问题
I read the TLS 1.2 RFC, but i couldn't find (or understand) how client certificate authentication works.
What i understood is that the server may request the client certificate and the client should provide it, but what exactly does it provide? How does the client prove he owns the private key (I assume he gets some challenge and encrypts it, but what exactly does he encrypt)?
I will be happy if someone could shed some light on this part of the protocol.
EDIT : What i'm trying to achieve is man in the middle (like fiddler does for server certificate).
回答1:
I can copy/paste from openssl wiki: https://wiki.openssl.org/index.php/SSL_and_TLS_Protocols#Client_Authentication
Basically Client send Client Certificate to server that match the CA DN given by Server. Client send then a Cerificate Verify that uses its private key to prove he owns it.
A Client Certificate authentication requires the client to own a Certificate and have the corresponding private key. Client never send its private key but use it to prove he has the corresponding pair key of public key advertised within Certificate.
What he digests ? a digest of the whole handshakes exchanges so far. If server manage to verify this with public key and it matches digest of whole handshake so far (computed at server side) then i prove two things :
- client owns private key ( else deciphering with public key would not be correct )
- client is at the other side of this handshake, it protects against replay of a client Certificate Verify from another handshake.
So yes challenge is in fact whole handshake messages.
来源:https://stackoverflow.com/questions/26869178/how-exactly-tls-ssl-works-regarding-client-certificate