复制的数字签名

发布时间:2025-01-13 08:09

数字签名与加密基础知识 #生活技巧# #工作学习技巧# #数字技能培养#

sha1和MD5算法的区别

sha-1与MD5的最大区别在于其摘要比MD5摘要长32B。对于强行攻击,产生任何一个报文使之摘要等于给定报文摘要的难度:MD5是2128数量级的操作,sha-1是2160数量级的操作。产生具有相同摘要的两个报文的难度:MD5是264是数量级的操作,sha-1是280数量级的操作。因而,sha-1对强行攻击的强度更大。但由于sha-1的循环步骤比MD5多(80:64)且要处理的缓存大(160B:128B),sha-1的运行速度比MD5慢。

数字签名的复制

在百度中搜索一下数字签名复制,你会发现,这样的工具太多了……
在这里插入图片描述
而且,我下载了7款复制数字签名的软件,复制成功率竟然达到了56%!可怕!邪恶的我把Explorer.exe的数字签名(微软的官签)给复制到了我用来测试的软件上面。[时间戳也伪造上了]

复制后出现的问题

当我正在沾沾自喜时,360老毛病又犯了,未经我允许,直接删除┭┮﹏┭┮,而且,它提示:侦测到极危险的木马(签名不正常,创建可疑进程),已经彻底覆盖。
崩溃……
可是,它怎么能把微软官签当成“不正常的签名”呢?好奇。
文件属性
换做金山官签试了一下,还是一样。
但当我查看证书详细信息时,发现了一些蛛丝马迹。
证书详细信息
呵呵,看出不正常的地方来了吧?7款复制数字签名的软件全部没用!
再往下看:
原因
我将Kingsoft的sha1证书导出为.cer便于查看详细信息。

x509 -inform der -in Kingsoft.cer -out Kingsoft.pem 1

导出完成。
查看详细信息。

x509 -in Kingsoft.pem -noout -text 1

输出:

OpenSSL> x509 -in Kingsoft.pem -noout -text Certificate: Data: Version: 3 (0x2) Serial Number: 02:e4:4d:7d:1d:38:ae:22:3b:27:a0:2b:ac:d7:9b:53 Signature Algorithm: sha1WithRSAEncryption Issuer: C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Assured ID Code Signing CA-1 Validity Not Before: Jan 20 00:00:00 2020 GMT Not After : Feb 4 12:00:00 2023 GMT Subject: C = CN, ST = Guangdong, L = Zhuhai, O = "Zhuhai Kingsoft Office Software Co., Ltd.", CN = "Zhuhai Kingsoft Office Software Co., Ltd." Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:8b:7e:43:90:32:eb:45:75:59:be:c8:69:ca: 6a:2d:e9:6a:2d:a3:cc:4e:98:46:57:3c:e5:5b:5d: e5:1e:cc:52:da:4e:0e:80:82:a0:1d:f8:98:18:fd: 82:2c:c4:56:38:e6:57:be:ac:06:f5:4e:6d:1f:26: c4:1e:e5:38:5b:08:21:70:6b:04:8e:42:d0:05:3a: c1:e1:57:c9:74:6f:69:86:89:40:ad:22:6a:77:ec: 94:44:e4:74:23:58:7b:c4:08:d3:43:64:d7:0d:e4: 2b:2c:75:ab:52:b2:58:f3:2d:7e:5e:7f:9a:2d:be: 4c:56:b7:67:35:45:16:60:f3:23:a5:91:04:70:0e: 99:5e:6c:9f:a5:1a:d3:37:80:fb:84:26:ff:38:cf: c9:1b:ba:77:0d:a3:d8:db:73:82:94:84:09:f2:63: 5d:f8:bc:2f:c8:3b:15:94:c0:0e:53:19:aa:68:7f: f5:64:d4:bd:e0:25:35:43:f1:83:7f:45:0c:9a:6f: a8:37:db:ed:c9:8a:37:d2:f2:d5:f9:4d:7e:d4:7d: 4d:38:fb:1f:af:ec:ba:de:f6:f3:91:df:d6:ac:da: 80:a2:ac:92:08:24:e8:bf:b0:02:0e:a7:23:4c:b2: 10:c4:82:76:65:59:b1:45:8e:5e:3d:ab:00:d9:24: 51:37 Exponent: 3 (0x3) X509v3 extensions: X509v3 Authority Key Identifier: keyid:7B:68:CE:29:AA:C0:17:BE:49:7A:E1:E5:3F:D6:A7:F7:45:8F:35:32 X509v3 Subject Key Identifier: BF:6E:75:73:61:2C:35:9D:43:B4:DE:38:DE:D2:D8:85:4F:AC:9E:D7 X509v3 Key Usage: critical Digital Signature X509v3 Extended Key Usage: Code Signing X509v3 CRL Distribution Points: Full Name: URI:http://crl3.digicert.com/assured-cs-g1.crl Full Name: URI:http://crl4.digicert.com/assured-cs-g1.crl X509v3 Certificate Policies: Policy: 2.16.840.1.114412.3.1 CPS: https://www.digicert.com/CPS Policy: 2.23.140.1.4.1 Authority Information Access: OCSP - URI:http://ocsp.digicert.com CA Issuers - URI:http://cacerts.digicert.com/DigiCertAssuredIDCodeSigningCA-1.crt X509v3 Basic Constraints: critical CA:FALSE Signature Algorithm: sha1WithRSAEncryption 39:b9:97:02:7e:cf:01:f0:c9:16:82:20:6d:76:bd:bb:aa:50: f2:91:6a:8b:c8:4d:b2:3d:3d:10:aa:bd:5b:36:12:cb:2e:73: b0:08:34:b7:69:80:cd:c9:ad:e5:67:18:0a:27:16:99:a7:ad: d2:ed:b4:d3:86:82:19:9e:ca:69:d1:37:21:d6:55:5c:1c:7f: 64:9c:e9:6d:02:67:d4:83:1a:98:b6:41:b8:c6:88:a1:4b:81: 17:90:eb:d6:67:5d:60:21:33:c1:8a:98:3a:4b:3c:53:14:9c: f3:8e:7d:a5:e2:57:0a:66:68:c6:9c:ab:c9:79:45:a0:d3:6b: 56:c7:80:5c:d4:d5:8c:2c:13:90:b2:ce:7f:11:9a:72:8b:20: 53:89:04:8e:45:c7:a5:97:06:b5:75:d1:49:d0:99:a2:72:f2: d3:5a:27:6c:15:84:b0:e1:de:78:21:8c:5e:4e:9f:3f:1e:f1: 04:d4:04:44:61:7f:0a:49:9e:60:cf:4f:48:eb:da:9c:73:2a: 81:f7:dd:92:84:e9:2c:51:3b:62:44:f4:42:84:e8:b6:48:16: 5a:55:e2:e0:b9:c5:60:a8:82:66:f5:a4:da:e6:5c:05:94:68: 03:31:50:78:ca:5f:93:41:90:94:10:88:ac:10:3d:bb:a6:51: b4:80:05:06

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980

复制的证书:

OpenSSL> x509 -in Kingsoft_copy.pem -noout -text Certificate: Data: Version: 3 (0x2) Serial Number: 02:e4:4d:7d:1d:38:ae:22:3b:27:a0:2b:ac:d7:9b:53 Signature Algorithm: sha1WithRSAEncryption Issuer: C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Assured ID Code Signing CA-1 Validity Not Before: Jan 20 00:00:00 2020 GMT Not After : Feb 4 12:00:00 2023 GMT Subject: C = CN, ST = Guangdong, L = Zhuhai, O = "Zhuhai Kingsoft Office Software Co., Ltd.", CN = "Zhuhai Kingsoft Office Software Co., Ltd." Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:8b:7e:43:90:32:eb:45:75:59:be:c8:69:ca: 6a:2d:e9:6a:2d:a3:cc:4e:98:46:57:3c:e5:5b:5d: e5:1e:cc:52:da:4e:0e:80:82:a0:1d:f8:98:18:fd: 82:2c:c4:56:38:e6:57:be:ac:06:f5:4e:6d:1f:26: c4:1e:e5:38:5b:08:21:70:6b:04:8e:42:d0:05:3a: c1:e1:57:c9:74:6f:69:86:89:40:ad:22:6a:77:ec: 94:44:e4:74:23:58:7b:c4:08:d3:43:64:d7:0d:e4: 2b:2c:75:ab:52:b2:58:f3:2d:7e:5e:7f:9a:2d:be: 4c:56:b7:67:35:45:16:60:f3:23:a5:91:04:70:0e: 99:5e:6c:9f:a5:1a:d3:37:80:fb:84:26:ff:38:cf: c9:1b:ba:77:0d:a3:d8:db:73:82:94:84:09:f2:63: 5d:f8:bc:2f:c8:3b:15:94:c0:0e:53:19:aa:68:7f: f5:64:d4:bd:e0:25:35:43:f1:83:7f:45:0c:9a:6f: a8:37:db:ed:c9:8a:37:d2:f2:d5:f9:4d:7e:d4:7d: 4d:38:fb:1f:af:ec:ba:de:f6:f3:91:df:d6:ac:da: 80:a2:ac:92:08:24:e8:bf:b0:02:0e:a7:23:4c:b2: 10:c4:82:76:65:59:b1:45:8e:5e:3d:ab:00:d9:24: 51:37 Exponent: 3 (0x3) X509v3 extensions: X509v3 Authority Key Identifier: keyid:7B:68:CE:29:AA:C0:17:BE:49:7A:E1:E5:3F:D6:A7:F7:45:8F:35:32 X509v3 Subject Key Identifier: BF:6E:75:73:61:2C:35:9D:43:B4:DE:38:DE:D2:D8:85:4F:AC:9E:D7 X509v3 Key Usage: critical Digital Signature X509v3 Extended Key Usage: Code Signing X509v3 CRL Distribution Points: Full Name: URI:http://crl3.digicert.com/assured-cs-g1.crl Full Name: URI:http://crl4.digicert.com/assured-cs-g1.crl X509v3 Certificate Policies: Policy: 2.16.840.1.114412.3.1 CPS: https://www.digicert.com/CPS Policy: 2.23.140.1.4.1 Authority Information Access: OCSP - URI:http://ocsp.digicert.com CA Issuers - URI:http://cacerts.digicert.com/DigiCertAssuredIDCodeSigningCA-1.crt X509v3 Basic Constraints: critical CA:FALSE Signature Algorithm: sha1WithRSAEncryption 39:b9:97:02:7e:cf:01:f0:c9:16:82:20:6d:76:bd:bb:aa:50: f2:91:6a:8b:c8:4d:b2:3d:3d:10:aa:bd:5b:36:12:cb:2e:73: b0:08:34:b7:69:80:cd:c9:ad:e5:67:18:0a:27:16:99:a7:ad: d2:ed:b4:d3:86:82:19:9e:ca:69:d1:37:21:d6:55:5c:1c:7f: 64:9c:e9:6d:02:67:d4:83:1a:98:b6:41:b8:c6:88:a1:4b:81: 17:90:eb:d6:67:5d:60:21:33:c1:8a:98:3a:4b:3c:53:14:9c: f3:8e:7d:a5:e2:57:0a:66:68:c6:9c:ab:c9:79:45:a0:d3:6b: 56:c7:80:5c:d4:d5:8c:2c:13:90:b2:ce:7f:11:9a:72:8b:20: 53:89:04:8e:45:c7:a5:97:06:b5:75:d1:49:d0:99:a2:72:f2: d3:5a:27:6c:15:84:b0:e1:de:78:21:8c:5e:4e:9f:3f:1e:f1: 04:d4:04:44:61:7f:0a:49:9e:60:cf:4f:48:eb:da:9c:73:2a: 81:f7:dd:92:84:e9:2c:51:3b:62:44:f4:42:84:e8:b6:48:16: 5a:55:e2:e0:b9:c5:60:a8:82:66:f5:a4:da:e6:5c:05:94:68: 03:31:50:78:ca:5f:93:41:90:94:10:88:ac:10:3d:bb:a6:51: b4:80:05:06

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980

呵呵,证书一模一样。
Windows是怎么识别的呢?
复制数字签名的原理:
复制证书,然后将软件的数字签名导向证书[假冒伪劣产品],没有经过加密。
数字签名安全性真不是吹的。

两个账号几个月以来第一次用Markdown,布局有问题请在评论区发表建议哈。
这行文字只是用来 证明这篇文章是用 Markdown 编辑器 撰写的。
注:本文所用的数字签名只是为了示范,没有任何针对性。

网址:复制的数字签名 https://www.yuejiaxmz.com/news/view/704407

上一篇:全国首份专门针对智慧城市的数字安
下一篇:2025年数字生活部业务平台安全

相关内容

数字签名的应用实例
【国工晶琉复古典文艺红木书签 中国风礼物黑檀木质书签 DIY刻字定制复古书签工艺品定制 书签批发】价格
wps电子签名
快乐人生个性签名哲理签名
签名本的温度
生活垃圾艺术字签名
数字标签试点覆盖主要食品类别
精美的复古书签制作方法
对谈|韩炳哲《山寨》、艺术的“复制”与数字时代的“原创”
记录日常生活碎碎念签名 干净美好且治愈的签名

随便看看

最新动态分享

热点动态分享

  1. 1500大卡的食物对照表
    3043
  2. 如何关闭今日头条推送的直播 关闭今日头条推送直播方法
    2895
  3. 李居明2025年九宫图风水方位图解,乙巳蛇年家居风水布置图
    2835
  4. 2025独生子女证停办了吗?记牢此日期还可补领
    2552
  5. 二手商铺过户费太高了怎么办 二手商铺过户费怎么算 商铺卖100万缴多少税
    2359
  6. 【荣耀智慧空间】这样设置荣耀手机 超省电 从此告别一天一充
    1920
  7. 魔兽世界怀旧服烹饪1到300升级攻略
    1675
  8. 哪些旧书收藏价值高 80年代旧书收藏价格一览
    1531
  9. 四川一敬老院藏污纳垢 卖淫女光天化日拉客
    1514
  10. 屁屁影院43·ccom——让你体验前所未有的视听盛宴!
    1336

专题