TLS 1.3 Certificate Verify签名值验证过程解析1、 签名值原文数据结构依据RFC 8446的4.4.3章节TLS 1.3 Certificate Verify数字签名的原文为重复64次的0x20||上下文字符串||用作分隔符的0字节||待签名的内容上下文字符串若是服务端发送的Certificate Verify报文则上下文字符串为“TLS 1.3, server CertificateVerify”对应的16进制ASCII码为0X 544c5320312e332c20736572766572204365727469666963617465566572696679若是客户端发送的Certificate Verify报文在双向鉴别的时候会发生则上下文字符串为“TLS 1.3, client CertificateVerify”对应的16进制ASCII码为0X 544c5320312e332c20636c69656e74204365727469666963617465566572696679。待签名内容所有握手消息从第一个Client Hello开始只包括那些被发送的消息:CientHelloHelloRetryRequest, ClientHello, ServerHello, EncryptedExtensions, server CertificateRequest, server Certificate, serverCertificateVerify, server Finished, EndOfEarlyData, client Certificate, client CertificateVerify, client Finished.进行串接后的哈希值所使用的哈希算法由sever hello中的算法套件决定。2、 数字签名对于章节1中定义的原文使用Certificate Verify报文Signature Algorithm中定义的签名算法进行数字签名。TLS 1.3 中支持的 Signature Algorithm签名算法在 RFC 8446第4.2.3章节中定义主要包括以下类型RSA 系列• RSASSA-PKCS1-v1_5rsa_pkcs1_sha256 (0x0401)rsa_pkcs1_sha384 (0x0501)rsa_pkcs1_sha512 (0x0601)• RSASSA-PSSrsa_pss_rsae_sha256 (0x0804)rsa_pss_rsae_sha384 (0x0805)rsa_pss_rsae_sha512 (0x0806)3、 报文验签示例3.1提取签名值签名值a4d8222fa7204e5ea731d3cd1f0fc267a14b7d42c798e96c104292d49ac9578df21051414e25f525232daab28d1e3323540502de4dc39d8167582c7a82e4fb904c498d155cdd7b632b08f6feee90fcd53ae1f14c1b84ace88e8608fbf2315786d500394aa64b26fcee0fe2f651ee9a0d1d36f5d22cc149f055ede46849e47fe0ee543d2bf3ae3073a582c29399162723225f286eb7d2e606e62872e061134999ee24b58c1905118f439f865ef913256d33d9a7dec30d43e0e407fc223078b01c1e6a93527fbba85aeb689be2c0286952feefbd51ce40a512a326429f121ee6f85ac5923a016afe8e861df2785addbb505f8a6bb1a51d9ba20ea8748cf1abf90d3.2提取签名证书签名证书3082039b30820283a003020102020900a0fc83a9e4ef2028300d06092a864886f70d01010b05003064310b300906035504061302434e3110300e06035504080c074265696a696e673110300e06035504070c074265696a696e67310e300c060355040a0c056c73626c6a310e300c060355040b0c056c73626c6a3111300f06035504030c086c73626c6a2e636e301e170d3230313131363035303530345a170d3330313131343035303530345a3064310b300906035504061302434e3110300e06035504080c074265696a696e673110300e06035504070c074265696a696e67310e300c060355040a0c056c73626c6a310e300c060355040b0c056c73626c6a3111300f06035504030c086c73626c6a2e636e30820122300d06092a864886f70d01010105000382010f003082010a0282010100b2bbba95c541522cfcd1ac5585c54afab5d3bab001bd9200135b009ca93eb4d7bba897a7b813d21ff6593f94341f5eb8514d64168b0e993e2a4f057160de18bb70505754ac3f14eac2890033830352afab1de2da6b837291172f8ec40af8f061f9f539f7256ee16274a1e791087c582a1b713f816c2470296c94f7c4200c745769805a32a8c80842650a461e3bc9f1741d04ec54db80b9c60efbedbedd65a162917c3db7afaefa6bed36ead9303aeef429cf855e1c141af27d227669eb799561d7f1f0d2dd93e553114758f4f81eb6fc0ab17da2175206f4d260d09fda2ea3b5964b80b383e83580a01b654bf9cdf10d7f6217388765d821d9e350cba336eb1d0203010001a350304e301d0603551d0e04160414677abcfb687e07ad72272eb335821a10e1297cc9301f0603551d23041830168014677abcfb687e07ad72272eb335821a10e1297cc9300c0603551d13040530030101ff300d06092a864886f70d01010b050003820101000ccd9e0613318224d74232509f9ee4673897bc4aaa9e32c0bbfaf045be56ea878f323be0a2236a18aed7d346bca54927230e972a04494645cfca46487688e2a6c0899c419ff8a248475b00253e0759e561513b5112c297e7a6c55bae3af26b5ccf668c5a8bf220e4ed70eef4d9d140a0e8a4c8968204ac472901f332bd42490135b06ed1e2d35866ef923ca9d4a3284fa455a9b3e6fdb76f9e7e0c07a4787c85a6c245a8229c6ac1296d745a14ad5e4012ae2529301e025ae98762c6c0994248a37c510d1a9239bbd946d57ec8e4ad708a47e7edab768efb2fb190571100e43c1d544d1e3a6140649ecf4a08b7baec4660d624e56bd15b939aafc721ff12c61c3.3构造签名原文重复64次的0x2020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020上下文字符串544c5320312e332c207365766572204365727469666963617465566572696679用作分隔符的0字节00待签名内容Client hello010006fc0303c51c606f487b4d63fb16ef1cfbaea0ecc6acb30ad6cf838b74b1774a0627ceae20ca749b39a3363365d8f68b06fb3a1b2a99c84601cc6460b0e4e270e0a4d3819800202a2a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035010006932a2a0000000b0002010000230000003304ef04edcaca00010011ec04c09d2544303b53eb0127124a8442bb63978a074498c89e51409b25a86e7148e000a40e2cb0a025272ed661aac438c0123948ba3dfe7b4bf3199e5606cd8863aad626bd11b94c97a2acd1764a2d151fe78c936b23c83d002a64f8b9e14bbf060c68eb8a9df4295ccadbb8305068dc621207e1bdaca623a817c8858b11486115c3d68ba7c10bce24b9b1a523518349fae2aaa7d983ad427e42073a467122ef9b51d5f482c0bbcadde4389f29625c119b22a31897b47e5ad38693d5abcaec9769906cd5d57b760984bdbac699b76dad25618e61265eb56cf6707b94b12d5f242d83b56b701bafd30636c7d2978aaa119da231fce7bbcb31a323918946e381ebb0ace59575ca32533055c3afc641da588f46a03328854445898eb1a9912b7c1f3e4162625a6b4b89aaf7d33cd3c825996836fe20873831429d87759567041d0609dff42089e5097fd28a2efacd4ec4c10e115dbfd6bc2d5c0c876151d39928b15c0c59c5a4a336850f32b1d423b3b71c53859a119bf51ca7f5691f327710b841cce63c6409b49ba772bdc390b3f95dd7a03946903755841190e9840612b2ee473052d9a6b4d28e6d1c7773a165f2c4a202c712eb98012222cfeb66b1dcc1077844c230d3c1c7a9be3a889018ab4eef6310160c029b74cc269c6a7880656009c8cc838721533a57b7c84a1b70f42012cd6111b80acc51232c3e892562d02499d1660bca5910265faa5b411f4707e9b8ad0cb60e9346c2c0a6942c7b858403c6a6d0bc2e7508e13042294592cc600376db295feb7ee24c068dd2a393e41266fbc1db390c90464e82036895a604d9470b1b7876c6c221ea6797bb55a067f8218a68a86f9284a2248578ec2b7e93a8c4c94012c900f3928f0f002e802ca1d0ec386560963c51a563180fe2330fabb40fab4bb175905b44d5477271cef415b3a5f04fb7478b97b570a68157a5d40eb662592b86cca542736b35bff07bb27df62664b25364b8a53304c3b249adcd90825a270ee12b1d3cbac32c22aa730b25ad7800b95cc5f67acf887c8eff9b82f0b22ef07b36eef89b1c91a3a4d0c8daa6277c89430b0644c59884af5370ec291312256c25ac3f038321bc5682dd5ac52451b4fff41a8cc63cdb4a5f5c0c135cb724dc67b1f263a2ac9b9a03f336d89831a9b5a398dc1c3ba57c43b2530c995aae8a58dcc73fb1235227d33993c077b3e81c91482aab483de83304fd66b6ef19c9f7c2accf22908683af8f74ad80c67d5a7c422523921f12ac4d9947eca59b469200b03a8eb182777af71f546567f9383ffb9b3a1e3cacccc1c9be138538ac829e93bd92c1cf3d4bb9027724c87975cd239009110e4aab586e9c961ab77e5d1352eddca0ad514e8e165df50101be7866dd0812d41c61dd335a57039b9f797108c9b6b1163aad89ccf4cc12a055c9783a4b9d81c163b6606d4113f48805e1807363f850b9518c607074fe3189aa1045c4cc3c90fca260b49d55159635f39ce5b5bdfd5368e2e92a2f3769ba6c51780268de10429088ac07f0ba5258abca1a76d12285d63435e8fabeca0b488f2c4a6b14167f485c6948a765b09370333682a91292c99f950a562d78393ffba19c828126cb601f7a72bcc27979b2497289b2c83321273f95b1dd9d9e568850193a004334cc07e7bdf23f92d91de8f1705099b8104ff8ba3726d57ee1c97fb94cd02740eefc19380938d8c544001d0020d46ecc7680fdd46d06a3f99198239ae4de9d42a81fea83831a2dc26dab993318001b0003020002000500050100000000000d001200100403080404010503080505010806060100170000002b000706aaaa03040303ff01000100000a000c000acaca11ec001d00170018446900050003026832001200000010000e000c02683208687474702f312e31002d00020101fe0d011a00000100012c0020d43381e144d70dd310aa8a87a201fa7ff6c73141e21c21c4ba87c088971e7c5600f03c2a1348dfdc225b32fa6ca9fc69fed714ca9272956703b3e49a3f3975658ee468689829ca7e0442e5755c6e1b242adce757f50367a54f2c60282da2aa68ad05d4a25109397826c6ba977841f43f834685f9d4fa752e032da3a3290be555f7dee7ca08bacf1d46e68e63254e82df679bef928692be0b5ede65bd9fbeb74ca4da8c95abb781344a3e411df5066fea749d8d3d6dc686ca4d07393971af637fb79e3f4e91b2be6c3af5dcde355a08cea00e0277e1582d74b1b5e4c00160ce047110be13ce13146065ed21335c83947976678c4eace901fbb87e364fa38f5118b91d36a8cfd2b59a4c965864c45760cda524baba000100sever hello0200007603037a751dc37c39f16fdb7014ec47de7f44f59cb3ea9ecb57772c9432cf63aed9bc20ca749b39a3363365d8f68b06fb3a1b2a99c84601cc6460b0e4e270e0a4d38198130200002e002b0002030400330024001d0020fdd9d0b2dbfb32d9948060965e05163ccaedd1caeb0ff2a058eb975b6674a710Encrypted Extensions08000011000f0010000b000908687474702f312e31Certificate0b0003a8000003a400039f3082039b30820283a003020102020900a0fc83a9e4ef2028300d06092a864886f70d01010b05003064310b300906035504061302434e3110300e06035504080c074265696a696e673110300e06035504070c074265696a696e67310e300c060355040a0c056c73626c6a310e300c060355040b0c056c73626c6a3111300f06035504030c086c73626c6a2e636e301e170d3230313131363035303530345a170d3330313131343035303530345a3064310b300906035504061302434e3110300e06035504080c074265696a696e673110300e06035504070c074265696a696e67310e300c060355040a0c056c73626c6a310e300c060355040b0c056c73626c6a3111300f06035504030c086c73626c6a2e636e30820122300d06092a864886f70d01010105000382010f003082010a0282010100b2bbba95c541522cfcd1ac5585c54afab5d3bab001bd9200135b009ca93eb4d7bba897a7b813d21ff6593f94341f5eb8514d64168b0e993e2a4f057160de18bb70505754ac3f14eac2890033830352afab1de2da6b837291172f8ec40af8f061f9f539f7256ee16274a1e791087c582a1b713f816c2470296c94f7c4200c745769805a32a8c80842650a461e3bc9f1741d04ec54db80b9c60efbedbedd65a162917c3db7afaefa6bed36ead9303aeef429cf855e1c141af27d227669eb799561d7f1f0d2dd93e553114758f4f81eb6fc0ab17da2175206f4d260d09fda2ea3b5964b80b383e83580a01b654bf9cdf10d7f6217388765d821d9e350cba336eb1d0203010001a350304e301d0603551d0e04160414677abcfb687e07ad72272eb335821a10e1297cc9301f0603551d23041830168014677abcfb687e07ad72272eb335821a10e1297cc9300c0603551d13040530030101ff300d06092a864886f70d01010b050003820101000ccd9e0613318224d74232509f9ee4673897bc4aaa9e32c0bbfaf045be56ea878f323be0a2236a18aed7d346bca54927230e972a04494645cfca46487688e2a6c0899c419ff8a248475b00253e0759e561513b5112c297e7a6c55bae3af26b5ccf668c5a8bf220e4ed70eef4d9d140a0e8a4c8968204ac472901f332bd42490135b06ed1e2d35866ef923ca9d4a3284fa455a9b3e6fdb76f9e7e0c07a4787c85a6c245a8229c6ac1296d745a14ad5e4012ae2529301e025ae98762c6c0994248a37c510d1a9239bbd946d57ec8e4ad708a47e7edab768efb2fb190571100e43c1d544d1e3a6140649ecf4a08b7baec4660d624e56bd15b939aafc721ff12c61c0000将Client hello、sever hello、Encrypted Extensions、Certificate按照报文的先后顺序拼接哈希得到待签名消息Sever hello中协商的哈希算法为SHA384TLS1.3暂不支持SHA3算法故所使用的哈希算法为SHA2-384得到待签名内容ae24946cddb4a6ada7354536686331d1d7f79e57614802b087935ae0dcc0a394fc2a725fa26d4a2f0c2339646ff15701签名原文为20202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020544c5320312e332c2073657276657220436572746966696361746556657269667900ae24946cddb4a6ada7354536686331d1d7f79e57614802b087935ae0dcc0a394fc2a725fa26d4a2f0c2339646ff157013.4验签签名算法验签
TLS 1.3 Certificate Verify签名值验证过程解析
发布时间:2026/5/27 17:06:03
TLS 1.3 Certificate Verify签名值验证过程解析1、 签名值原文数据结构依据RFC 8446的4.4.3章节TLS 1.3 Certificate Verify数字签名的原文为重复64次的0x20||上下文字符串||用作分隔符的0字节||待签名的内容上下文字符串若是服务端发送的Certificate Verify报文则上下文字符串为“TLS 1.3, server CertificateVerify”对应的16进制ASCII码为0X 544c5320312e332c20736572766572204365727469666963617465566572696679若是客户端发送的Certificate Verify报文在双向鉴别的时候会发生则上下文字符串为“TLS 1.3, client CertificateVerify”对应的16进制ASCII码为0X 544c5320312e332c20636c69656e74204365727469666963617465566572696679。待签名内容所有握手消息从第一个Client Hello开始只包括那些被发送的消息:CientHelloHelloRetryRequest, ClientHello, ServerHello, EncryptedExtensions, server CertificateRequest, server Certificate, serverCertificateVerify, server Finished, EndOfEarlyData, client Certificate, client CertificateVerify, client Finished.进行串接后的哈希值所使用的哈希算法由sever hello中的算法套件决定。2、 数字签名对于章节1中定义的原文使用Certificate Verify报文Signature Algorithm中定义的签名算法进行数字签名。TLS 1.3 中支持的 Signature Algorithm签名算法在 RFC 8446第4.2.3章节中定义主要包括以下类型RSA 系列• RSASSA-PKCS1-v1_5rsa_pkcs1_sha256 (0x0401)rsa_pkcs1_sha384 (0x0501)rsa_pkcs1_sha512 (0x0601)• RSASSA-PSSrsa_pss_rsae_sha256 (0x0804)rsa_pss_rsae_sha384 (0x0805)rsa_pss_rsae_sha512 (0x0806)3、 报文验签示例3.1提取签名值签名值a4d8222fa7204e5ea731d3cd1f0fc267a14b7d42c798e96c104292d49ac9578df21051414e25f525232daab28d1e3323540502de4dc39d8167582c7a82e4fb904c498d155cdd7b632b08f6feee90fcd53ae1f14c1b84ace88e8608fbf2315786d500394aa64b26fcee0fe2f651ee9a0d1d36f5d22cc149f055ede46849e47fe0ee543d2bf3ae3073a582c29399162723225f286eb7d2e606e62872e061134999ee24b58c1905118f439f865ef913256d33d9a7dec30d43e0e407fc223078b01c1e6a93527fbba85aeb689be2c0286952feefbd51ce40a512a326429f121ee6f85ac5923a016afe8e861df2785addbb505f8a6bb1a51d9ba20ea8748cf1abf90d3.2提取签名证书签名证书3082039b30820283a003020102020900a0fc83a9e4ef2028300d06092a864886f70d01010b05003064310b300906035504061302434e3110300e06035504080c074265696a696e673110300e06035504070c074265696a696e67310e300c060355040a0c056c73626c6a310e300c060355040b0c056c73626c6a3111300f06035504030c086c73626c6a2e636e301e170d3230313131363035303530345a170d3330313131343035303530345a3064310b300906035504061302434e3110300e06035504080c074265696a696e673110300e06035504070c074265696a696e67310e300c060355040a0c056c73626c6a310e300c060355040b0c056c73626c6a3111300f06035504030c086c73626c6a2e636e30820122300d06092a864886f70d01010105000382010f003082010a0282010100b2bbba95c541522cfcd1ac5585c54afab5d3bab001bd9200135b009ca93eb4d7bba897a7b813d21ff6593f94341f5eb8514d64168b0e993e2a4f057160de18bb70505754ac3f14eac2890033830352afab1de2da6b837291172f8ec40af8f061f9f539f7256ee16274a1e791087c582a1b713f816c2470296c94f7c4200c745769805a32a8c80842650a461e3bc9f1741d04ec54db80b9c60efbedbedd65a162917c3db7afaefa6bed36ead9303aeef429cf855e1c141af27d227669eb799561d7f1f0d2dd93e553114758f4f81eb6fc0ab17da2175206f4d260d09fda2ea3b5964b80b383e83580a01b654bf9cdf10d7f6217388765d821d9e350cba336eb1d0203010001a350304e301d0603551d0e04160414677abcfb687e07ad72272eb335821a10e1297cc9301f0603551d23041830168014677abcfb687e07ad72272eb335821a10e1297cc9300c0603551d13040530030101ff300d06092a864886f70d01010b050003820101000ccd9e0613318224d74232509f9ee4673897bc4aaa9e32c0bbfaf045be56ea878f323be0a2236a18aed7d346bca54927230e972a04494645cfca46487688e2a6c0899c419ff8a248475b00253e0759e561513b5112c297e7a6c55bae3af26b5ccf668c5a8bf220e4ed70eef4d9d140a0e8a4c8968204ac472901f332bd42490135b06ed1e2d35866ef923ca9d4a3284fa455a9b3e6fdb76f9e7e0c07a4787c85a6c245a8229c6ac1296d745a14ad5e4012ae2529301e025ae98762c6c0994248a37c510d1a9239bbd946d57ec8e4ad708a47e7edab768efb2fb190571100e43c1d544d1e3a6140649ecf4a08b7baec4660d624e56bd15b939aafc721ff12c61c3.3构造签名原文重复64次的0x2020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020上下文字符串544c5320312e332c207365766572204365727469666963617465566572696679用作分隔符的0字节00待签名内容Client hello010006fc0303c51c606f487b4d63fb16ef1cfbaea0ecc6acb30ad6cf838b74b1774a0627ceae20ca749b39a3363365d8f68b06fb3a1b2a99c84601cc6460b0e4e270e0a4d3819800202a2a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035010006932a2a0000000b0002010000230000003304ef04edcaca00010011ec04c09d2544303b53eb0127124a8442bb63978a074498c89e51409b25a86e7148e000a40e2cb0a025272ed661aac438c0123948ba3dfe7b4bf3199e5606cd8863aad626bd11b94c97a2acd1764a2d151fe78c936b23c83d002a64f8b9e14bbf060c68eb8a9df4295ccadbb8305068dc621207e1bdaca623a817c8858b11486115c3d68ba7c10bce24b9b1a523518349fae2aaa7d983ad427e42073a467122ef9b51d5f482c0bbcadde4389f29625c119b22a31897b47e5ad38693d5abcaec9769906cd5d57b760984bdbac699b76dad25618e61265eb56cf6707b94b12d5f242d83b56b701bafd30636c7d2978aaa119da231fce7bbcb31a323918946e381ebb0ace59575ca32533055c3afc641da588f46a03328854445898eb1a9912b7c1f3e4162625a6b4b89aaf7d33cd3c825996836fe20873831429d87759567041d0609dff42089e5097fd28a2efacd4ec4c10e115dbfd6bc2d5c0c876151d39928b15c0c59c5a4a336850f32b1d423b3b71c53859a119bf51ca7f5691f327710b841cce63c6409b49ba772bdc390b3f95dd7a03946903755841190e9840612b2ee473052d9a6b4d28e6d1c7773a165f2c4a202c712eb98012222cfeb66b1dcc1077844c230d3c1c7a9be3a889018ab4eef6310160c029b74cc269c6a7880656009c8cc838721533a57b7c84a1b70f42012cd6111b80acc51232c3e892562d02499d1660bca5910265faa5b411f4707e9b8ad0cb60e9346c2c0a6942c7b858403c6a6d0bc2e7508e13042294592cc600376db295feb7ee24c068dd2a393e41266fbc1db390c90464e82036895a604d9470b1b7876c6c221ea6797bb55a067f8218a68a86f9284a2248578ec2b7e93a8c4c94012c900f3928f0f002e802ca1d0ec386560963c51a563180fe2330fabb40fab4bb175905b44d5477271cef415b3a5f04fb7478b97b570a68157a5d40eb662592b86cca542736b35bff07bb27df62664b25364b8a53304c3b249adcd90825a270ee12b1d3cbac32c22aa730b25ad7800b95cc5f67acf887c8eff9b82f0b22ef07b36eef89b1c91a3a4d0c8daa6277c89430b0644c59884af5370ec291312256c25ac3f038321bc5682dd5ac52451b4fff41a8cc63cdb4a5f5c0c135cb724dc67b1f263a2ac9b9a03f336d89831a9b5a398dc1c3ba57c43b2530c995aae8a58dcc73fb1235227d33993c077b3e81c91482aab483de83304fd66b6ef19c9f7c2accf22908683af8f74ad80c67d5a7c422523921f12ac4d9947eca59b469200b03a8eb182777af71f546567f9383ffb9b3a1e3cacccc1c9be138538ac829e93bd92c1cf3d4bb9027724c87975cd239009110e4aab586e9c961ab77e5d1352eddca0ad514e8e165df50101be7866dd0812d41c61dd335a57039b9f797108c9b6b1163aad89ccf4cc12a055c9783a4b9d81c163b6606d4113f48805e1807363f850b9518c607074fe3189aa1045c4cc3c90fca260b49d55159635f39ce5b5bdfd5368e2e92a2f3769ba6c51780268de10429088ac07f0ba5258abca1a76d12285d63435e8fabeca0b488f2c4a6b14167f485c6948a765b09370333682a91292c99f950a562d78393ffba19c828126cb601f7a72bcc27979b2497289b2c83321273f95b1dd9d9e568850193a004334cc07e7bdf23f92d91de8f1705099b8104ff8ba3726d57ee1c97fb94cd02740eefc19380938d8c544001d0020d46ecc7680fdd46d06a3f99198239ae4de9d42a81fea83831a2dc26dab993318001b0003020002000500050100000000000d001200100403080404010503080505010806060100170000002b000706aaaa03040303ff01000100000a000c000acaca11ec001d00170018446900050003026832001200000010000e000c02683208687474702f312e31002d00020101fe0d011a00000100012c0020d43381e144d70dd310aa8a87a201fa7ff6c73141e21c21c4ba87c088971e7c5600f03c2a1348dfdc225b32fa6ca9fc69fed714ca9272956703b3e49a3f3975658ee468689829ca7e0442e5755c6e1b242adce757f50367a54f2c60282da2aa68ad05d4a25109397826c6ba977841f43f834685f9d4fa752e032da3a3290be555f7dee7ca08bacf1d46e68e63254e82df679bef928692be0b5ede65bd9fbeb74ca4da8c95abb781344a3e411df5066fea749d8d3d6dc686ca4d07393971af637fb79e3f4e91b2be6c3af5dcde355a08cea00e0277e1582d74b1b5e4c00160ce047110be13ce13146065ed21335c83947976678c4eace901fbb87e364fa38f5118b91d36a8cfd2b59a4c965864c45760cda524baba000100sever hello0200007603037a751dc37c39f16fdb7014ec47de7f44f59cb3ea9ecb57772c9432cf63aed9bc20ca749b39a3363365d8f68b06fb3a1b2a99c84601cc6460b0e4e270e0a4d38198130200002e002b0002030400330024001d0020fdd9d0b2dbfb32d9948060965e05163ccaedd1caeb0ff2a058eb975b6674a710Encrypted Extensions08000011000f0010000b000908687474702f312e31Certificate0b0003a8000003a400039f3082039b30820283a003020102020900a0fc83a9e4ef2028300d06092a864886f70d01010b05003064310b300906035504061302434e3110300e06035504080c074265696a696e673110300e06035504070c074265696a696e67310e300c060355040a0c056c73626c6a310e300c060355040b0c056c73626c6a3111300f06035504030c086c73626c6a2e636e301e170d3230313131363035303530345a170d3330313131343035303530345a3064310b300906035504061302434e3110300e06035504080c074265696a696e673110300e06035504070c074265696a696e67310e300c060355040a0c056c73626c6a310e300c060355040b0c056c73626c6a3111300f06035504030c086c73626c6a2e636e30820122300d06092a864886f70d01010105000382010f003082010a0282010100b2bbba95c541522cfcd1ac5585c54afab5d3bab001bd9200135b009ca93eb4d7bba897a7b813d21ff6593f94341f5eb8514d64168b0e993e2a4f057160de18bb70505754ac3f14eac2890033830352afab1de2da6b837291172f8ec40af8f061f9f539f7256ee16274a1e791087c582a1b713f816c2470296c94f7c4200c745769805a32a8c80842650a461e3bc9f1741d04ec54db80b9c60efbedbedd65a162917c3db7afaefa6bed36ead9303aeef429cf855e1c141af27d227669eb799561d7f1f0d2dd93e553114758f4f81eb6fc0ab17da2175206f4d260d09fda2ea3b5964b80b383e83580a01b654bf9cdf10d7f6217388765d821d9e350cba336eb1d0203010001a350304e301d0603551d0e04160414677abcfb687e07ad72272eb335821a10e1297cc9301f0603551d23041830168014677abcfb687e07ad72272eb335821a10e1297cc9300c0603551d13040530030101ff300d06092a864886f70d01010b050003820101000ccd9e0613318224d74232509f9ee4673897bc4aaa9e32c0bbfaf045be56ea878f323be0a2236a18aed7d346bca54927230e972a04494645cfca46487688e2a6c0899c419ff8a248475b00253e0759e561513b5112c297e7a6c55bae3af26b5ccf668c5a8bf220e4ed70eef4d9d140a0e8a4c8968204ac472901f332bd42490135b06ed1e2d35866ef923ca9d4a3284fa455a9b3e6fdb76f9e7e0c07a4787c85a6c245a8229c6ac1296d745a14ad5e4012ae2529301e025ae98762c6c0994248a37c510d1a9239bbd946d57ec8e4ad708a47e7edab768efb2fb190571100e43c1d544d1e3a6140649ecf4a08b7baec4660d624e56bd15b939aafc721ff12c61c0000将Client hello、sever hello、Encrypted Extensions、Certificate按照报文的先后顺序拼接哈希得到待签名消息Sever hello中协商的哈希算法为SHA384TLS1.3暂不支持SHA3算法故所使用的哈希算法为SHA2-384得到待签名内容ae24946cddb4a6ada7354536686331d1d7f79e57614802b087935ae0dcc0a394fc2a725fa26d4a2f0c2339646ff15701签名原文为20202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020544c5320312e332c2073657276657220436572746966696361746556657269667900ae24946cddb4a6ada7354536686331d1d7f79e57614802b087935ae0dcc0a394fc2a725fa26d4a2f0c2339646ff157013.4验签签名算法验签
相关文章
Pixelle-Video:零基础AI短视频制作完整指南,3分钟学会专业视频创作
Pixelle-Video:零基础AI短视频制作完整指南,3分钟学会专业视频创作 【免费下载链接】Pixelle-Video 🚀 AI 全自动短视频引擎 | AI Fully Automated Short Video Engine 项目地址: https://gitcode.com/GitHub_Trending/pi/Pixelle-Video …
Palantir Gotham:从情报战场到企业决策的AI操作系统实战解析
1. Palantir Gotham:从情报战场到企业决策的AI操作系统 如果你看过好莱坞大片里情报人员对着大屏幕点点划划就能锁定恐怖分子的场景,那大概率就是Palantir Gotham的杰作。这个诞生于2004年的神秘平台,最初确实是专为美国国防和情报部门设计的…
终结Mac与Windows的文件壁垒:Free-NTFS-for-Mac全攻略
终结Mac与Windows的文件壁垒:Free-NTFS-for-Mac全攻略 【免费下载链接】Free-NTFS-for-Mac Nigate: An open-source NTFS utility for Mac. It supports all Mac models (Intel and Apple Silicon), providing full read-write access, mounting, and management fo…
论文降重有哪些被严重低估的 AI 网站?亲测从 47% 降到 9% 只花了一晚
论文查重成为无数学生的 “噩梦”,知网、维普检测标准不断升级,不仅严控重复率,更对 AIGC 生成痕迹零容忍。很多同学花费数天人工改写,重复率却始终卡在 30% 以上,甚至越改越高。其实市面上藏着一批被严重低估的 AI 降…
告别穿戴束缚!黎阳之光无感定位赋能矿山矿洞精细化管控
矿山矿洞作为高危作业场景,人员管理的精准度与时效性直接关乎安全生产大局。长期以来,穿戴式定位设备因依赖佩戴、易受环境影响等问题,难以满足矿洞精细化管控需求。黎阳之光科技有限公司创新研发人员无感定位技术,以纯视觉空间计…
初创团队如何利用Taotoken Token Plan套餐优化AI开发成本
🚀 告别海外账号与网络限制!稳定直连全球优质大模型,限时半价接入中。 👉 点击领取海量免费额度 初创团队如何利用Taotoken Token Plan套餐优化AI开发成本 对于初创团队和独立开发者而言,在项目原型开发阶段ÿ…
伊通往事:日伪监狱水牢发掘纪实与赵尚志将军遗首历史回响
在伊通满族自治县,新建交通局综合楼项目施工期间,拆除日伪时期老客运站建筑时,意外发现一处隐秘地下入口。施工方当即请来专业队伍对地下入口进行爆破清理,随后启动抽水作业,却发现地下水持续抽排、始终无法抽干&#…
构网型(GFM-VSG)与跟网型(GFL-PQ)逆变器混合并联并网系统(Simulink仿真实现)
💥💥💞💞欢迎来到本博客❤️❤️💥💥 🏆博主优势:🌞🌞🌞博客内容尽量做到思维缜密,逻辑清晰,为了方便读者。 🎁…
ISE老项目维护必备:在Win10系统下为Xilinx Platform Cable USB II安装兼容驱动的完整流程
ISE老项目维护指南:Win10系统Xilinx Platform Cable USB II驱动兼容性深度解析 在FPGA开发领域,Xilinx ISE虽然已被Vivado取代多年,但仍有大量工业设备和学术项目依赖这一经典工具链。最近为实验室一台新采购的Win10工作站配置开发环境时&…
大模型核心加速器:KV Cache 如何将 O(n²) 计算复杂度降至 O(n)?
KV Cache 是大模型自回归生成任务的关键优化技术,通过“空间换时间”策略缓存历史 Key 和 Value 向量,将推理复杂度从 O(n) 降至 O(n)。文章阐述了语义缓存与前缀精确匹配两种核心范式,深入分析了 KV Cache 的技术底层原理、工程化应用及规模…
物流系统如何打通信息孤岛?哲盟软件系统:一键打通内外部数据壁垒
在数字化转型加速的今天,物流企业面临的最大痛点之一就是信息孤岛——ERP、电商平台、智能硬件、OMS/TMS/WMS等系统各自为政,数据无法自由流转,导致人工操作繁琐、效率低下、出错率高。特别是在跨境物流领域,亚马逊、Shopee、TikT…
Windows Defender终极恢复指南:5种强力方法解决禁用问题
Windows Defender终极恢复指南:5种强力方法解决禁用问题 【免费下载链接】no-defender A slightly more fun way to disable windows defender firewall. (through the WSC api) 项目地址: https://gitcode.com/GitHub_Trending/no/no-defender 当你的Windo…
施工现场安全事故预警准确率达94.6%?——解密某央企AI Agent边缘计算部署架构与3个月落地实录
更多请点击: https://codechina.net 第一章:施工现场安全事故预警准确率达94.6%?——解密某央企AI Agent边缘计算部署架构与3个月落地实录 在华北某大型地铁盾构施工现场,一套轻量化AI Agent系统于2024年Q2完成全栈部署ÿ…
附录 B:术语表
本术语表面向“从 MM 到 HMM”专栏阅读过程中的快速查阅。它不是内核 API 手册,而是把文章中反复出现的概念放到同一张地图上:先给出直观含义,再说明它在 Linux MM/HMM 语境里的作用。建议阅读方式: 初读专栏时,把它当…
Midjourney渐变美学的神经渲染原理(附RGB-HSV-LCH三空间渐变映射对照表·行业首曝)
更多请点击: https://kaifayun.com 第一章:Midjourney渐变美学的神经渲染原理(附RGB-HSV-LCH三空间渐变映射对照表行业首曝) Midjourney 的渐变美学并非传统插值实现,而是由其隐式神经渲染器(Implicit Neu…
MPC-BE:基于DirectShow架构的专业级开源媒体播放解决方案
MPC-BE:基于DirectShow架构的专业级开源媒体播放解决方案 【免费下载链接】MPC-BE MPC-BE – универсальный проигрыватель аудио и видеофайлов для операционной системы Windows. 项目地址:…
如何快速计算3D模型体积和重量:STL-Volume-Model-Calculator终极指南
如何快速计算3D模型体积和重量:STL-Volume-Model-Calculator终极指南 【免费下载链接】STL-Volume-Model-Calculator STL Volume Model Calculator Python 项目地址: https://gitcode.com/gh_mirrors/st/STL-Volume-Model-Calculator 你是否曾经为3D打印项目…
通过Taotoken CLI工具一键配置团队开发环境与模型密钥
通过Taotoken CLI工具一键配置团队开发环境与模型密钥 1. CLI工具安装与基本使用 Taotoken提供的CLI工具可通过npm全局安装或直接使用npx运行。对于需要频繁使用CLI的团队,推荐全局安装: npm install -g taotoken/taotoken对于临时使用或项目级配置&a…