课下作业:IPSec协议验证
文章目录
- 1. 参考云班课课程资源中“ch03 密码技术-协议验证”的“VPN协议验证.pdf”和“ch03 密码技术-10-密码协议验证IPSec.mp4”,对 IPSec 协议进行验证,提交验证过程。(79分)
- 第一阶段发起方的验证
- 第一阶段响应方的验证
- 第一阶段密钥计算
- 第二阶段
- 2. 不使用 “VPN协议验证.pdf”中的商用密码工具,使用 OpenSSL或者 GmSSL命令进行验证,提交验证过程(选做,加分项目,加20分)
- 第一阶段发起方的验证其签名
- 第一阶段响应方的验证其签名
- 第一阶段密钥计算HMAC验证
- 第二阶段
- 提交要求 (1')
1. 参考云班课课程资源中“ch03 密码技术-协议验证”的“VPN协议验证.pdf”和“ch03 密码技术-10-密码协议验证IPSec.mp4”,对 IPSec 协议进行验证,提交验证过程。(79分)
第一阶段发起方的验证
-
使用工具解析发起方加密私钥文件“left_enc.key”,得到发起方加密公私钥对内容
-
私钥
2eb464dc25937be59938549f4cc6306cea1c2ecdcc491a4e3b4fc0bd29af1f99
- 公钥
7dbea54543458172bd3b688e509c2df54586ace00b58ec941499f94a50a58c675d6f9adaff089e8137a76343acd2f35ca30a8a5ccf81b7cdce5266a016b9e364
-
在Wireshark中打开“left.pcapng”包,用isakmp协议过滤一下数据包3+ipisec-left.pcapng
-
导出ski密文
307902210083e6ecef3fb62d7d4683132d920a298dd88efc8342256fb751987a5c37300cd30220398674a09fc955c21d9218a5016994738d9eddb2939b133e8ed2273aa3a215d30420cf1f2e14abe2de8c81fc9f2fbf028648570af88dcdaa98659a4c3eb1f96975100410ac34d8306c55b50003a96045184deb81
参考“GM/T0009-2023SM2密码算法使用规范”的加密数据的定义,实际的加密值是X||Y||Hash||C。SKi密文包,按TLV分割:
3079 T
022100 L
83e6ecef3fb62d7d4683132d920a298dd88efc8342256fb751987a5c37300cd3 X
0220
398674a09fc955c21d9218a5016994738d9eddb2939b133e8ed2273aa3a215d3 Y
0420
cf1f2e14abe2de8c81fc9f2fbf028648570af88dcdaa98659a4c3eb1f9697510 Hash
0410ac34d8306c55b50003a96045184deb81
- 所以SKi密文X||Y||Hash||C为
83e6ecef3fb62d7d4683132d920a298dd88efc8342256fb751987a5c37300cd3398674a09fc955c21d9218a5016994738d9eddb2939b133e8ed2273aa3a215d3cf1f2e14abe2de8c81fc9f2fbf028648570af88dcdaa98659a4c3eb1f9697510ac34d8306c55b50003a96045184deb81
- 解密得到明文
e6b74813213bfe4759c20225ade2678e
- 在Wireshark中通过导出获取Ni密文
NI密文
a73cb7e86cc9b2020ecb43baa4e96cf8fb83d3a176a3e11b618206b32b958c69
-
使用工具解密Ni密文:SM4算法,CBC模式密钥为Ski,iv为00000000000000000000000000000000
-
NI明文
450be90d637a4c714d129d13e15642370000000000000000000000000000000f
后面的0000000000000000000000000000000f为填充数据,Ni明文为
450be90d637a4c714d129d13e1564237
-
在Wireshark中通过导出获取IDi密文,注意Wireshark对IDi的解析有错误,IDi数据看截图,IDi为identificationpayload去掉前3项后的所有数据
-
IDi密文
eff5aaaddbce5efb2d9daca6f1de48c88096f24ada20e090aa45dc2e46a90517140fe404e0fa5c362423b9559a7dccb08d95ed049d05bf40fbe654ba7d0fae70a583343b9cb2a417d66032ca9a786ff901f6987c86bf733851bf8a46ea92a3ef
- 工具解密
- 使用工具解密的到IDi明文:SM4算法,CBC模式,密钥SKiiv:fb83d3a176a3e11b618206b32b958c69(Ni密文的最后一个分组)
- IDi明文
09000000304a310b3009060355040613024141310b3009060355040813024242310b3009060355040a13024343310b3009060355040b13024444311430120603550403130b636c69656e74207369676e0000000000000000000000000000000f
- 在Wireshark中通过导出获取发起方加密证书CERT_enc_i
- CERT_enc_i
05308201ed30820192a00302010202145b2ebfa257b547c1b04ebce83ad65e6c595addaa300a06082a811ccf550183753045310b3009060355040613024141310b300906035504080c024242310b3009060355040a0c024343310b3009060355040b0c024444310f300d06035504030c067375622063613020170d3233303232323032333031345a180f32313233303132393032333031345a3049310b3009060355040613024141310b300906035504080c024242310b3009060355040a0c024343310b3009060355040b0c0244443113301106035504030c0a636c69656e7420656e633059301306072a8648ce3d020106082a811ccf5501822d034200042920dde9348041de867e49a5caa1936d3241f9b79cb5dcc5c6d59b31f8d88467b05b38505b101f7dbf242bcba73daf394cf0879d3f0e8ec08739f1db00fa770ca35a305830090603551d1304023000300b0603551d0f040403020338301d0603551d0e041604147cf13c4f768f4733a2ffe2e259346b90cfb474a8301f0603551d23041830168014ac61eb22806259083e96c8d17fce745c02af3c99300a06082a811ccf550183750349003046022100e2131845079c82d4a4b09b4990b21bc4e281899b83b226c9916d5c5fee12139f022100e7d3e711561a7a0be92392ed9f94f63ca2aa899d9039611f4472488bf14565ea
- 得到签名原文SKi||Ni||IDi||CERT_enc_i
e6b74813213bfe4759c20225ade2678e450be90d637a4c714d129d13e156423709000000304a310b3009060355040613024141310b3009060355040813024242310b3009060355040a13024343310b3009060355040b13024444311430120603550403130b636c69656e74207369676e05308201ed30820192a00302010202145b2ebfa257b547c1b04ebce83ad65e6c595addaa300a06082a811ccf550183753045310b3009060355040613024141310b300906035504080c024242310b3009060355040a0c024343310b3009060355040b0c024444310f300d06035504030c067375622063613020170d3233303232323032333031345a180f32313233303132393032333031345a3049310b3009060355040613024141310b300906035504080c024242310b3009060355040a0c024343310b3009060355040b0c0244443113301106035504030c0a636c69656e7420656e633059301306072a8648ce3d020106082a811ccf5501822d034200042920dde9348041de867e49a5caa1936d3241f9b79cb5dcc5c6d59b31f8d88467b05b38505b101f7dbf242bcba73daf394cf0879d3f0e8ec08739f1db00fa770ca35a305830090603551d1304023000300b0603551d0f040403020338301d0603551d0e041604147cf13c4f768f4733a2ffe2e259346b90cfb474a8301f0603551d23041830168014ac61eb22806259083e96c8d17fce745c02af3c99300a06082a811ccf550183750349003046022100e2131845079c82d4a4b09b4990b21bc4e281899b83b226c9916d5c5fee12139f022100e7d3e711561a7a0be92392ed9f94f63ca2aa899d9039611f4472488bf14565ea
- 在Wireshark中通过导出获取签名值(处理后)
- 签名值
8fd24caa07d506eb6b88ebd5852839e127e875738747a8d2c356150e4b95c6f214a9f5aea118004276fbd8437b0f6e5db84d138b058236f7d6656f3dedefd740
- 发起方签名公钥,去掉第一字节04
04 2d617e74d5586dde23d2490fbd468e30f11d012d50a8f392cd1849b10b167e9a0661f7e3a2a00ee7ec4718ed937b4ab2c50aa0d341d15e4095743b3850af6d3c
- 使用工具验签成功
第一阶段响应方的验证
-
使用工具解析响应方加密私钥文件“right_enc.key”,得到响应方加密公私钥对内容
-
私钥
bb3d0ce3feaa521807031b86588d8d3ed35c888c266003780140e804491ad6d7
- 公钥
2920dde9348041de867e49a5caa1936d3241f9b79cb5dcc5c6d59b31f8d88467b05b38505b101f7dbf242bcba73daf394cf0879d3f0e8ec08739f1db00fa770c
- 导出SKr密文
3079022100e2fee5b1439937014b7ad1a585f4a62910787a7c885884c1370cd9fb8dadd12c02201c2f5ab9ba02bc9d9c21cf18afaa6b64f0b0a733bd730508d6567f9faac722aa042000376aa46646d90577b5ab0170f97043356acef83504b8a4b9ae159a0e834fc3041001734e922fa8c88ad6814c59264e9f21
处理
e2fee5b1439937014b7ad1a585f4a62910787a7c885884c1370cd9fb8dadd12c1c2f5ab9ba02bc9d9c21cf18afaa6b64f0b0a733bd730508d6567f9faac722aa00376aa46646d90577b5ab0170f97043356acef83504b8a4b9ae159a0e834fc301734e922fa8c88ad6814c59264e9f21
-
使用工具,用prv_r解密SKr密文得到SKr的明文为
-
SKr明文
93754381265febcf025a6c0d53abf6d3
-
在Wireshark中通过导出获取Nr密文
-
Nr密文
a469aa4b7374d33262e76b20ed2f65e6ccbd5799630f7f8e68320b2f121e0a26
-
使用工具解密Nr密文:SM4算法,CBC模式密钥为Skr,iv为000000000000000000000000000000
-
解密
098664cd2c46bfbc8c5f5dcb856e64810000000000000000000000000000000f
- 在Wireshark中通过导出获取IDr密文
- IDr密文
09000064(去掉前三项)
071d406ee84d676c2837ba45490b650b27f664aa7a732aef599c69d06b25fd9be2e7f4f11d5306aa2ced370b6958a6b4a9c91b3ddb2fb6f61673d897fdf12f73796643992e7cc9d996cac9ddaa571b2ec85a68150fad375d6e94b62c28dfcd8d
-
使用工具解密的到IDr明文:SM4算法,CBC模式,密钥SKr
-
iv:ccbd5799630f7f8e68320b2f121e0a26(Nr密文的最后一个分组)
-
IDr明文
09000000304a310b3009060355040613024141310b3009060355040813024242310b3009060355040a13024343310b3009060355040b13024444311430120603550403130b736572766572207369676e0000000000000000000000000000000f
- 在Wireshark中通过导出获取发起方加密证书CERT_enc_r
0d0001f4(去掉前三项)
05308201eb30820192a003020102021468d892e963aca045620e799d6fc31d937433e57c300a06082a811ccf550183753045310b3009060355040613024141310b300906035504080c024242310b3009060355040a0c024343310b3009060355040b0c024444310f300d06035504030c067375622063613020170d3233303232323032333031345a180f32313233303132393032333031345a3049310b3009060355040613024141310b300906035504080c024242310b3009060355040a0c024343310b3009060355040b0c0244443113301106035504030c0a73657276657220656e633059301306072a8648ce3d020106082a811ccf5501822d034200047dbea54543458172bd3b688e509c2df54586ace00b58ec941499f94a50a58c675d6f9adaff089e8137a76343acd2f35ca30a8a5ccf81b7cdce5266a016b9e364a35a305830090603551d1304023000300b0603551d0f040403020338301d0603551d0e0416041467a5add59476e05a9c5e56b8860ff13b28eeec54301f0603551d23041830168014ac61eb22806259083e96c8d17fce745c02af3c99300a06082a811ccf550183750347003044022047593579c4adec8db7df98c4aae1661c1139a5ef1293f22a3aa412d09becd6e602206e57301d177946956fd39cb5ac603902cd17c7517ed8941ecc985ea7db6958c8
- 得到签名原文SKr||Nr||IDr||CERT_enc_r
93754381265febcf025a6c0d53abf6d3098664cd2c46bfbc8c5f5dcb856e648109000000304a310b3009060355040613024141310b3009060355040813024242310b3009060355040a13024343310b3009060355040b13024444311430120603550403130b736572766572207369676e05308201eb30820192a003020102021468d892e963aca045620e799d6fc31d937433e57c300a06082a811ccf550183753045310b3009060355040613024141310b300906035504080c024242310b3009060355040a0c024343310b3009060355040b0c024444310f300d06035504030c067375622063613020170d3233303232323032333031345a180f32313233303132393032333031345a3049310b3009060355040613024141310b300906035504080c024242310b3009060355040a0c024343310b3009060355040b0c0244443113301106035504030c0a73657276657220656e633059301306072a8648ce3d020106082a811ccf5501822d034200047dbea54543458172bd3b688e509c2df54586ace00b58ec941499f94a50a58c675d6f9adaff089e8137a76343acd2f35ca30a8a5ccf81b7cdce5266a016b9e364a35a305830090603551d1304023000300b0603551d0f040403020338301d0603551d0e0416041467a5add59476e05a9c5e56b8860ff13b28eeec54301f0603551d23041830168014ac61eb22806259083e96c8d17fce745c02af3c99300a06082a811ccf550183750347003044022047593579c4adec8db7df98c4aae1661c1139a5ef1293f22a3aa412d09becd6e602206e57301d177946956fd39cb5ac603902cd17c7517ed8941ecc985ea7db6958c8
- 在Wireshark中通过导出获取签名值
- 签名值(DER格式签名值)
3046022100c8ac036fbce28ff4e7f5366c704e405b23753b8ca95a4319b8657ea1fb46534e022100f14eeb8858614a62409af9aa1037e2b4b42b155e931b359cd792189ca90e09d4
- 处理
c8ac036fbce28ff4e7f5366c704e405b23753b8ca95a4319b8657ea1fb46534ef14eeb8858614a62409af9aa1037e2b4b42b155e931b359cd792189ca90e09d4
- 在Wireshark中通过导出获取响应方签名公钥
04
05bffaeec406c8f3f580a6e39c528476c0df2b61065d4a74f476af0fb66890f896acc4b21d8b036d13f17bd4d38234908bedb77f8e3eae870654fc6fa8048d0c
- 使用工具验签成功
第一阶段密钥计算
- 基于sm3算法计算HASH(Ni||Nr)
Ni||Nr
450be90d637a4c714d129d13e1564237098664cd2c46bfbc8c5f5dcb856e6481
- HASH(Ni||Nr)
83fddf2b5dc8bd853c343ee68f780cfaf2e37fdde3998da2c76a4b368816e972
- CKY-I||CKY-R
a89a4662a4d1cad049a2eb29cf6d65db
-
使用工具计算SKEYID=PRF(HASH(Ni||Nr),CKY-I|CKY-R)
-
SKEYID
af75db413c0babf64d866f08b53432ce027c59a975a30b284b31236c0689113e
-
使用工具计算SKEYID_d=PRF(SKEYID,CKY-I|CKY-R|0)
-
SKEYID_d
d07385874bd72fa3ec6d42714e643a94de6644d24f2f50239892f8ef478293e7
-
使用工具计算SKEYID_a=PRF(SKEYID,SKEYID_d|CKY-I|CKY-R|1)
-
SKEYID_a
51b531818c073c1b72ca8e9a883e6b19755604445abedf57df176d575f4320fe
- 使用工具计算SKEYID_e=PRF(SKEYID,SKEYID_a|CKY-I|CKY-R|2)
51b531818c073c1b72ca8e9a883e6b19755604445abedf57df176d575f4320fe
a89a4662a4d1cad049a2eb29cf6d65db
02
- SKEYID_e
f60661271d29c5093894dacdacf5378c13aeea3d52b2be0ce06ad87edbc9f7d1
分成两段:
f60661271d29c5093894dacdacf5378c SKEYID_e
13aeea3d52b2be0ce06ad87edbc9f7d1
- 使用工具计算hash(SKi||SKr)
e6b74813213bfe4759c20225ade2678e93754381265febcf025a6c0d53abf6d3
- IV=hash(SKi||SKr)
de788aa1e41303baf97136e86f82f2fc IV
05fd904df03879c49c1e1a9a868b0e1a
- 在Wireshark中通过导出获取HAHSi密文
c60c2e7689fa1519256ec690bbfb7d6380a52de3d51ce8fb1ac5923a84ceac86
b958be5fa74277fc91b3bfd3d1cbf7e0 HASHr IV
-
使用工具解密的HASHi包:SM4算法,密钥:SKEYID_e,CBC模式,IV=HASH(Ski_b|Skr_b)
-
HASHi明文
00
00
0024
5855a82383911acace237a72d2c6427aa18d552fc4d80d13288104a7f9da2f3c000000000000000000000000
- 验证HASHi=PRF(SKEYID,CKY-I|CKY-R|SAi_b|IDi_b)
- SAi
0d000034 去掉前三项
0000000100000001000000280001000100000020010100008001007f800200148003000a80140002800b0001800c3de0
- CKY-I||CKY-R||SAi||IDi
a89a4662a4d1cad049a2eb29cf6d65db0000000100000001000000280001000100000020010100008001007f800200148003000a80140002800b0001800c3de009000000304a310b3009060355040613024141310b3009060355040813024242310b3009060355040a13024343310b3009060355040b13024444311430120603550403130b636c69656e74207369676e
- HASHi=PRF(SKEYID,CKY-I|CKY-R|SAi_b|IDi_b
5855a82383911acace237a72d2c6427aa18d552fc4d80d13288104a7f9da2f3c
与步解密出来的一致
- HASHr密文
dd55ad19832211a7909550c3472615c55feddb949b5ee01f9cfe6d9e228e3a1dd92048953a172891b194012f8db5f7b0
- 解密的HASHr:SM4算法,密钥:SKEYID_e,CBC模式,IV=HASHi密文最后一包
b958be5fa74277fc91b3bfd3d1cbf7e0 HASHr IV
- HASHr明文
00
00
0024
4146700c999eb6b4ce92891881b8ec69c013bf83062b885372f2dfddfafe4ea6000000000000000000000000
- SAr
06000034 去掉前三项
0000000100000001000000280001000100000020010100008001007f800200148003000a80140002800b0001800c3de0
- CKY-R||CKY-I||SAr||IDr
49a2eb29cf6d65dba89a4662a4d1cad00000000100000001000000280001000100000020010100008001007f800200148003000a80140002800b0001800c3de009000000304a310b3009060355040613024141310b3009060355040813024242310b3009060355040a13024343310b3009060355040b13024444311430120603550403130b736572766572207369676e
-
使用工具计算HASHr=PRF(SKEYID,CKY-R|CKY-I|SAr_b|IDr_b)
-
HASHr
4146700c999eb6b4ce92891881b8ec69c013bf83062b885372f2dfddfafe4ea6
第二阶段
- 第一阶段的最后一组密文
dd55ad19832211a7909550c3472615c55feddb949b5ee01f9cfe6d9e228e3a1d
d92048953a172891b194012f8db5f7b0 最后一组
- Message ID
cc2d2221
- 第一阶段的最后一组密文||MsgID
d92048953a172891b194012f8db5f7b0cc2d2221
-
使用工具计算IV
-
hash
56e6dfc945499ae8aca47a6ca9cf2ada IV
005ac24e502d2ad621591efd5d57bdbe
- 第一个包密文
0480348d01d6635a2c2a912fbdb677f0e718ca239c1758319069d74efc0601c4bdb814f8d5575add1acc7075723263a65270547f464345b292753cd5c759fde4c94048f5ced4b161679c75a3cb0fec2d80c292df8b6a567b916cb0cdb57d30097f841630cfb8081cc8b65b0be54dcd45acef18456a1dbb1b764b4a4164b4ffab0b364556de52ec116c1014112986fd82
359b204f92800504072e2994af771b88 第二包IV
-
第一个包解密:SM4算法,CBC模式,密钥SKEYID_e,IV=HASH(第一阶段的最后一组密文||MsgID):56e6dfc945499ae8aca47a6ca9cf2ada
-
第一个包 明文
01
00
0024
0c52abf2bee8337f08694ee22b97e4571ef491ef5c88eda04a5f4c3fc82c03d9
SA包
0a
00
003c
00000001
00000001
建议包
00
00
0030
00
03
04
01
c515ecd5
变换载荷
00
00
0024
01
7f
0000
属性载荷
80050014
80040001
80010001
80021734
800100020002000400086470
nounce包
05
00
0014
4fdbbce1785046b21f1eb00afbec31c4
IDi包
05
00
0010
04000000ac101d00ffffff00
IDr包
00
00
0010
04000000ac101c00ffffff00
000000000000000000000000填充
- 第二个包 密文
49813dfd83a4c3c3bf2950290904fc4237c90e5e45e4991a60336a91ee6848de0ca5964fbb5af6f0aa607ebcc8188e9774a8ac79f1f93b1a72140625c3588eea7e1e4b137783c948e9bd7a060f8d36821b5198c7e3eb41a5ad4e3f30acf978f80930e47a79e3ddae43fb9d1463c6dbcb45ad9d37ead1eb54fbcf39058a9e9c39f7a9c43c6c1aecc5a1a58522abd5960920f20261bf78e32847d2f84e7f4cbdb2
- 第二个包解密:SM4算法,CBC模式,密钥SKEYID_e,IV:
359b204f92800504072e2994af771b88
- 第二个包明文
01000024d90aad574e561b98e0fd9136cc217e7e4c8300cf8c3829aa2c650e8de73e7c210a00003c00000001000000010000003000030401c713ad0600000024017f00008005001480040001800100018002173480010002000200040008647005000014106bcaa925dc5b6d994efc88369d60590500001004000000ac101d00ffffff000000001004000000ac101c00ffffff00000000000000000000000000
- 第三个包密文
6017ca492079d1910a3cfbc30aaa2d66c6a003b902799af271b6d87d36555031b2d9d152de3a711963072efa0d2d8012
- 第三个包解密:SM4算法,CBC模式,密钥SKEYID_e,IV:20f20261bf78e32847d2f84e7f4cbdb2
- 第三个包明文
00
00
0024
c6125d6cc79a13a4fa8f0806e7fed72ec4280f5a64b5a0a67789bd8e698036c9
000000000000000000000000填充
2. 不使用 “VPN协议验证.pdf”中的商用密码工具,使用 OpenSSL或者 GmSSL命令进行验证,提交验证过程(选做,加分项目,加20分)
第一阶段发起方的验证其签名
- 将其公钥转化为pem格式
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAELWF+dNVYbd4j0kkPvUaOMPEdAS1Q
qPOSzRhJsQsWfpoGYffjoqAO5+xHGO2Te0qyxQqg00HRXkCVdDs4UK9tPA==
-----END PUBLIC KEY-----
- 使用gmssl验证成功
root@LAPTOP-PRC71A0C:~/test/test2# echo "8fd24caa07d506eb6b88ebd5852839e127e875738747a8d2c356150e4b95c6f214a9f5aea118004276fbd8437b0f6e5db84d138b058236f7d6656f3dedefd740" | xxd -r -p > signature.bin
root@LAPTOP-PRC71A0C:~/test/test2# ls
client_pubkey.pem message.txt signature.bin
root@LAPTOP-PRC71A0C:~/test/test2# gmssl sm2verify pubkey client_pubkey.pem -in message.txt -signature.bin
gmssl sm2verify: illegal option 'pubkey'
root@LAPTOP-PRC71A0C:~/test/test2# gmssl sm2verify -pubkey client_pubkey.pem -in message.txt -signature.bin
gmssl sm2verify: illegal option '-signature.bin'
root@LAPTOP-PRC71A0C:~/test/test2# gmssl sm2verify -pubkey client_pubkey.pem -in message.txt -sig signature.bin
/home/user/下载/GmSSL-master/src/sm2_sign.c:664:sm2_verify_finish():
gmssl sm2verify: inner error
签名值得使用DER编码的值
root@LAPTOP-PRC71A0C:~/test/test2# echo "30450221008fd24caa07d506eb6b88ebd5852839e127e875738747a8d2c356150e4b95c6f2022014a9f5aea118004276fbd8437b0f6e5db84d138b058236f7d6656f3dedefd740" | xxd -r -p > signature.bin
root@LAPTOP-PRC71A0C:~/test/test2# echo -n "e6b74813213bfe4759c20225ade2678e450be90d637a4c714d129d13e156423709000000304a310b3009060355040613024141310b3009060355040813024242310b3009060355040a13024343310b3009060355040b13024444311430120603550403130b636c69656e74207369676e05308201ed30820192a00302010202145b2ebfa257b547c1b04ebce83ad65e6c595addaa300a06082a811ccf550183753045310b3009060355040613024141310b300906035504080c024242310b3009060355040a0c024343310b3009060355040b0c024444310f300d06035504030c067375622063613020170d3233303232323032333031345a180f32313233303132393032333031345a3049310b3009060355040613024141310b300906035504080c024242310b3009060355040a0c024343310b3009060355040b0c0244443113301106035504030c0a636c69656e7420656e633059301306072a8648ce3d020106082a811ccf5501822d034200042920dde9348041de867e49a5caa1936d3241f9b79cb5dcc5c6d59b31f8d88467b05b38505b101f7dbf242bcba73daf394cf0879d3f0e8ec08739f1db00fa770ca35a305830090603551d1304023000300b0603551d0f040403020338301d0603551d0e041604147cf13c4f768f4733a2ffe2e259346b90cfb474a8301f0603551d23041830168014ac61eb22806259083e96c8d17fce745c02af3c99300a06082a811ccf550183750349003046022100e2131845079c82d4a4b09b4990b21bc4e281899b83b226c9916d5c5fee12139f022100e7d3e711561a7a0be92392ed9f94f63ca2aa899d9039611f4472488bf14565ea" | xxd -r -p > message.txt
root@LAPTOP-PRC71A0C:~/test/test2# gmssl sm2verify -pubkey client_pubkey.pem -in message.txt -sig signature.bin
verify : success
第一阶段响应方的验证其签名
- 响应方的公钥转化成pem格式
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEBb/67sQGyPP1gKbjnFKEdsDfK2EG
XUp09HavD7ZokPiWrMSyHYsDbRPxe9TTgjSQi+23f44+rocGVPxvqASNDA==
-----END PUBLIC KEY-----
- 使用gmssl验证成功
root@LAPTOP-PRC71A0C:~/test/test2# vim server_pubkey
root@LAPTOP-PRC71A0C:~/test/test2# echo -n "93754381265febcf025a6c0d53abf6d3098664cd2c46bfbc8c5f5dcb856e648109000000304a310b3009060355040613024141310b3009060355040813024242310b3009060355040a13024343310b3009060355040b13024444311430120603550403130b736572766572207369676e05308201eb30820192a003020102021468d892e963aca045620e799d6fc31d937433e57c300a06082a811ccf550183753045310b3009060355040613024141310b300906035504080c024242310b3009060355040a0c024343310b3009060355040b0c024444310f300d06035504030c067375622063613020170d3233303232323032333031345a180f32313233303132393032333031345a3049310b3009060355040613024141310b300906035504080c024242310b3009060355040a0c024343310b3009060355040b0c0244443113301106035504030c0a73657276657220656e633059301306072a8648ce3d020106082a811ccf5501822d034200047dbea54543458172bd3b688e509c2df54586ace00b58ec941499f94a50a58c675d6f9adaff089e8137a76343acd2f35ca30a8a5ccf81b7cdce5266a016b9e364a35a305830090603551d1304023000300b0603551d0f040403020338301d0603551d0e0416041467a5add59476e05a9c5e56b8860ff13b28eeec54301f0603551d23041830168014ac61eb22806259083e96c8d17fce745c02af3c99300a06082a811ccf550183750347003044022047593579c4adec8db7df98c4aae1661c1139a5ef1293f22a3aa412d09becd6e602206e57301d177946956fd39cb5ac603902cd17c7517ed8941ecc985ea7db6958c8" | xxd -r -p > message.txt
root@LAPTOP-PRC71A0C:~/test/test2# echo "3046022100c8ac036fbce28ff4e7f5366c704e405b23753b8ca95a4319b8657ea1fb46534e022100f14eeb8858614a62409af9aa1037e2b4b42b155e931b359cd792189ca90e09d4" | xxd -r -p > signature.bin
root@LAPTOP-PRC71A0C:~/test/test2# gmssl sm2verify -pubkey client_pubkey.pem -in message.txt -sig signature.bin
/home/user/下载/GmSSL-master/src/sm2_sign.c:265:sm2_fast_verify():
/home/user/下载/GmSSL-master/src/sm2_sign.c:671:sm2_verify_finish():
gmssl sm2verify: inner error
root@LAPTOP-PRC71A0C:~/test/test2# gmssl sm2verify -pubkey server_pubkey.pem -in message.txt -sig signature.bin
gmssl sm2verify: open 'server_pubkey.pem' failure : No such file or directory
root@LAPTOP-PRC71A0C:~/test/test2# lws
找不到命令 “lws”,您的意思是:
“aws” 命令来自 Snap 软件包 aws-cli (1.15.58)
“ls” 命令来自 Debian 软件包 coreutils (9.4-2ubuntu2)
“aws” 命令来自 Debian 软件包 awscli (2.14.6-1)
“les” 命令来自 Debian 软件包 atm-tools (1:2.5.1-5)
“lwm” 命令来自 Debian 软件包 lwm (1.2.4-1)
“lrs” 命令来自 Debian 软件包 lrslib (0.71b-2)
“lvs” 命令来自 Debian 软件包 lvm2 (2.03.16-3ubuntu3.1)
“lsw” 命令来自 Debian 软件包 suckless-tools (47-1)
输入 “snap info <snapname>” 以查看更多版本。
root@LAPTOP-PRC71A0C:~/test/test2# ls
client_pubkey.pem message.txt server_pubkey signature.bin
root@LAPTOP-PRC71A0C:~/test/test2# mv server_pubkey server_pubkey.pem
root@LAPTOP-PRC71A0C:~/test/test2# ls
client_pubkey.pem message.txt server_pubkey.pem signature.bin
root@LAPTOP-PRC71A0C:~/test/test2# gmssl sm2verify -pubkey server_pubkey.pem -in message.txt -sig signature.bin
verify : success
第一阶段密钥计算HMAC验证
- 计算HASH(Ni||Nr)
使用SM3算法计算Ni和Nr的组合的哈希值。这里假设你已经有了Ni和Nr的十六进制表示。
root@LAPTOP-PRC71A0C:~/test/test2/test2# echo -n "450be90d637a4c714d129d13e1564237098664cd2c46bfbc8c5f5dcb856e6481" | xxd -r -p | openssl dgst -sm3 -binary > hash_nir.bin
- 派生密钥
使用伪随机函数(PRF)基于HASH(Ni||Nr)和CKY-I||CKY-R计算SKEYID、SKEYID_d、SKEYID_a和SKEYID_e。这里假设CKY-I||CKY-R是一个已知值。
root@LAPTOP-PRC71A0C:~/test/test2/test2# echo -n "a89a4662a4d1cad049a2eb29cf6d65db" | xxd -r -p > ckyir.bin
root@LAPTOP-PRC71A0C:~/test/test2/test2# echo -n "hash_nir.bin ckyir.bin" | openssl dgst -sha1 -hmac "secret" -binary > skeyid.bin
- 计算IV
使用HASH函数计算IV值,通常为HASH(SKi||SKr)。
root@LAPTOP-PRC71A0C:~/test/test2/test2# echo -n "e6b74813213bfe4759c20225ade2678e93754381265febcf025a6c0d53abf6d3" | xxd -r -p | openssl dgst -sm3 -binary > iv.bin
- HMAC验证
使用计算出的密钥和IV对IPSec通信中的数据包进行HMAC验证。
root@LAPTOP-PRC71A0C:~/test/test2/test2# echo -n "data.bin" | openssl dgst -sha1 -hmac "skeyid.bin" -binary > hmac.bin
第二阶段
1. SA协商
在实际的IPSec实现中,SA协商通常是通过IKE(Internet Key Exchange)协议自动完成的。这里不涉及具体的命令步骤,因为它依赖于具体的网络配置和IKE协议的实现。
2. 密钥更新
在第一阶段计算出的密钥基础上,进一步派生出用于实际加密和认证的密钥。
# 使用PRF函数更新密钥
root@LAPTOP-PRC71A0C:~/test/test2/test2# echo -n "skeyid.bin" | openssl dgst -sha1 -hmac "newsecret" -binary > new_skeyid.bin
3. 数据传输
使用建立的安全关联和派生的密钥进行数据的加密传输和认证。
# 加密数据
root@LAPTOP-PRC71A0C:~/test/test2/test2# echo -n "data_to_encrypt" | openssl enc -aes-256-cbc -a -salt -pass file:skeyid.bin > encrypted_data.bin
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
# 认证数据
root@LAPTOP-PRC71A0C:~/test/test2/test2# echo -n "data_to_auth" | openssl dgst -sha1 -hmac "skeyid.bin" -binary > auth_data.bin
4. SA维护
在通信过程中,根据需要更新SA参数,如重新计算密钥、调整加密算法等。
# 重新计算密钥
root@LAPTOP-PRC71A0C:~/test/test2/test2# echo -n "new_data" | openssl dgst -sha1 -hmac "new_skeyid.bin" -binary > new_auth_data.bin
root@LAPTOP-PRC71A0C:~/test/test2/test2# ls
auth_data.bin client_pubkey.pem hash_nir.bin iv.bin new_auth_data.bin signature.bin
ckyir.bin encrypted_data.bin hmac.bin message.txt new_skeyid.bin skeyid.bin
root@LAPTOP-PRC71A0C:~/test/test2/test2# git init
hint: Using 'master' as the name for the initial branch. This default branch name
hint: is subject to change. To configure the initial branch name to use in all
hint: of your new repositories, which will suppress this warning, call:
hint:
hint: git config --global init.defaultBranch <name>
hint:
hint: Names commonly chosen instead of 'master' are 'main', 'trunk' and
hint: 'development'. The just-created branch can be renamed via this command:
hint:
hint: git branch -m <name>
Initialized empty Git repository in /root/test/test2/test2/.git/
root@LAPTOP-PRC71A0C:~/test/test2/test2# git add.
git: 'add.' is not a git command. See 'git --help'.
The most similar command is
add
root@LAPTOP-PRC71A0C:~/test/test2/test2# git add .
root@LAPTOP-PRC71A0C:~/test/test2/test2# git commit -m "密钥协商、更新,数据传输"
[master (root-commit) 2968de0] 密钥协商、更新,数据传输
Committer: root <root@LAPTOP-PRC71A0C>
Your name and email address were configured automatically based
on your username and hostname. Please check that they are accurate.
You can suppress this message by setting them explicitly. Run the
following command and follow the instructions in your editor to edit
your configuration file:
git config --global --edit
After doing this, you may fix the identity used for this commit with:
git commit --amend --reset-author
12 files changed, 14 insertions(+)
create mode 100644 auth_data.bin
create mode 100644 ckyir.bin
create mode 100644 client_pubkey.pem
create mode 100644 encrypted_data.bin
create mode 100644 hash_nir.bin
create mode 100644 hmac.bin
create mode 100644 iv.bin
create mode 100644 message.txt
create mode 100644 new_auth_data.bin
create mode 100644 new_skeyid.bin
create mode 100644 signature.bin
create mode 100644 skeyid.bin
root@LAPTOP-PRC71A0C:~/test/test2/test2# git log
commit 2968de0747d9bb2ecf2189d32517562f7f180324 (HEAD -> master)
Author: root <root@LAPTOP-PRC71A0C>
Date: Sun Nov 10 17:22:57 2024 +0800
密钥协商、更新,数据传输
提交要求 (1’)
- 记录实践过程和 AI 问答过程,尽量不要截图,给出文本内容
- (选做)推荐所有作业托管到 gitee或 github 上
- (必做)提交作业 markdown文档,命名为“学号-姓名-作业题目.md”
- (必做)提交作业 markdown文档转成的 PDF 文件,命名为“学号-姓名-作业题目.pdf”