题目分为10个小题+一个带有数字签名的PDF附件
附件:附件因为文件好像上传不了,就是一个有签名的PDF文件
做题之前大家要有针对性的去看你所涉及的相关标准以及技术。
1、数字证书结构
2、GM/T 0112-2021《PDF格式文档的密码应用技术要求》
3、RCF2560
4、GB/T 35275-2017《信息安全技术 SM2密码算法加密签名消息语法规范》
5、RFC5126
其他的小知识点我就不举例了
问题一他这个证书的解析,其实方法还有是多种的,比较直接的就是你用工具直接打开这个附件PDF,工具有到处证书的功能就是,我这边是用Adobe工具打开的。
打开后,大家根据提示就能导出6张数字证书,其中三张签名证书和三张时间戳签名证书,还有一些OCSP和CRL的证书类文件,具体用户大家可以自己看看。
第二种办法,如果你会py,那你就可以直接用脚本提前PDF里面的一些3082开头的HEX,这不多赘述。
好了第一题就这样洒洒水啦,直接过!
已知:D519E5FDAFE3F4CE97391D61DE31C15D3B31D144FF66F4045A54927E55B1119BD8D929A19C1243235C34914EB77A4CE83BC6500B54A9532B7B892D00313D5158A8D4CF27DD91B6328C1205607716914CC1217ED68A5660C7B6EDC48F53711C22A96421DAC84738D147DFE919066ACC84CBC942D7E4AF86D72BC00CC4B07F7FBFD7658B1DF5D84C9A80188D2EC3756FEC264DA9083500907CD7762CA0D1BFB1D66022586B10FFF138137ACCF18177DDC0133BA5C73F7E043D976343D592A8DAFD7F7E3974DFF3502A27DF80C0B72227280467D11BA01F7BA870950D8973FEABAFEAA3071E2ABD85E0A6FEE7FEBAF00929CDFE7EE2079D7F6B5FC6893B282B9AA6
题目2,给了我们一些提示,已知sha256RSA签名值,让我们去找签名值和原文去验证。相比刚刚看到这里的同学们,都有有点懵,这个东西在哪,怎么看,突然给这个我怎么找。这里就要大家去看前面提到的标准了,根据GM/T 0112-2021《PDF格式文档的密码应用技术要求》中可知,该PDF文件的签名相关数据存储在Contents键中,使用Notepad++打开该PDF文件,查找Contents键内容,如图所示:
提取里面的内保存出来,使用ANS.1估计打开。
Contents通常是一个 DER 编码十六进制数据对象,Contents用于存放数字签名值并以字符串形式存放在 PDF文档中,数字签名值为GB/T35275签名数据类型signedData格式调用子过滤器 GM.sm2cms.detached 进行处理,那说明上面的结构体就是满足的对的上
大家对着表看看,我是按着标准给大家对应着,不代表他这个就跟标准对应,大家自行判断。
按着已知的条件在Contents找就行。
根据RFC5280标准5.1可知,CRL文件数据结构格式如图所示;
根据RFC5280标准5.1.1.3可知,CRL文件签名值的签名原文为tbsCertList字段:
308201FC020101300B06092A864886F70D01010B305B310B300906035504061302434E3130302E060355040A0C274368696E612046696E616E6369616C2043657274696669636174696F6E20417574686F72697479311A301806035504030C1143464341204964656E74697479204F4341170D3233313231323036303530305A170D3233313231323039303530305A3082013B3021021020150457D95E2BE643E97F52758BA4F8170D3232313232333039313934305A30210210201504669F965CF3F73DD3DE82DFE4A9170D3233303232383130353031335A30210210201504AE446453245F9493DE2A88F9C7170D3233303331363037313333375A302102102015047D86477A6C343CCD23CB24FFF5170D3233303432303035353134385A30210210201504E99C7E833625D6A7DBDF243D6C170D3232313232393036343335335A3021021020150423357B9AD3D69B2EE34E3727E4170D3232313232393036343335395A3021021020150435687F4238B232D25AF9848B4E170D3233303330363037333231355A3021021020150448DA866DC98B76F72287E59DF6170D3233303330383032353333365A3021021020150459299B9D52B428CE5CBF8D4587170D3233303431393038323333325AA030302E300B0603551D140404020212C0301F0603551D230418301680149C44F4BF378F460B5991E5B6D81C0E77BC9AF272
使用工具进行验证
99EF7E781B7F55A6CFFC039DA8F2C0CEDD20278E4D3E7FB31F6E523A485168968DED28330E7A934E17A95C95F013BB024CDC35B7151BF20DD88B8B7A02991D1E13D655985034D469D4BF136DB2690A88AF921FDD708788169275F2AD3AD99BC1D5063E2D3ADDE21D66143082FF331D3B521F720212E5C78AFE6B0D5E8E100EF70724DF5DFBB295B8CF1DA7E6A647F0DC1F5523FC89DD2F04601F1E94DEC185FFC619352F2D5399819FA0A72C86B9A895AED48BF632C86856135837931B164A6B321C0F6A50C705B9DAE7C9D4B92D63B0A4179947988C4539F2934B4BAFEC5A19823285C42EB2BDAD2C100516A6830C93B877777A5ECF118CE42BF4C3E9E38A14801084DB6D17892E4608D65EACAA156F20545C5900105F4BBA2F82D09BCC2618DFB0919D0D909D03CD81AEC1CE40312A7BC2AE2AD45A665F28F7FA7FF9BAC593CBCFBBE833FF369F436812EEF77427EA1B0CD7DE74DA29D99BDC7ECE0D05EE059E36D4BC8457F952BE5021164EEEBF1C80106A90DD83D326BC3B907E0691EA26409BBDC7ED7BD89CCD2A2CD3FC074603A713115FEE75C9DFDC74AD4F0C75DF42876778932BAC0C7D86C966CF3B7BB13A825C8B12BE2EC46AE79AB833F73046EBE29EC3FDBF224169162F5EFE20DACFACA7F0FD4C95FB38D585A5AAE53322FBBBD2CF60337DB14EB833B0CD35F01644CF331852895718764003626693CD00FE5A
通过第一题中的已知条件解第三题就很容易了,
根据题目提示分析该签名值为CRL文件签名值,导出该CRL文件分析,如图所示:
其他的都跟第二题一样
CRL文件签名值的签名原文为tbsCertList字段:
3081E1020101300B06092A864886F70D01010B305A310B300906035504061302434E3130302E060355040A0C274368696E612046696E616E6369616C2043657274696669636174696F6E20417574686F726974793119301706035504030C1043464341204964656E74697479204341170D3233313230373032303530305A170D3234303330363032303530305A30233021021016D916535F2753FD2A0DFDE41D67126C170D3139303332343037353032365AA030302E300B0603551D14040402020B96301F0603551D23041830168014C0AC76A2D35DFFF6CD16005B38A77F557D85596C
使用工具对签名值进行验签:
问题四、请依、据案例文件解析以下sha256RSA签名,并手动验证签名通过。
27F0D2713C5B5C0CE9692450C751D5389118A208E539D1E8B16DB58A9F9BD8A74C47F0CABB6D2868699D66BE17262B5B191F1A7401E242185ADEB20B7EB4A9CD4D195BCC35AE0FE7AB98BBD0D1B83E45A1AEE46142131D0BBBD6134D8960E05D746C5F68122A36BF6EA540858AAC1AA5A1A2FA4152B06CCB8A8C8616ABC4EB0332AF216ED432E19F98C6C718E0C7AFB6D53ACAE0C37F9DB89ECC4E37EF3F003F9C6C4EF1ABB214FEFD31B639986EB96CE37F8368F455FCA18F5AEC9194E0BAECF7D5D5A5F5F538B076B0196A08FA44F4EB0AD14478F43DD2E60C50F11F87553ABC5ED7FEBED97C75283CA1C7693C9135122F63E6DB81DC6D6628089F8F58296C
分析该签名值所在的数据结构,发现符合RCF2560中4.2数据结构:
此签名值为OCSP响应消息的签名值,根据RCF2560可知,签名原文为ResponseData字段的数据:
30820117A16A3068310B300906035504061302434E3130302E060355040A0C274368696E612046696E616E6369616C2043657274696669636174696F6E20417574686F726974793127302506035504030C1E43464341204964656E74697479204F4341204F4353503230323330373130180F32303233313231323037353433305A307330713049300906052B0E03021A05000414E1C5DDE3328A78FB1E4BDF91052829237375C6D204149C44F4BF378F460B5991E5B6D81C0E77BC9AF27202102015044B2BCDBC749CD57C7C5E4F8EFE8000180F32303233313231323034303330305AA011180F32303233313231333038303330305AA1233021301F06092B060105050730010204120410941E283F0C1DBE3ED6EE4A1EEC9CB2F0
根据该数据结构导出签名公钥证书:
使用工具对签名值进行验签:
根据GM/T 0112-2021《PDF格式文档的密码应用技术要求》可知,数字签名值为GB/T 35275-2017《信息安全技术 SM2密码算法加密签名消息语法规范》签名数据类型signdeData格式:
根据 GM/T 0010 的说明,签名的原文是“属性的集合”,属性的集合包含原文的杂凑值。“
签名值:
0eaca34a0f5d80392eb49ebc8711004ea9c10e46e93afe117a331b9595c11e6430a1d205990786ff296ee7526998bf3f4fc92df963be932a9b7c955328372613a0914b4205f824012bb4bc1f2de5128fa48cd806cced148f3a48dc08562205fc5aac22352f7c2b8f7e9d02f4c0084acd8631ee3d9dc0d388286787b2f302c7a822ba702781882341480141d532b6954a1350cee64cc5e87514db0b3b24a3f39742f330f585d9b075bb1747b3bcab8dce94289db0ae3f710e2107ef81577b752e77cb4e4034a2b772f92a6685cb0cdff33d35a94ca3325a81b89b4ea9089b15c3cfdc3fa7e158e59efbe64ddc91cc5fb6153fce29602e7bbc529b340a5bc46fa9
根据GB/T 35275-2017《信息安全技术 SM2密码算法加密签名消息语法规范》中8.2可知,签名原文为authenticatedAttributes字段内容:
A0820CEA301806092A864886F70D010903310B06092A864886F70D010701302F06092A864886F70D01090431220420C046F7EB54839D9C6CE799E4199D763419935EA3DCA4A8775B3137ED2EFE34083037060B2A864886F70D010910022F31283026302430220420ACF8DC0A6B7DCF760438F65D8E2D8A2F9BD151B24FEAE9ABB3F6404C92A8A90130820C6206092A864886F72F01010831820C5330820C4FA08206143082061030820312308201FC020101300B06092A864886F70D01010B305B310B300906035504061302434E3130302E060355040A0C274368696E612046696E616E6369616C2043657274696669636174696F6E20417574686F72697479311A301806035504030C1143464341204964656E74697479204F4341170D3233313231323036303530305A170D3233313231323039303530305A3082013B3021021020150457D95E2BE643E97F52758BA4F8170D3232313232333039313934305A30210210201504669F965CF3F73DD3DE82DFE4A9170D3233303232383130353031335A30210210201504AE446453245F9493DE2A88F9C7170D3233303331363037313333375A302102102015047D86477A6C343CCD23CB24FFF5170D3233303432303035353134385A30210210201504E99C7E833625D6A7DBDF243D6C170D3232313232393036343335335A3021021020150423357B9AD3D69B2EE34E3727E4170D3232313232393036343335395A3021021020150435687F4238B232D25AF9848B4E170D3233303330363037333231355A3021021020150448DA866DC98B76F72287E59DF6170D3233303330383032353333365A3021021020150459299B9D52B428CE5CBF8D4587170D3233303431393038323333325AA030302E300B0603551D140404020212C0301F0603551D230418301680149C44F4BF378F460B5991E5B6D81C0E77BC9AF272300B06092A864886F70D01010B0382010100D519E5FDAFE3F4CE97391D61DE31C15D3B31D144FF66F4045A54927E55B1119BD8D929A19C1243235C34914EB77A4CE83BC6500B54A9532B7B892D00313D5158A8D4CF27DD91B6328C1205607716914CC1217ED68A5660C7B6EDC48F53711C22A96421DAC84738D147DFE919066ACC84CBC942D7E4AF86D72BC00CC4B07F7FBFD7658B1DF5D84C9A80188D2EC3756FEC264DA9083500907CD7762CA0D1BFB1D66022586B10FFF138137ACCF18177DDC0133BA5C73F7E043D976343D592A8DAFD7F7E3974DFF3502A27DF80C0B72227280467D11BA01F7BA870950D8973FEABAFEAA3071E2ABD85E0A6FEE7FEBAF00929CDFE7EE2079D7F6B5FC6893B282B9AA6308202F63081E1020101300B06092A864886F70D01010B305A310B300906035504061302434E3130302E060355040A0C274368696E612046696E616E6369616C2043657274696669636174696F6E20417574686F726974793119301706035504030C1043464341204964656E74697479204341170D3233313230373032303530305A170D3234303330363032303530305A30233021021016D916535F2753FD2A0DFDE41D67126C170D3139303332343037353032365AA030302E300B0603551D14040402020B96301F0603551D23041830168014C0AC76A2D35DFFF6CD16005B38A77F557D85596C300B06092A864886F70D01010B038202010099EF7E781B7F55A6CFFC039DA8F2C0CEDD20278E4D3E7FB31F6E523A485168968DED28330E7A934E17A95C95F013BB024CDC35B7151BF20DD88B8B7A02991D1E13D655985034D469D4BF136DB2690A88AF921FDD708788169275F2AD3AD99BC1D5063E2D3ADDE21D66143082FF331D3B521F720212E5C78AFE6B0D5E8E100EF70724DF5DFBB295B8CF1DA7E6A647F0DC1F5523FC89DD2F04601F1E94DEC185FFC619352F2D5399819FA0A72C86B9A895AED48BF632C86856135837931B164A6B321C0F6A50C705B9DAE7C9D4B92D63B0A4179947988C4539F2934B4BAFEC5A19823285C42EB2BDAD2C100516A6830C93B877777A5ECF118CE42BF4C3E9E38A14801084DB6D17892E4608D65EACAA156F20545C5900105F4BBA2F82D09BCC2618DFB0919D0D909D03CD81AEC1CE40312A7BC2AE2AD45A665F28F7FA7FF9BAC593CBCFBBE833FF369F436812EEF77427EA1B0CD7DE74DA29D99BDC7ECE0D05EE059E36D4BC8457F952BE5021164EEEBF1C80106A90DD83D326BC3B907E0691EA26409BBDC7ED7BD89CCD2A2CD3FC074603A713115FEE75C9DFDC74AD4F0C75DF42876778932BAC0C7D86C966CF3B7BB13A825C8B12BE2EC46AE79AB833F73046EBE29EC3FDBF224169162F5EFE20DACFACA7F0FD4C95FB38D585A5AAE53322FBBBD2CF60337DB14EB833B0CD35F01644CF331852895718764003626693CD00FE5AA18206333082062F3082062B0A0100A08206243082062006092B0601050507300101048206113082060D30820117A16A3068310B300906035504061302434E3130302E060355040A0C274368696E612046696E616E6369616C2043657274696669636174696F6E20417574686F726974793127302506035504030C1E43464341204964656E74697479204F4341204F4353503230323330373130180F32303233313231323037353433305A307330713049300906052B0E03021A05000414E1C5DDE3328A78FB1E4BDF91052829237375C6D204149C44F4BF378F460B5991E5B6D81C0E77BC9AF27202102015044B2BCDBC749CD57C7C5E4F8EFE8000180F32303233313231323034303330305AA011180F32303233313231333038303330305AA1233021301F06092B060105050730010204120410941E283F0C1DBE3ED6EE4A1EEC9CB2F0300D06092A864886F70D01010B0500038201010027F0D2713C5B5C0CE9692450C751D5389118A208E539D1E8B16DB58A9F9BD8A74C47F0CABB6D2868699D66BE17262B5B191F1A7401E242185ADEB20B7EB4A9CD4D195BCC35AE0FE7AB98BBD0D1B83E45A1AEE46142131D0BBBD6134D8960E05D746C5F68122A36BF6EA540858AAC1AA5A1A2FA4152B06CCB8A8C8616ABC4EB0332AF216ED432E19F98C6C718E0C7AFB6D53ACAE0C37F9DB89ECC4E37EF3F003F9C6C4EF1ABB214FEFD31B639986EB96CE37F8368F455FCA18F5AEC9194E0BAECF7D5D5A5F5F538B076B0196A08FA44F4EB0AD14478F43DD2E60C50F11F87553ABC5ED7FEBED97C75283CA1C7693C9135122F63E6DB81DC6D6628089F8F58296CA08203DA308203D6308203D2308202BAA003020102021020150452D5D8AA59A9556DB576EA6CD3300D06092A864886F70D01010B0500305B310B300906035504061302434E3130302E060355040A0C274368696E612046696E616E6369616C2043657274696669636174696F6E20417574686F72697479311A301806035504030C1143464341204964656E74697479204F4341301E170D3233303731303036313533325A170D3236303430353036313533325A3068310B300906035504061302434E3130302E060355040A0C274368696E612046696E616E6369616C2043657274696669636174696F6E20417574686F726974793127302506035504030C1E43464341204964656E74697479204F4341204F435350323032333037313030820122300D06092A864886F70D01010105000382010F003082010A0282010100B8248EE83F248C72C4328DDC16B69D0F0224FE1437B1E1BB1BBDA314F0E86627700DB9BA54EED9957C75D3DF8FAEE40BC75846CB762E43EBB82E6E5817E847284265D3A49773BBC21E6BC74F0F54DD5ABA24DAC5B2A0378E798A42A5F5DBB602BF89A8ACFDFE8CCF99B7A8EFAE81D1268577009ED6F730E9B30343A8D9DDB84020AF80C4BBFC1ABE46C4F3C87308B4BAAD0075D139DC134E362D656057B27FF55D91112EA3C34120917F8C8894D3020E8A57E76FB09AC5FA2B5C414D610DFD01DFF6E536A82D272F85740B0ABDBD04884B0F9B20FB6FA0CA2A946955EE4D87F8D4F798461204EEF70B4B25AAF954BC20F8ADFD4E1CEB0F5E418F247A646D27510203010001A38184308181301F0603551D230418301680149C44F4BF378F460B5991E5B6D81C0E77BC9AF272300C0603551D130101FF04023000300F06092B060105050730010504020500300B0603551D0F040403020780301D0603551D0E0416041495AEBE02BF6CEF1FAF0ED6FC626F4836182E8A3B30130603551D25040C300A06082B06010505070309300D06092A864886F70D01010B0500038201010023C5D754B23AC4E3E8017C4CF8BA43B0657FC0CF186C1BEFE33210878A09A6D42B756E54FBFE03AE2A63363653507C6974EFAB808D5BB57B056415E0590E1AB8B84DEFA21852DEB05A7E3D1C1D425B1895CD8EEF012E7E074B52DE7735803F47C8077C7C8162C7C6D4C2F87FD9A1838E0040BE066CA5FED97B0F6BA688E944C4EC2AAAA4CC0F0FC1AFCC1028711A7256C503E6B96E0450C24C7A228ADE1EE6B75B029122EDE4331F711B9DEB3329E6575B35F37478A9929DCD3A6EB2B18B45434683104291FC51FD85D02AA84FCFDF5899C99DBC7D90EAC5E105627D1CE40EBE5B8FF2368C6E2E23F2D61534CF687F1AE422542A322DA22BA68CF8503509263F
需要注意一点:
标识符号的问题:我们在进行Asn.1解析的时候,遇到3082开头的DER编码格式的证书,其中30是表示SEQUENCE类型,长度限制在127字节,如下图所示,而时间戳属性的集合以A0开头,长度大于127字节,所以需要我们在使用这个类型是需要将A0的头改成31
使用工具对签名值进行验签:
根据GM/T 0112-2021《PDF格式文档的密码应用技术要求》中6.7分析可知,时间戳结果放置在signedData定义的unauthenticatedAttributes字段中:
根据GB/T 35275-2017《信息安全技术 SM2密码算法加密签名消息语法规范》分析时间戳签名数据格式:
得到签名值为:
7d4fd489cc3517ef7a807cbf151df1d3c5f32b81105ec59e3bab9487d2d2a37ad45eb54c173cb434fc34359cd7413f4a3179b9b6c04a43c74cf6b72fc25b4a422c4ce562dbdc527ebcf98fb00448182e0f49ef4d65c9c460eb11f279064f2648d8852b95921d2f88e4ffeedf88d5dca44c8e49b451034a036c9f8582156fbd1d4d65eb3aaaed55fb7fb4dca2049555d06d4ce37f9ea7aef759d4eb4c246ef007c526339a6e761f61c8b95d057a8ee4238ff9cb06514fcc11a61dec55266a2faecac98018a0491dd4f2966e7a24534172ba65e5a7828e2cc24feb5b54cdffc2efe0ae41cd6641c2183b42836e3277537800d7fe32516417a52f2aa52ae8d1b7652531e10228f0d93b3edd9b9430241820005b0b4f233feb313f92013e8f08a5b92ee590c418608bf1425551e9bd4c7308d520de93d8c48cc7f15ea1fc6856de5381149968119e18a524265841699cc3739788d3060e8d949d1459112124551cb29c568a25c7404c71f959df31ee1478a24fdd0c2c8a01c0eab048d99064b1732523229df8c4b0c23457d813d0b49db3b37f3e5701155a1888d2710675688b4f83cd2555fe423c3b7168d1c81e88377ae7f3248a7aa32f73d37a0a3968688a893ebfcf830d22aa9fb8ae3a7cbc73ca2c1726ff9bb1105ecc394ca9cf819c3da142e873ef8c603b73451195dfa23b76976fe621a335082daaee1c664fa5d1070632
根据GB/T 35275-2017《信息安全技术 SM2密码算法加密签名消息语法规范》中8.2可知,签名原文为authenticatedAttributes字段内容:
A082016B301A06092A864886F70D010903310D060B2A864886F70D0109100104301C06092A864886F70D010905310F170D3233313231323037353433325A303F06092A864886F70D010904313204306DF31FDA95CD5EB9CF5797277281953D2D568E45255A2662B21B53EBD691277B853999AB4DAD459BD4A9D83972670DDB3081ED060B2A864886F70D010910020C3181DD3081DA3081D730160414AE62AF750A0CBD47D6461F7568E2BC8CE7CA4F943081BC041402D65B95E28370C1570095FA88F923DD937FAD8F3081A330818EA4818B308188310B3009060355040613025553311330110603550408130A4E6577204A6572736579311430120603550407130B4A65727365792043697479311E301C060355040A131554686520555345525452555354204E6574776F726B312E302C06035504031325555345525472757374205253412043657274696669636174696F6E20417574686F726974790210300F6FACDD6698747CA94636A7782DB9
使用工具对签名值进行验签:
提示摘要值为:68e6fc6a49e5dca5f0aa4b4a511101215d00e4bfca5a910c346cd71587e29fe3
根据GM/T 0112-2021《PDF格式文档的密码应用技术要求》中6.7分析可知,PDF文件时间戳的计算原文为PDF文件签名数据格式signedData中的SM2signture值:
PDF计算原文为:
0eaca34a0f5d80392eb49ebc8711004ea9c10e46e93afe117a331b9595c11e6430a1d205990786ff296ee7526998bf3f4fc92df963be932a9b7c955328372613a0914b4205f824012bb4bc1f2de5128fa48cd806cced148f3a48dc08562205fc5aac22352f7c2b8f7e9d02f4c0084acd8631ee3d9dc0d388286787b2f302c7a822ba702781882341480141d532b6954a1350cee64cc5e87514db0b3b24a3f39742f330f585d9b075bb1747b3bcab8dce94289db0ae3f710e2107ef81577b752e77cb4e4034a2b772f92a6685cb0cdff33d35a94ca3325a81b89b4ea9089b15c3cfdc3fa7e158e59efbe64ddc91cc5fb6153fce29602e7bbc529b340a5bc46fa9
计算PDF计算原文杂凑值进行比对:
提示:摘要值为:c046f7eb54839d9c6ce799e4199d763419935ea3dca4a8775b3137ed2efe3408
根据GM/T 0112-2021《PDF格式文档的密码应用技术要求》中6.2.2中的表3分析,PDF签名过程中杂凑计算原文截取方式:
使用工具计算杂凑值进行比对:
提示:摘要值为:
6df31fda95cd5eb9cf5797277281953d2d568e45255a2662b21b53ebd691277b853999ab4dad459bd4a9d83972670ddb
分析PDF文件时间戳数据结构格式,找到PDF时间戳签名属性摘要值:
原文:3081E4020101060A2B06010401B2310201013031300D06096086480165030402010500042068E6FC6A49E5DCA5F0AA4B4A511101215D00E4BFCA5A910C346CD71587E29FE3021500A21F4AF7F10F35F2A0FF43A67D0A3D5368ADE1FC180F32303233313231323037353433325A020808DBFB2AC6C6B180A06EA46C306A310B3009060355040613024742311330110603550408130A4D616E6368657374657231183016060355040A130F5365637469676F204C696D69746564312C302A06035504030C235365637469676F205253412054696D65205374616D70696E67205369676E6572202334
使用工具计算摘要值进行比对:
acf8dc0a6b7dcf760438f65d8e2d8a2f9bd151b24feae9abb3f6404c92a8a901
根据RFC的解释
使用工具进行验证: