1. Composition of digital certificate
1) Certificate data structure
The digital certificate uses ASN.1 encoding, the certificate file is stored in binary or Base64 format, the data format uses TLV (Tag Length Value) form, T stands for type identifier, L is the length value identifier, and V stands for value encoding. Each item in the digital certificate has a corresponding type T. A digital certificate is a large TLV sequence, and then V is composed of multiple TLVs.
The SM2 certificate data is the same as the RSA algorithm certificate, including the certificate version, serial number, issuer, user subject information, user public key, validity period, certificate extension, etc., but the SM2 certificate public key algorithm is the Oid using the ECC algorithm ID (1.2.840.10045.2.1), then the public key parameter uses the Oid ID of the SM2 national secret algorithm (1.2.156.10197.1.301).
2) Signature algorithm
The signature algorithm matching the SM2 certificate is the SM2 signature algorithm based on SM3, and the algorithm Oid identification is 1.2.156.10197.1.501. In addition, the SM2 national secret algorithm also defines signatures based on SHA_1, SHA_256, and RSA signatures using the SM3 algorithm, but only the signature The algorithm Oid identification is different.
3) Signature data
The signature data of SM2 is composed of two BigInteger large numbers, and then Der encoding is used to store the signature data. The signature data of the certificate is signed by the root certificate private key, which is verified using the root certificate public key, and the top-level root certificate is verified using its own certificate public key.
Second, the object identifier of the digital certificate
Each item of the digital certificate has an object identifier Oid. The main difference of the SM2 digital certificate is that the public key algorithm, public key parameters, and signature algorithm identifier are different. The rest are standard items in X509. Common object identifiers of digital certificates are as follows:
| Object identifier | name | OID |
|---|---|---|
| rsaEncryption | RSA algorithm identification | 1.2.840.113549.1.1.1 |
| sha1withRSAEncryption | RS1 signature of SHA1 | 1.2.840.113549.1.1.5 |
| ETC | ECC algorithm identification | 1.2.840.10045.2.1 |
| SM2 | SM2 algorithm identification | 1.2.156.10197.1.301 |
| SM3WithSM2 | SM3 SM2 signature | 1.2.156.10197.1.501 |
| sha1withSM2 | SM1 signature of SHA1 | 1.2.156.10197.1.502 |
| sha256withSM2 | SM256 signature of SHA256 | 1.2.156.10197.1.503 |
| sm3withRSAEncryption | RSA signature of SM3 | 1.2.156.10197.1.504 |
| commonName | Principal name | 2.5.4.3 |
| emailAddress | mailbox | 1.2.840.113549.1.9.1 |
| cRLDistributionPoints | CRL distribution point | 2.5.29.31 |
| extKeyUsage | Extended key usage | 2.5.29.37 |
| subjectAltName | User Alternative Name | 2.5.29.17 |
| CP | Certificate strategy | 2.5.29.32 |
| clientAuth | Client authentication | 1.3.6.1.5.5.7.3.2 |
Third, the analysis of digital certificates
The analysis of digital certificates is mainly based on the ASN.1 syntax and object identifier to obtain the value, and then the validity period of the certificate, the root certificate of the issuing authority, the CRL revocation status and the purpose of use and other verification. The RSA certificate is a standard algorithm that can be parsed by most platforms, but the analysis of the SM2 national secret algorithm certificate is not so common. Opening the SM2 certificate in some higher versions of Windows will display "An error occurred at the system layer when verifying the trust relationship". This is because Windows does not yet support SM2 algorithm certificate verification and cannot recognize the SM2 signature algorithm ID. To verify the signature data of the SM2 certificate, the SM2 verification signature can be implemented based on the BouncyCastle open source encryption library. For details, please refer to my national secret algorithm SM2 certificate production .
