please help me in securtity please $3\mathrm{.}6$ Task $6$: Manually Verifying an X$\mathrm{.}509$ Certificate

In this task, we will manually verify an X$.509$ certificate using our program. An X$.509$ contains data about a public key and an issuer's signature on the data. We will download a real X$.509$ certificate from a web server, get its issuer's public key, and then use this public key to verify the signature on the certificate.

Step $1$: Download a certificate from a real web server. We use the

www$.$example.org server in this document. Students should choose a different web server that has a different certificate than the one used in this document $($it should be noted that

www$.$example.com share the same certificate with www$.$

example.org$).$ We can download certificates using browsers or use the following command:The result of the command contains two certificates. The subject field $($the entry starting with s:$)$ of the certificate is www$.$example.org, i$.$e$.,$ this is www$.$example.org's certificate. The issuer field $($the entry starting with i:$)$ provides the issuer's information. The subject field of the second certificate is the same as the issuer field of the first certificate. Basically, the second certificate belongs to an intermediate CA$.$ In this task, we will use CA's certificate to verify a server certificate.

If you only get one certificate back using the above command, that means the certificate you get is signed by a root CA$.$ Root CAs' certificates can be obtained from the Firefox browser installed in our pre$-$built VM$.$ Go to the Edit $$ Preferences $$ Privacy and then Security $$ View Certificates. Search for the name of the issuer and download its certificate.

Copy and paste each of the certificate $($the text between the line containing "Begin CERTIFICATE" and the line containing "END CERTIFICATE", including these two lines$)$ to a file. Let us call the first one $c0.$ pem and the second one $c1.$ pem.

Step $2$: Extract the public key $($e$,$ n$)$ from the issuer's certificate. Openssl provides commands to extract certain attributes from the x$509$ certificates. We can extract the value of $n$ using $-$modulus. There is no specific command to extract e$,$ but we can print out all the fields and can easily find the value of e$.$

SEED Labs $-$ RSA Public$-$Key Encryption and Signature Lab

$7$

SEED Labs $-$ RSA Public$-$Key Encryption and Signature Lab

$7$Step $3$: Extract the signature from the server's certificate. There is no specific openss l command to extract the signature field. However, we can print out all the fields and then copy and paste the signature block into a file $($note: if the signature algorithm used in the certificate is not based on RSA, you can find another certificate$).$We need to remove the spaces and colons from the data, so we can get a hex$-$string that we can feed into our program. The following command commands can achieve this goal. The tr command is a Linux utility tool for string operations. In this case, the $-$d option is used to delete $"$ : $"$ and "space" from the data.Step $4$: Extract the body of the server's certificate. A Certificate Authority $($CA$)$ generates the signature for a server certificate by first computing the hash of the certificate, and then sign the hash. To verify the signature, we also need to generate the hash from a certificate. Since the hash is generated before the signature is computed, we need to exclude the signature block of a certificate when computing the hash. Finding out what part of the certificate is used to generate the hash is quite challenging without a good understanding of the format of the certificate.X$.509$ certificates are encoded using the ASN. $1($Abstract Syntax Notation.One$)$ standard, so if we can parse the ASN. $1$ structure, we can easily extract any field from a certificate. Openssl has a command called asn$1$parse used to extract data from ASN. $1$ formatted data, and is able to parse our X$.509$ certificate.

SEED Labs $-$ RSA Public$-$Key Encryption and Signature Lab

$8$:sha$256$WithRSAEncryption

The field starting from $1$ is the body of the certificate that is used to generate the hash; the field starting from $2$ is the signature block. Their offsets are the numbers at the beginning of the lines. In our case, the certificate body is from offset $4$ to $1249,$ while the signature block is from $1250$ to the end of the file. For X$.509$ certificates, the starting offset is always the same $($i$.$e$.,4),$ but the end depends on the content length of a certificate. We can use the $-$strparse option to get the field from the offset $4,$ which will give us the body of the certificate, excluding the signature block.

$ openssl asn$1$parse $-$i $-$in c$0.$pem $-$strparse $4-$out c$0\_$body.bin $-$noout

Once we get the body of the certificate, we can calculate its hash using the following command:

$ sha$256$sum c$0\_$body.bin

Step $5$: Verify the signature. Now we have all the