理解HTTPS协议信任关系和加密传输
前言
对于HTTPS安全协议,相信不少人都不陌生。它是基于SSL/TSL安全协议来保护HTTP负载,如果你打开页面曾遇到这样的界面,那么就是HTTPS安全协议在起作用了。这意味着这家站点的证书不可信,有可能是钓鱼网站,浏览器建议你关掉它。
那么HTTPS协议是如何工作的呢?
建立对于站点的信任
HTTPS基于的SSL/TSL协议本质上是基于公钥密码体系的,上图展现了一个站点信任关系建立的过程。这个信任是基于客户端认可的权威,也就是CA,通常是国际证书认证的组织。服务站点需要申请获取由CA签名的证书。然后当客户端向它发起请求时,向客户端提供证书以证明自己的身份。
注意:
这里仅仅是建立客户端对于站点的信任,而非站点对于客户端的信任。大部分情况下SSL/TSL协议只要求建立对于站点的信任,称之为Simple模式,而Mutual模式则是双方相互认证。【3】
客户端信任CA,从工程上来看,即客户端存有CA的证书(或者授予CA签名链上的父证书),通常浏览器安装时会配置一些主要的CA证书。
CA的证书可以是自签名的,也可以由更加上层的CA为其签名。
证书及签名
如果以上的文字描述还是较为抽象的话,可以做一下实验来切身感受签名和证书的长相。
假如你在系统中安装了OpenSSL工具,那么可以用它来生成证书。
比如我的系统中安装了下面版本的OpenSSL工具。
[root@localhost:~] openssl version OpenSSL 1.0.2y-fips 16 Feb 2021
生成自签名的证书
接着我使用OpenSSL生成了一个自签名的证书【1】。
注意:需要输入被签名者的各种身份信息。
$ openssl req -new -x509 -days 365 -out cert.crt
Generating a 2048 bit RSA private key
..........
...............................................................................
writing new private key to 'privkey.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:SH
Locality Name (eg, city) [Default City]:SH
Organization Name (eg, company) [Default Company Ltd]:MyCompany
Organizational Unit Name (eg, section) []:DEV
Common Name (eg, your name or your server's hostname) []:DRL
Email Address []:
来看看证书长什么样。
$ cat cert.crt
-----BEGIN CERTIFICATE-----
MIIDgTCCAmmgAwIBAgIJAJQF63JmwOO0MA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNV
BAYTAkNOMQswCQYDVQQIDAJTSDELMAkGA1UEBwwCU0gxEjAQBgNVBAoMCU15Q29t
cGFueTEMMAoGA1UECwwDREVWMQwwCgYDVQQDDANEUkwwHhcNMjIwNzI4MTIyNjIw
WhcNMjMwNzI4MTIyNjIwWjBXMQswCQYDVQQGEwJDTjELMAkGA1UECAwCU0gxCzAJ
BgNVBAcMAlNIMRIwEAYDVQQKDAlNeUNvbXBhbnkxDDAKBgNVBAsMA0RFVjEMMAoG
A1UEAwwDRFJMMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02w xpNl
DnaNt2fA/kFemrQ3VGsj6PUudo6ZxX2fLXM/9n6uacrUFDt8sPyyFQpwJ4PZ5EaX
jAklLxJpBs8fk72CaQ1ZYoleRqFBwrH/wV2nwcN/3 510At0pnJr0c/ALt9m aD5
N25xmOsqpgdUhTdN/ggCSPScjbtCMWzrhvusbmj2wovbnRPXDWZkJaUcha9BVY9r
7Le3 UDcXUnPOgMqISj1M4h7STLmbZruWi2IjRSyoDps1t1t8ljZR1WP5JxLQvix
23uYkNKU7hSVoOuL8v2i6 hAOyLhbPAaaL qMx2JqYKLmlg8peUoD7AcDHiEu8tL
7z5qarNyoWvX1wIDAQABo1AwTjAdBgNVHQ4EFgQUdtDgyHKhXA1R12i650GWsegp
SqgwHwYDVR0jBBgwFoAUdtDgyHKhXA1R12i650GWsegpSqgwDAYDVR0TBAUwAwEB
/zANBgkqhkiG9w0BAQsFAAOCAQEAZwoG5Ci BhkGLCEVo5S1 IoLJi69qyTHCBx2
cNJ5e37JeHMnqJny3rWFBJpOSdM12f7FUAJN3etYxctdqYmH7g1vh3N/sPVUmuau
T384k5CxbpNUfPidKh2DfWACB/d eg3PsLx8YJRVMP79b4hSbZqg3VGv6x/qjSWs
A2QXBlnhqf0N8ce/8YCkM7GmLHjADeda/Ji5GHQjl2ilpa5ssZhq4asFUbm 3NfS
O1R6oGN3aLyzaDuqkyH1uAhQdvdAtu2yUGowT ARM/Fi5OZzb06JOVMgkKAVXg8M
PLZS ZWDCCimQ/g6jEtS WgQEKoVIIWbOXQFrtOP 8QquSmUtA==
-----END CERTIFICATE-----
这是一个x509格式的证书,有点儿摸不着头脑,是吗?
没关系,让我们继续用OpenSSL解析一下这份证书。
注意:
签名者和被签名者是相同的,说明这是一个自签名的证书。
公钥是被签名者的公钥。
签名是用签名者的私钥对被签名者证书的明文信息进行加密的密文。
$ openssl x509 -in cert.crt -text -noout
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
94:05:eb:72:66:c0:e3:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=CN, ST=SH, L=SH, O=MyCompany, OU=DEV, CN=DRL <<<<<<<<< 签名者
Validity
Not Before: Jul 28 12:26:20 2022 GMT
Not After : Jul 28 12:26:20 2023 GMT
Subject: C=CN, ST=SH, L=SH, O=MyCompany, OU=DEV, CN=DRL <<<<<<<<< 被签名者
Subject Public Key Info: <<<<<<<<< 被签名者公钥的信息
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d3:6c:3e:c6:93:65:0e:76:8d:b7:67:c0:fe:41:
5e:9a:b4:37:54:6b:23:e8:f5:2e:76:8e:99:c5:7d:
9f:2d:73:3f:f6:7e:ae:69:ca:d4:14:3b:7c:b0:fc:
b2:15:0a:70:27:83:d9:e4:46:97:8c:09:25:2f:12:
69:06:cf:1f:93:bd:82:69:0d:59:62:89:5e:46:a1:
41:c2:b1:ff:c1:5d:a7:c1:c3:7f:df:ee:75:d0:0b:
74:a6:72:6b:d1:cf:c0:2e:df:66:f9:a0:f9:37:6e:
71:98:eb:2a:a6:07:54:85:37:4d:fe:08:02:48:f4:
9c:8d:bb:42:31:6c:eb:86:fb:ac:6e:68:f6:c2:8b:
db:9d:13:d7:0d:66:64:25:a5:1c:85:af:41:55:8f:
6b:ec:b7:b7:f9:40:dc:5d:49:cf:3a:03:2a:21:28:
f5:33:88:7b:49:32:e6:6d:9a:ee:5a:2d:88:8d:14:
b2:a0:3a:6c:d6:dd:6d:f2:58:d9:47:55:8f:e4:9c:
4b:42:f8:b1:db:7b:98:90:d2:94:ee:14:95:a0:eb:
8b:f2:fd:a2:eb:e8:40:3b:22:e1:6c:f0:1a:68:bf:
aa:33:1d:89:a9:82:8b:9a:58:3c:a5:e5:28:0f:b0:
1c:0c:78:84:bb:cb:4b:ef:3e:6a:6a:b3:72:a1:6b:
d7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:D0:E0:C8:72:A1:5C:0D:51:D7:68:BA:E7:41:96:B1:E8:29:4A:A8
X509v3 Authority Key Identifier:
keyid:76:D0:E0:C8:72:A1:5C:0D:51:D7:68:BA:E7:41:96:B1:E8:29:4A:A8
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption <<<<<<<<< 签名
67:0a:06:e4:28:be:06:19:06:2c:21:15:a3:94:b5:f8:8a:0b:
26:2e:bd:ab:24:c7:08:1c:76:70:d2:79:7b:7e:c9:78:73:27:
a8:99:f2:de:b5:85:04:9a:4e:49:d3:35:d9:fe:c5:50:02:4d:
dd:eb:58:c5:cb:5d:a9:89:87:ee:0d:6f:87:73:7f:b0:f5:54:
9a:e6:ae:4f:7f:38:93:90:b1:6e:93:54:7c:f8:9d:2a:1d:83:
7d:60:02:07:f7:7e:7a:0d:cf:b0:bc:7c:60:94:55:30:fe:fd:
6f:88:52:6d:9a:a0:dd:51:af:eb:1f:ea:8d:25:ac:03:64:17:
06:59:e1:a9:fd:0d:f1:c7:bf:f1:80:a4:33:b1:a6:2c:78:c0:
0d:e7:5a:fc:98:b9:18:74:23:97:68:a5:a5:ae:6c:b1:98:6a:
e1:ab:05:51:b9:be:dc:d7:d2:3b:54:7a:a0:63:77:68:bc:b3:
68:3b:aa:93:21:f5:b8:08:50:76:f7:40:b6:ed:b2:50:6a:30:
4f:e0:11:33:f1:62:e4:e6:73:6f:4e:89:39:53:20:90:a0:15:
5e:0f:0c:3c:b6:52:f9:95:83:08:28:a6:43:f8:3a:8c:4b:52:
f9:68:10:10:aa:15:20:85:9b:39:74:05:ae:d3:8f:fb:c4:2a:
b9:29:94:b4
生成由CA签名的证书
那么,要如何生成一个由CA签名的证书呢?
首先,要生成一个CSR格式的签名请求。
openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
这个命令会产生一个请求者的私钥和CSR格式的签名请求。
CSR包含了请求者公钥和身份信息,可以用如下命令解析该请求内容。
$ openssl req -noout -text -in server.csr
Certificate Request:
Data:
Version: 0 (0x0)
Subject: C=CN, ST=SH, L=SH, O=MyCompany, OU=DEV, CN=DRL
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b2:e7:aa:aa:57:d2:58:7d:c1:ed:41:5b:69:2a:
27:e7:5b:d4:6e:42:8c:e3:f7:80:bb:f0:e2:93:6f:
46:b2:bd:cc:70:09:bf:9c:e2:14:1e:7f:38:79:78:
e8:6c:6b:58:91:55:c6:b0:00:2b:08:51:37:01:c3:
5f:5d:06:09:f7:df:9d:d7:86:30:ac:27:bc:ea:6b:
ea:da:e4:4a:c7:77:9c:c2:3a:95:d5:cb:57:29:e7:
ee:f1:a0:54:b3:c0:18:2d:2b:fb:e5:93:ca:c1:2e:
f7:b6:17:28:f7:f6:b8:bc:20:f1:e9:72:33:37:75:
f0:6d:fc:50:30:e1:90:a8:f7:03:35:c9:a7:cb:07:
90:d5:c8:7b:ea:fc:26:13:4f:85:a9:de:41:4a:46:
26:c8:3d:ca:81:e6:8e:01:b7:12:c0:cb:86:8d:fb:
88:e0:d3:46:b5:29:09:b7:fb:c3:ff:fb:b1:12:bd:
44:9e:f2:2d:d9:5b:bb:25:ab:98:e8:2f:2c:ef:9b:
d9:29:12:cc:44:9a:02:8d:3b:1e:c9:03:16:1e:9d:
86:19:5c:91:a5:3b:a8:ad:59:e7:56:11:a8:d3:67:
33:c8:ff:51:58:5f:44:fa:26:25:64:51:44:b7:16:
cd:ad:a5:b3:da:40:d9:bc:6b:b9:4a:04:11:41:ee:
62:a9
Exponent: 65537 (0x10001)
Attributes:
unstructuredName :1234
challengePassword :1234
Signature Algorithm: sha256WithRSAEncryption
6d:d0:1b:1c:07:ff:08:8c:90:c6:0b:c6:cf:37:c1:74:5e:69:
4f:78:8f:18:e2:4b:5a:cc:47:66:1a:aa:3d:95:c3:57:0a:1b:
a3:ef:56:85:78:15:8f:24:ca:0a:06:82:7f:10:80:48:55:04:
22:27:49:9c:08:40:22:31:09:8a:f3:14:bd:a1:f5:db:03:70:
bd:db:dc:fa:1b:c8:83:7e:65:3d:60:ac:5c:49:c5:81:f0:91:
01:8d:22:9a:c4:3e:9e:aa:44:30:68:f7:b3:5e:33:e7:cf:c7:
c3:24:99:7c:ca:92:26:e9:62:8f:86:ca:af:db:e0:ee:73:d0:
cb:56:05:16:a6:8a:d9:3e:56:ab:78:95:d3:a9:ff:27:c7:f6:
7b:87:ee:67:bf:b8:13:0a:d0:d7:b8:0b:6c:9a:1e:7c:58:28:
db:d1:cb:2c:39:be:b3:91:65:0f:ab:1d:58:9e:51:b2:dc:86:
f1:21:8d:09:90:52:0e:9b:22:e5:cf:60:20:93:3f:82:30:34:
3d:bd:81:50:ec:22:e2:d1:b0:85:ee:7e:84:12:97:c4:00:ef:
e6:63:99:9e:27:f1:73:bc:5f:03:23:bb:0f:dc:18:f7:28:f7:
64:ff:1c:2a:18:33:0b:39:70:f8:d2:80:8d:1b:38:7b:7a:cd:
5f:00:12:9e
之后,将该CSR提交给证书签发机构CA,由CA签发证书。
如果你是CA的话,可以用如下方式给CSR签发证书。
注意:这里CA是使用自己的private key给请求者的证书签名。
$ openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt
让我们再次查看一下证书,看看和之前的自签名证书有何区别。
可以看到,这时的Issuer和Subject是不同的了。
$ openssl x509 -in server.crt -text -noout
Certificate:
Data:
Version: 1 (0x0)
Serial Number:
bc:a4:43:be:8d:31:b8:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=CN, ST=SH, L=SH, O=CA, OU=CA, CN=CA <<<<<<<<< Issuer
Validity
Not Before: Jul 31 04:52:11 2022 GMT
Not After : Aug 30 04:52:11 2022 GMT
Subject: C=CN, ST=SH, L=SH, O=MyCompany, OU=DEV, CN=DRL <<<<<<<<< Subject
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b2:e7:aa:aa:57:d2:58:7d:c1:ed:41:5b:69:2a:
27:e7:5b:d4:6e:42:8c:e3:f7:80:bb:f0:e2:93:6f:
46:b2:bd:cc:70:09:bf:9c:e2:14:1e:7f:38:79:78:
e8:6c:6b:58:91:55:c6:b0:00:2b:08:51:37:01:c3:
5f:5d:06:09:f7:df:9d:d7:86:30:ac:27:bc:ea:6b:
ea:da:e4:4a:c7:77:9c:c2:3a:95:d5:cb:57:29:e7:
ee:f1:a0:54:b3:c0:18:2d:2b:fb:e5:93:ca:c1:2e:
f7:b6:17:28:f7:f6:b8:bc:20:f1:e9:72:33:37:75:
f0:6d:fc:50:30:e1:90:a8:f7:03:35:c9:a7:cb:07:
90:d5:c8:7b:ea:fc:26:13:4f:85:a9:de:41:4a:46:
26:c8:3d:ca:81:e6:8e:01:b7:12:c0:cb:86:8d:fb:
88:e0:d3:46:b5:29:09:b7:fb:c3:ff:fb:b1:12:bd:
44:9e:f2:2d:d9:5b:bb:25:ab:98:e8:2f:2c:ef:9b:
d9:29:12:cc:44:9a:02:8d:3b:1e:c9:03:16:1e:9d:
86:19:5c:91:a5:3b:a8:ad:59:e7:56:11:a8:d3:67:
33:c8:ff:51:58:5f:44:fa:26:25:64:51:44:b7:16:
cd:ad:a5:b3:da:40:d9:bc:6b:b9:4a:04:11:41:ee:
62:a9
Exponent: 65537 (0x10001)
Signature Algorithm: sha256WithRSAEncryption
56:5c:f5:de:2e:89:27:f9:22:2e:ad:e5:16:03:89:96:40:6d:
76:c8:e9:68:6b:13:5a:34:b2:3c:70:52:1c:67:96:c6:ee:03:
b7:f3:73:db:b7:e5:71:d8:27:01:3b:96:93:86:e0:e1:88:a0:
50:df:1f:ca:b7:d1:03:7d:dd:e1:7b:6b:aa:4a:d3:b0:80:8c:
ad:e0:e0:99:62:b5:42:ce:d2:3f:00:96:ad:37:de:e1:b4:d0:
66:1e:61:1b:f8:59:6b:5f:66:a0:b1:f5:37:04:39:a4:a2:46:
47:5b:48:53:ac:0c:e3:f3:9d:6e:84:65:7e:af:e0:73:1b:36:
6f:1e:12:14:7f:e4:4a:c2:71:72:9f:91:3a:bf:1c:29:11:eb:
61:c0:bd:51:89:60:34:18:b7:45:38:31:14:68:20:8d:59:34:
5b:63:7d:96:58:df:40:c0:f0:39:e5:03:da:44:f4:f2:52:81:
fc:5b:57:6f:6f:e0:4b:05:b9:f6:94:2a:45:77:20:ab:97:8a:
dd:76:fa:d1:80:8d:ee:5f:e8:fc:6a:75:97:ee:09:68:2d:fa:
cb:68:15:7e:4e:46:04:cc:44:64:31:bb:65:c1:13:08:de:13:
d7:de:86:18:9c:66:58:62:25:51:76:06:63:70:53:b9:1e:bf:
ce:e2:60:e5
建立对于用户的信任
所谓建立信任,本质上就是信任对方的身份,而在公钥体系中就是信任对方的公钥。一旦信任了站点,那么客户端发送给站点的数据,就可以进行加密,只有站点可以解开用户的用户名和密码,第三者截取了传输报文,则无法解开。(XXX 这里可能还需要再次阅读确认?)
注意:之前所述建立起的都是对于站点的信任,但是站点尚不能信任用户。那么站点要如何信任用户呢?
因为一般来说用户不太可能像站点那样去向专门的CA机构申请签发证书。
那么用户要获取站点的信任,一般有如下几种方式:
- 用户名和密码 (登陆的几种方式,再次阅读确认 https://segmentfault.com/a/1190000030685155)
需要用户事先在站点上注册好用户名和密码,之后用户登陆时向站点发送加密的用户名和密码信息,在服务器端验证用户的身份。缺点是每次加密传输前都需要进行登陆操作。 - 用户的证书
采用证书的优势是直接利用SSL协议,避免格外的登陆操作。这里的证书一般是自签名证书,需要提前上传给站点。
比如:Github就采用类似的方式,让用户把公钥上传到用户的配置里。
又如:KMS和用户之间建立信任的方式,也是通过证书。这其中也有不同的方式【2】:
有的KMS允许用户直接把证书上传给KMS,比如SafeNet;
有的KMS允许用户把根证书传给KMS,比如Vormetric,那么所有被该根证书签名的证书也可以被信任;
有的KMS直接为用户生成证书和私钥,然后传给用户,比如HyTrust;
也有的KMS需要用户上传证书请求CSR,然后KMS为用户的证书进行签名,然后将签名证书传给用户,比如Thales。
基于加密的传输
信任建立之后,就可以展开加密的传输。而由于非对称加密计算开销较大,无法用于大数据量的加密,因此传输采用的是对称加密,而对称加密的对称秘钥则是通过非对称加密的方式来协商的。
参考
- https://developer.aliyun.com/article/617249
- https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.virtualsan.doc/GUID-0212CEF2-7871-4E00-ADF2-0C71401D5E1A.html
- https://en.wikipedia.org/wiki/HTTPS
- https://datatracker.ietf.org/doc/html/rfc5246
这篇好文章是转载于:学新通技术网
- 版权申明: 本站部分内容来自互联网,仅供学习及演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系,请提供相关证据及您的身份证明,我们将在收到邮件后48小时内删除。
- 本站站名: 学新通技术网
- 本文地址: /boutique/detail/tanhhieegh
-
photoshop保存的图片太大微信发不了怎么办
PHP中文网 06-15 -
word里面弄一个表格后上面的标题会跑到下面怎么办
PHP中文网 06-20 -
《学习通》视频自动暂停处理方法
HelloWorld317 07-05 -
photoshop扩展功能面板显示灰色怎么办
PHP中文网 06-14 -
Android 11 保存文件到外部存储,并分享文件
Luke 10-12 -
TikTok加速器哪个好免费的TK加速器推荐
TK小达人 10-01 -
微信公众号没有声音提示怎么办
PHP中文网 03-31 -
excel下划线不显示怎么办
PHP中文网 06-23 -
excel打印预览压线压字怎么办
PHP中文网 06-22 -
微信运动停用后别人还能看到步数吗
PHP中文网 07-22