 01 05 02 05 03 04 01 0010 - 04 02 04 03 03 01 03 02-03 03 02 01 02 02 02 03 0020 - 07 07 TLS client extension "encrypt-then-mac" (id=22), len=0 TLS client extension "extended master secret" (id=23), len=0 .. ............ . .............. ................ 2. Server Hello read from 0xb784d748 [0xb785365b] (5 bytes => 5 (0x5)) 0000 - 16 03 03 00 45 Received Record Header: ....E Version = TLS 1.2 (0x303) Content Type = Handshake (22) Length = 69 read from 0xb784d748 [0xb7853660] (69 bytes => 69 (0x45)) 0000 - 02 00 00 41 03 03 55 1b-fc 47 c4 6f 49 9a 19 fc 0010 - 0b f2 e0 4c 59 ac d2 48-ee 09 18 ce 11 54 e4 5a 0020 - 34 ea 81 bc 37 b2 00 e1-02 00 00 19 ff 01 00 01 0030 - 00 00 0b 00 04 03 00 01-02 00 23 00 00 00 16 00 0040 - 00 00 17 0045 - ...A..U..G.oI... ...LY..H.....T.Z 4...7........... ..........#..... ... ServerHello, Length=65 server_version=0x303 (TLS 1.2)
    Random: gmt_unix_time=0x551BFC47 random_bytes (len=28): C46F499A19FC0BF2E04C59ACD248EE0918CE1154E45A34EA81BC37B2 session_id (len=0): cipher_suite {0xE1, 0x02} GMTLS_ECDHE_SM2_WITH_SMS4_SM3 compression_method: No Compression (0x00) extensions, length = 25 extension_type=renegotiate(65281), length=1 extension_type=ec_point_formats(11), length=4 uncompressed (0) ansiX962_compressed_prime (1) ansiX962_compressed_char2 (2) extension_type=session_ticket(35), length=0 extension_type=encrypt_then_mac(22), length=0 extension_type=extended_master_secret(23), length=0 TLS server extension "renegotiation info" (id=65281), len=1 0001 - TLS server extension "EC point formats" (id=11), len=4 0000 - 03 00 01 02 TLS server extension "session ticket" (id=35), len=0 TLS server extension "encrypt-then-mac" (id=22), len=0 TLS server extension "extended master secret" (id=23), len=0 .... 3. Certificate (Server) 服务端证书,使用 CA 公钥签名。 客户端用 CA 公钥,来验证签名。 验证签名方法: (1)SM3 计算验证签名数据的摘要 用户 ID 的 bit 位长度 00 80 + ID (1234567812345678) + Public Key (p,a,b,n,Gx,Gy)  (Sm3) Digest_temp1; Disgest_temp1 + 验签的数据(证书数据)  (SM3) Digest_Final (2) SM2 验证签名: 应该是用 CA 的公钥,加密 Digest_Final, 然后和签名数据(证书中原签名) 进行比较。 (具体方法是 SM2 Digest 内部实现, 算法未深入研究。)
    GMSSL 源码中的函数 “SM2_do_verify(digest,len,signature,ec_key)” ============= calculate digest data: ============= 30820265a003020102020109300a06082a811ccf55018375308191310b30090603550 4061302434e3111300f06035504080c084c69616f6e696e673111300f06035504070c 085368656e79616e6731153013060355040a0c0c4e6575736f667420436f72 7031153013060355040b0c0c4e6575736f667420436f72703111300f06035504030c0 84e65752e524f4f54311b301906092a864886f70d010901160c6e657540736f66742e 636f6d301e170d3138303832313036323332395a170d323830383138303632 3332395a308181310b300906035504061302434e3111300f06035504080c084c69616 f6e696e6731153013060355040a0c0c4e6575736f667420436f72703110300e060355 040b0c074269616e7a61693113301106035504030c0a4e65752e5365727665 723121301f06092a864886f70d0109011612536572766572406e6575736f66742e636 f6d3059301306072a8648ce3d020106082a811ccf5501822d03420004cf1af7401073 c76e2aa1aecae34afb252b2b76553efcb820d918abae2404b254b275d2e4f4 0034b94a68025aa57316e3a0fb4898db81dd25e40b3915e3fd83c7a381bb3081b8300 90603551d1304023000301106096086480186f8420101040403020640303306096086 480186f842010d042616244f70656e53534c2047656e657261746564205365 72766572204365727469666963617465301d0603551d0e04160414c7e9cc40069ea05 464c782a01a0532d4ac63a5fd301f0603551d23041830168014f0e24ad78212ab26ee 2c1af8448ad4d029146bf4300e0603551d0f0101ff0404030205a030130603 551d25040c300a06082b06010505070301 ============== ID: ============== 31323334353637383132333435363738 ============== Public Key: ============== fffffffeffffffffffffffffffffffffffffffff00000000fffffffffffffffc 28e9fa9e9d9f5e344d5a9e4bcf6509a7f39789f515ab8f92ddbcbd414d940e93 32c4ae2c1f1981195f9904466a39c9948fe30bbff2660be1715a4589334c74c7 bc3736a2f4f6779c59bdcee36b692153d0a9877cc62a474002df32e52139f0a0 15ed4750147f9314fff3417eeb5ee19a42d1f6b4f1c7fd4345d6d84f6f797da1 23ada5ef12a7b22ccce28c57b198b081fed5fee24dbb758398b450c6e5fd9a8e sm3_update, ================= data_len = 2 ================= sm3_update,================= data: ==================== 0080 sm3_update, ================= data_len = 16 ================= sm3_update,================= data: ==================== 31323334353637383132333435363738 sm3_update, ================= data_len = 192 ================= sm3_update,================= data: ==================== fffffffeffffffffffffffffffffffffffffffff00000000fffffffffffffffc28e9f a9e9d9f5e344d5a9e4bcf6509a7f39789f515ab8f92ddbcbd414d940e9332c4ae2c1f 1981195f9904466a39c9948fe30bbff2660be1715a4589334c74c7bc3736a2 f4f6779c59bdcee36b692153d0a9877cc62a474002df32e52139f0a015ed4750147f9
    314fff3417eeb5ee19a42d1f6b4f1c7fd4345d6d84f6f797da123ada5ef12a7b22ccc e28c57b198b081fed5fee24dbb758398b450c6e5fd9a8e sm3_final, ================= digest: ==================== 4e89f8ff c9bb42a8 a857ad07 2a7e95b9 d957b30a 27bfe321 82689508 ddbeda55 sm3_update, ================= data_len = 32 ================= sm3_update,================= data: ==================== fff8894ea842bbc907ad57a8b9957e2a0ab357d921e3bf270895688255dabedd sm3_update, ================= data_len = 617 ================= sm3_update,================= data: ==================== 30820265a003020102020109300a06082a811ccf55018375308191310b30090603550 4061302434e3111300f06035504080c084c69616f6e696e673111300f06035504070c 085368656e79616e6731153013060355040a0c0c4e6575736f667420436f72 7031153013060355040b0c0c4e6575736f667420436f72703111300f06035504030c0 84e65752e524f4f54311b301906092a864886f70d010901160c6e657540736f66742e 636f6d301e170d3138303832313036323332395a170d323830383138303632 3332395a308181310b300906035504061302434e3111300f06035504080c084c69616 f6e696e6731153013060355040a0c0c4e6575736f667420436f72703110300e060355 040b0c074269616e7a61693113301106035504030c0a4e65752e5365727665 723121301f06092a864886f70d0109011612536572766572406e6575736f66742e636 f6d3059301306072a8648ce3d020106082a811ccf5501822d03420004cf1af7401073 c76e2aa1aecae34afb252b2b76553efcb820d918abae2404b254b275d2e4f4 0034b94a68025aa57316e3a0fb4898db81dd25e40b3915e3fd83c7a381bb3081b8300 90603551d1304023000301106096086480186f8420101040403020640303306096086 480186f842010d042616244f70656e53534c2047656e657261746564205365 72766572204365727469666963617465301d0603551d0e04160414c7e9cc40069ea05 464c782a01a0532d4ac63a5fd301f0603551d23041830168014f0e24ad78212ab26ee 2c1af8448ad4d029146bf4300e0603551d0f0101ff0404030205a030130603 551d25040c300a06082b06010505070301 sm3_final, ================= digest: ==================== 35873d11 e7e91774 69bd8d71 51bc9ce6 c161bce8 e8f3102d 92669188 427dfc3e ============ calculated digest: ============== 11 3d 87 35 74 17 e9 e7 71 8d bd 69 e6 9c bc 51 e8 bc 61 c1 2d 10 f3 e8 88 91 66 92 3e fc 7d 42 ============ signature data from cert: ============== 30 45 02 21 00 b8 f8 2c b8 30 e6 0c 19 17 f8 96 09 9e 05 21 4a a0 66 15 a9 29 bb 20 04 93 f4 35 32 19 95 42 97 02 20 38 45 be 98 72 59 b6 39 2b bc c8 88 d9 3c 50 f9 92 a0 51 a3 d4 b8 97 a3 55 73 46 50 e5 f5 66 4f SM2_verify debug| dgst :============ 113d87357417e9e7718dbd69e69cbc51e8bc61c12d10f3e8889166923efc7d42 SM2_verify debug| sig :============ 3045022100b8f82cb830e60c1917f896099e05214aa06615a929bb200493f43532199 5429702203845be987259b6392bbcc888d93c50f992a051a3d4b897a355734650e5f5 664f
    SM2_verify OK! 4. Server Key Exchange 发送数据中包含: 参与验证签名的数据 DATA, 签名 Signature_S (参与签名的数据包含: Client/server 的时间戳和随机数 及 DATA) 客户端对接收的数据,进行 SM3/SM2 验签。 (1) SM3 计算 Digest 用户 IDbit 位长度 00 80 + ID (1234567812345678) + PublicKey  Digest_temp1 Disgest_temp1 +Client (时间戳+随机数,32B) +Server (时间戳+随机数,32B) +参与签名的数据 DATA  Digest_Final (2) SM2 验证签名 SM2 digest is “Digest_Final”, signature is “Signatrue_S”。 Received Record Header: Version = TLS 1.2 (0x303) Content Type = Handshake (22) Length = 149 read from 0xb784d748 [0xb7853660] (149 bytes => 149 (0x95)) 0000 - 0c 00 00 91 03 00 1e 41-04 94 7d c4 a8 a3 ee 89 0010 - 6e e0 e3 f0 b7 2b bf 25-76 18 cb 48 cc 93 56 b7 0020 - aa 8b f6 c5 cc 2d 26 99-63 70 7b 2b ef 20 e3 ee 0030 - 99 9c 5a 68 2f f6 75 6c-1b e4 32 df b1 34 9f 06 0040 - b3 4c fa d0 ab 6c 9c 10-f6 07 07 00 48 30 46 02 0050 - 21 00 9f dc 43 09 fb f6-db 10 df e2 70 ca 9a 60 0060 - e8 ba 3f ee ba cb c3 4e-e6 2b e1 65 82 ec df c6 0070 - de 06 02 21 00 eb a2 18-e3 e4 cf 84 e6 3d 7a 44 0080 - 47 73 92 8f 9a 39 fb 1b-a6 ee 7b 4f be 5e be 97 0090 - ab 8a cf 8f 04 .......A..}..... n....+.%v..H..V. .....-&.cp{+. .. ..Zh/.ul..2..4.. .L...l......H0F. !...C.......p..` ..?....N.+.e.... ...!.........=zD Gs...9....{O.^.. ..... ServerKeyExchange, Length=145 KeyExchangeAlgorithm=ECDHE named_curve: sm2p256v1 (30)
    point (len=65): 04947DC4A8A3EE896EE0E3F0B72BBF257618CB48CC9356B7AA8BF6C5CC2D269963707 B2BEF20E3EE999C5A682FF6756C1BE432DFB1349F06B34CFAD0AB6C9C10F6 Signature Algorithm sm3+sm2sign (7+7) Signature (len=72): 30460221009FDC4309FBF6DB10DFE270CA9A60E8BA3FEEBACBC34EE62BE16582ECDFC 6DE06022100EBA218E3E4CF84E63D7A444773928F9A39FB1BA6EE7B4FBE5EBE97AB8A CF8F04 ============== ID: ============== 31323334353637383132333435363738 ============== Public Key: ============== fffffffeffffffffffffffffffffffffffffffff00000000fffffffffffffffc 28e9fa9e9d9f5e344d5a9e4bcf6509a7f39789f515ab8f92ddbcbd414d940e93 32c4ae2c1f1981195f9904466a39c9948fe30bbff2660be1715a4589334c74c7 bc3736a2f4f6779c59bdcee36b692153d0a9877cc62a474002df32e52139f0a0 cf1af7401073c76e2aa1aecae34afb252b2b76553efcb820d918abae2404b254 b275d2e4f40034b94a68025aa57316e3a0fb4898db81dd25e40b3915e3fd83c7 sm3_update, ================= data_len = 2 ================= sm3_update,================= data: ==================== 0080 sm3_update, ================= data_len = 16 ================= sm3_update,================= data: ==================== 31323334353637383132333435363738 sm3_update, ================= data_len = 192 ================= sm3_update,================= data: ==================== fffffffeffffffffffffffffffffffffffffffff00000000fffffffffffffffc28e9f a9e9d9f5e344d5a9e4bcf6509a7f39789f515ab8f92ddbcbd414d940e9332c4ae2c1f 1981195f9904466a39c9948fe30bbff2660be1715a4589334c74c7bc3736a2 f4f6779c59bdcee36b692153d0a9877cc62a474002df32e52139f0a0cf1af7401073c 76e2aa1aecae34afb252b2b76553efcb820d918abae2404b254b275d2e4f40034b94a 68025aa57316e3a0fb4898db81dd25e40b3915e3fd83c7 sm3_final, ================= digest: ==================== 52748b60 edce63ed 2c8d551b 80d74db0 aca91cb2 ca9ca75a b5a6d765 6d6603e7 sm3_update, ================= data_len = 32 ================= sm3_update,================= data: ==================== 608b7452ed63ceed1b558d2cb04dd780b21ca9ac5aa79cca65d7a6b5e703666d sm3_update, ================= data_len = 32 ================= sm3_update,================= data: ==================== 5e28016ab50afdd0111ff47e4d6682677d0533a270814fe4625d32d5c498075e sm3_update, ================= data_len = 32 ================= sm3_update,================= data: ==================== 551bfc47c46f499a19fc0bf2e04c59acd248ee0918ce1154e45a34ea81bc37b2
    分享到:
    收藏

    相关推荐

    资料库

    移动开发

    共收录1376份资料,累计14个分类,关注成员有19位,主要包括:IOS,Symbian,webOS,WindowsPhone,小程序,Flash,BlackBerry,bada,JavaME,HTML5,iOS,Android,QT,其它

    热门标签

    IOS Symbian webOS WindowsPhone 小程序 Flash BlackBerry bada JavaME HTML5 iOS Android QT 其它

    最新资料