1

so here is my test setup, I write something "hello world", created its hash, created signature of hash from private key, then using this openssl command, i can get same hash from which signature was generated

openssl rsautl -verify -inkey pubkey.pem -pubin -keyform PEM -in signature

Next I downloaded stackexchange.com public certificate, extracted signature from certificate, decrypted signature from CA (Let's Encrypt) public key, that is OK but result don't match hash of stackexchange public certificate. what I'm doing wrong?

Farrukh
  • 11
  • 2

1 Answers1

1

The thumbprint is calculated over the entire certificate (TBS and signature), while the signature of a certificate is created against the TBSCertificate structure which is a part of the X.509 certificate.

Ref: RFC5280.

Certificate  ::=  SEQUENCE  {
     tbsCertificate       TBSCertificate,
     signatureAlgorithm   AlgorithmIdentifier,
     signature            BIT STRING  }

TBSCertificate  ::=  SEQUENCE  {
     version         [0]  Version DEFAULT v1,
     serialNumber         CertificateSerialNumber,
     signature            AlgorithmIdentifier,
     issuer               Name,
     validity             Validity,
     subject              Name,
     subjectPublicKeyInfo SubjectPublicKeyInfo,
     issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
                          -- If present, version MUST be v2 or v3
     subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
                          -- If present, version MUST be v2 or v3
     extensions      [3]  Extensions OPTIONAL
                          -- If present, version MUST be v3 --  }

So you need to compare the hash embedded in the signature with the hash of the TBSCertificate portion.

Community
  • 1
Crypt32
  • 5,750
  • 12
  • 24
  • For an example using openssl, see https://security.stackexchange.com/questions/127095/manually-walking-through-the-signature-validation-of-a-certificate – dave_thompson_085 Apr 17 '20 at 03:11