在给android的apk签名的时候,需要用到一个扩展名为.pem和.pk8的文件,我第一反应,这啥啊,英文缩写?反正linux不用后缀名来区分文件,这到底是什么呢?
首先在密码学上,有两个概念PKCS和X.509,在我理解,这俩都是类似一套协议,标准的东西。标准是啥,就比如人的姓名,以姓氏开始,然后再是名,张三。标准就是为了让大家都去遵循,好形成一套好管理、易理解、大家都知道的东西。
基础知识:
密码学中将对称加密的密钥称为secret key,而将非对称加密的私钥和公钥分别称为private key 和 public key
PKCS全称为Public-Key Cryptography Standards (PKCS) ,公钥加密标准s,很多标准^_^。维基上关于其的解释如下,
In cryptography, PKCS is a group of public-key cryptography standards devised and published by RSA Security Inc, starting in the early 1990s. The company published the standards to promote the use of the cryptography techniques to which they had patents, such as the RSA algorithm, the Schnorr signature algorithm and several others. Though not industry standards (because the company retained control over them), some of the standards in recent years[when?] have begun to move into the "standards-track" processes of relevant standards organizations such as the IETF and the PKIX working-group.
就是由某个公司发布的一组公钥加密标准,协议。目的是为了促进大家使用他们公司相关专利的技术,例如RSA算法等。由于这些专利是由RSA Security公司拥有,所以这些标准没有成为工业标准,但是最新这些年开始进入IETF 和PKIX的standards-track。
而PKCS这套协议呢,是以#数字的方式进行命名。例如
PKCS #1: RSA Cryptography Standard
标准名 | 名字 | 解释 |
---|---|---|
PKCS #1 | RSA Cryptography Standard | See RFC 3447. Defines the mathematical properties and format of RSA public and private keys (ASN.1-encoded in clear-text), and the basic algorithms and encoding/padding schemes for performing RSA encryption, decryption, and producing and verifying signatures. |
PKCS #5 | Password-based Encryption Standard | See RFC 2898 and PBKDF2. |
PKCS #7 | Cryptographic Message Syntax Standard | See RFC 2315. Used to sign and/or encrypt messages under a PKI. Used also for certificate dissemination (for instance as a response to a PKCS#10 message). Formed the basis for S/MIME, which is as of 2010 based on RFC 5652, an updated Cryptographic Message Syntax Standard (CMS). Often used for single sign-on. |
PKCS #8 | Private-Key Information Syntax Standard | See RFC 5958. Used to carry private certificate keypairs (encrypted or unencrypted). |
PKCS #12 | Personal Information Exchange Syntax Standard | See RFC 7292. Defines a file format commonly used to store private keys with accompanying public key certificates, protected with a password-based symmetric key. PFX is a predecessor to PKCS #12.This container format can contain multiple embedded objects, such as multiple certificates. Usually protected/encrypted with a password. Usable as a format for the Java key store and to establish client authentication certificates in Mozilla Firefox. Usable by Apache Tomcat. |
其中,
PKCS #5定义了给予密码的加密标准;
PKCS #8定义了保存private key信息的标准语法,用来保存private keys。PKCS#8 有两个版本,加密的和非加密的。
对于一个private key,非加密的PKCS#8为:
PrivateKeyInfo ::= SEQUENCE {
version Version,
//加密算法和privatekey
privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
privateKey PrivateKey,
attributes [0] IMPLICIT Attributes OPTIONAL }
Version ::= INTEGER
PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
PrivateKey ::= OCTET STRING
Attributes ::= SET OF Attribute
}
而相应的加密版本为:
EncryptedPrivateKeyInfo ::= SEQUENCE {
//加密算法和加密后的private key
encryptionAlgorithm EncryptionAlgorithmIdentifier,
encryptedData EncryptedData }
EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
EncryptedData ::= OCTET STRING
PKCS #7和#12下节介绍。
维基百科对X.509的解释如下,
In cryptography, X.509 is an ITU-T standard for a public key infrastructure (PKI) and Privilege Management Infrastructure (PMI). X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation algorithm.
X.509是一个ITU-T的标准,用在PKI和PMI里面。通常X.509标准主要包括数字证书的标准格式、证书废除列表、attribute certificates、a certification path validation algorithm等。
X.509 was initially issued on July 3, 1988 and was begun in association with the X.500 standard. It assumes a strict hierarchical system of certificate authorities (CAs) for issuing the certificates. This contrasts with web of trust models, like PGP, where anyone (not just special CAs) may sign and thus attest to the validity of others' key certificates. Version 3 of X.509 includes the flexibility to support other topologies like bridges and meshes.[1] It can be used in a peer-to-peer, OpenPGP-like web of trust[citation needed], but was rarely used that way as of 2004. The X.500 system has only ever been implemented by sovereign nations for state identity information sharing treaty fulfillment purposes, and the IETF's Public-Key Infrastructure (X.509), or PKIX, working group has adapted the standard to the more flexible organization of the Internet. In fact, the term X.509 certificate usually refers to the IETF's PKIX Certificate and CRL Profile of the X.509 v3 certificate standard, as specified in RFC 5280., commonly referred to as PKIX for Public Key Infrastructure (X.509).
通过上面这段话可知,为了签发证书,X.509定义了一套严格的等级分级系统,类似于金字塔,权限从高到低。而通常我们所说的X.509证书,表示IETF’s PKIX Certificate和CRL Profile of the X.509 v3 certificate standard。
In the X.509 system, a certification authority issues a certificate binding a public key to a particular distinguished name in the X.500 tradition, or to an alternative name such as an e-mail address or a DNS entry.
在X.509标准中,一个CA(证书颁发机构)可以颁发给用户证书,这个证书中绑定了用户的public key,和一个X.500类型的distinguished name(该distinguished name主要是CA用来区分不同的用户)。
下面是维基百科上总结的X.509常用数字证书的扩展名:
.pem – (Privacy-enhanced Electronic Mail) Base64 encoded DER certificate, enclosed between "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----"
.cer, .crt, .der – usually in binary DER form, but Base64-encoded certificates are common too (see .pem above)
.p7b, .p7c – PKCS#7 SignedData structure without data, just certificate(s) or CRL(s)
.p12 – PKCS#12, may contain certificate(s) (public) and private keys (password protected)
.pfx – PFX, predecessor of PKCS#12 (usually contains data in PKCS#12 format, e.g., with PFX files generated in IIS)
.pem,
Privacy Enhanced Mail (PEM), is a 1993 IETF proposal for securing email using public-key cryptography,
以前是利用公钥加密进行邮件安全的一个协议,
The main legacy of PEM is the .pem file format, which is still in common use for storing keys and X.509 certificates.
而现在PEM这个协议仅仅在使用的就是.pem这种文件格式,这种文件里面保存了keys和X.509证书,看到了吗数字证书和key都能保存。
而现在一般表示用Base64 encoded DER编码的证书,这些encode咱们不用管,我理解就是字节打包的格式吧。这种证书的内容打开能够看到在”—–BEGIN CERTIFICATE—–” and “—–END CERTIFICATE—–”之间,如下所示;
-----BEGIN CERTIFICATE-----
MIIEczCCA1ugAwIBAgIBADANBgkqhkiG9w0BAQQFAD..AkGA1UEBhMCR0Ix
EzARBgNVBAgTClNvbWUtU3RhdGUxFDASBgNVBAoTC0..0EgTHRkMTcwNQYD
VQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcn..XRpb24gQXV0aG9y
aXR5MRQwEgYDVQQDEwtCZXN0IENBIEx0ZDAeFw0wMD..TUwMTZaFw0wMTAy
MDQxOTUwMTZaMIGHMQswCQYDVQQGEwJHQjETMBEGA1..29tZS1TdGF0ZTEU
MBIGA1UEChMLQmVzdCBDQSBMdGQxNzA1BgNVBAsTLk..DEgUHVibGljIFBy
aW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxFD..AMTC0Jlc3QgQ0Eg
THRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCg..Tz2mr7SZiAMfQyu
vBjM9OiJjRazXBZ1BjP5CE/Wm/Rr500PRK+Lh9x5eJ../ANBE0sTK0ZsDGM
ak2m1g7oruI3dY3VHqIxFTz0Ta1d+NAjwnLe4nOb7/..k05ShhBrJGBKKxb
8n104o/5p8HAsZPdzbFMIyNjJzBM2o5y5A13wiLitE..fyYkQzaxCw0Awzl
kVHiIyCuaF4wj571pSzkv6sv+4IDMbT/XpCo8L6wTa..sh+etLD6FtTjYbb
rvZ8RQM1tlKdoMHg2qxraAV++HNBYmNWs0duEdjUbJ..XI9TtnS4o1Ckj7P
OfljiQIDAQABo4HnMIHkMB0GA1UdDgQWBBQ8urMCRL..5AkIp9NJHJw5TCB
tAYDVR0jBIGsMIGpgBQ8urMCRLYYMHUKU5AkIp9NJH..aSBijCBhzELMAkG
A1UEBhMCR0IxEzARBgNVBAgTClNvbWUtU3RhdGUxFD..AoTC0Jlc3QgQ0Eg
THRkMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcm..ENlcnRpZmljYXRp
b24gQXV0aG9yaXR5MRQwEgYDVQQDEwtCZXN0IENBIE..DAMBgNVHRMEBTAD
AQH/MA0GCSqGSIb3DQEBBAUAA4IBAQC1uYBcsSncwA..DCsQer772C2ucpX
xQUE/C0pWWm6gDkwd5D0DSMDJRqV/weoZ4wC6B73f5..bLhGYHaXJeSD6Kr
XcoOwLdSaGmJYslLKZB3ZIDEp0wYTGhgteb6JFiTtn..sf2xdrYfPCiIB7g
BMAV7Gzdc4VspS6ljrAhbiiawdBiQlQmsBeFz9JkF4..b3l8BoGN+qMa56Y
It8una2gY4l2O//on88r5IWJlm1L0oA8e4fR2yrBHX..adsGeFKkyNrwGi/
7vQMfXdGsRrXNGRGnX+vWDZ3/zWI0joDtCkNnqEpVn..HoX
-----END CERTIFICATE-----
.cer、.crt、.der,
而通常的.cer、.crt、.der的证书,貌似和.pem类似,encode格式差不多;
.p7b、.p7c,
对.p7b、.p7c文件,由上文可知,PKCS #7通常用来签名或加密数据的,数字签名的数据需要数字证书去检验数据的签名(因为数字证书里面有公钥嘛)。而.p7b这个文件其实就是一个SignedData structure(签名所需原材料的数据结构),里面包含了数字证书或CRL,但是没有要被签名的数据。举个例子,你给张三李四发了一封签名邮件,同时你将你的个人证书随邮件一起发给了张三李四,这个时候,你可以按照PKCS#7的格式来打包这个证书;
.pfx
.pfx文件,PKCS#12是一种供应标准格式,主要为了传输、备份、恢复数字证书和它们相关的在公钥加密系统里的公钥或私钥。PKCS#12是输出格式,通常用于输出数字证书和它的私钥,因为用一个安全性差一点的方法输出一个用户的私钥会带来安全上的危险。PKCS#12用于输出数字证书给其他的计算机,到可移动的媒体以备份,或者到智能卡激活智能卡验证方案。
PKCS#12是“个人信息交换语法”。它可以用来将x.509的证书和证书对应的私钥打包,进行交换。比如你在windows下,可以将IE里的证书连带私钥导出,并设置一个口令保护。这个pfx格式的文件,就是按照pkcs#12的格式打包的。当然pkcs#12不仅仅只是作以上用途的。它可以用来打包交换任何信息。你可以和张三李四用PKCS#12来交换私人数据,包括x.509证书和私钥。
通过上面的分析,很明显,在android对apk签名的时候,.pem这种文件就是一个X.509的数字证书,里面有用户的公钥等信息,是用来解密的。但是由上文可知,这种文件格式里面不仅可以存储数字证书,还能存各种key。