理解TR34

参考文档

1. ITU-T X.680 International Standard 8824-1 (ASN.1)
定义了各行业使用的基础的抽象语法符号的表示方法。

2. ANSI ASC X9 X9.73-2017 (CMS)
用各种ASN.1类型定义了适用加密消息领域的各种抽象数据类型，提供ASN.1结构和表示方法和对应的OID。

3. PKCS#7
定义了六种数据交换格式，分别是数据(Data)、签名数据(SignedData)、封装数据(EnvelopedData)、签名封装数据(SignedAndEnvelopedData)、摘要数据(DigestedData)和加密数据(EncryptedData)。

4. X9 TR34–2012

以下以X9 TR34–2012中的测试数据为例。

一、解各密钥公私钥（从p12文件中解出）：

Root Key的公钥：
DE675D2EC062C6416238006F826CA527182583F2ADD2FE8C1D81E6AD5EC
1E85B39BEAF970894DB2B4F22773979541C1223D51A82B61FF5418C1E5F36
7927C9BAAAC32F3E162055D0776EC3924225C3DF42C2238FF9AAAA3E8A
47287152ACE3CCA9147D5F8220BE73484B08DED743F7A43EE6EB986199D
111450B6A15F0507AB4E072DDB8DB1696C8001FD799677E835F396A7269E
ADC2D7AC20ABDAA1DD88DD4856FF11A176A7C3940BC7D609ACCC9F3C51
DD0017C3FEDD9C7BD0BFDEAFA0B09161F9C71E92AE73AF175ADB153CBEF
CE2C3A0FCDEA394C44230A37F82EDC448EB9B0669FC82E9435E699A9A
E3191AD4EEA5DCD1D2CDC3BE6C751078E6C13869F

CA_KDH的公钥：
AEFA1D7396C3DBA499E55D7AA50714AC5E75C1271D9000EAEED2A007AB6
46670515F43212C8A20BC32CB67B1CD5D712F66776F776D58BC5F81730C
539636222B4428C8AAFCFCD00CBCE849707066C1946D0EAFB23313B6A6
ADBF23E922F595D1EE57A6C4BE014D6A64E5D9C45429C920410E1F12C25
E5500065D497A4778CF03560DE81186CED7E5B7474A1D4703EAAF94406A
3C73144DF8C971F879CF33AE8E9848DE5051B46029A62C9497BCE86AF15
2460B3943AE24CFF9CE88F5A50485DA14B3D31DD3C69DF24105D252625
3EA3889FE1C6FD833A813AF43FEC40C40F882DADE4EEBFE5801448DDCB
D9DE4FBB69D56A0810E082B732A35EA2A16707286FF

CA_KRD的公钥：
FBF7E47F3FB3B1F4D4157EC98A5FC5854C34295FC6B8876F405B0E37ED9
D3E5A4CE9961C13A44730E4E897AA9276BD2030F34523BA9957F0567BA0
53A934EC95923EB3905EFAE19CA0039178C9C1F084683E25270A735616E4
BA14A55DFC93BFAC84087A22BC290718303348BE17A2C6015945FD9A1470
5D7C43BA9480D7623FBB468D24B6120466F9F087E3D789B82A291CE178B
9C8AFE30184A7CB8769620F4ECC6D212B4538F46E9A178AB2CBE7ACAECF
1D91164ED0EF593340447E7850FF7D793DC48512884E20E09DEA8009096
3847635BED3E92174DFA9823841D0EF8912DC227BA30C6813336846D941
248DC0D4F0E2D259658258ED1A02184729E2DB

KDH1的公钥：
C3EB8F2904BECB6F91EFCA38DBB75DD91931CA8FE211663F486FCABA07A
0C2ED87CB5286C508DA2D1F0EDEDDC0A7DB5C605DBCB9AB73D161BB1A
0F1B0EE555780FAF7BCABA5E06DFEF889E51F68FE65DC21AF0003A86F170
6E461E1502BEA45877BAE202658FBCA2EBED56920186357F714E5BEEC970
A1EA8808A9F4262F2F64438279D87C64C17E39BA7130F47B4AA4413643F
86A9862A35AD9373D8E2D28C592C8A521731BA95C8E44327ABB0ECE50B
FAE6CE8EAF4934E948C6A3B8BEBE268A6927BC87E1AE792D53153399B4B
82882C9A79E431D10DCE58407053B92BF6D6D67229BB72AAE010827E712
6D7570406CAAA9F4DB4F28C4BD64A9EFC98A0EACD

KRD1的公钥：
D45C30CB6FBB1D394CE5A87B49DB6DCF1434B0FA4E0AA371F850EE8BAE
7F2DC3C548D51CBDA3DD01F0D6553BFB79851E731543984B22E362B4FC1
DD3D6DE82377D20132CC63965DD0AD2DD689E985291613540F30E75A55
8F915B2E9E40DD421CAC6BDB74590F4428AB4684ECB4294D3BAD212F66
62200EEF7DDC301316FBA676B7120FB91893C2BA311A84F73AF2163B5604
405FD760BB152689CF5204F20CBBD97623B5DB96CCF6BA3826AC38790D
3C2C66CD7EBFD5C9F1E70CBC77F558F95501A9A9CB4AB3DFDA265D010A
49AB702A0015DF0F6E08D0CE36330641C4DC75EA8FE7DD5EA6B37BD643
28577F8550D3F015AA56F1AB5F25E55F59340AF53F955

KRD1的私钥：
846B203A1AE7D0A7445E089B2848DDC63CD146722E6BCFD36785FFD9B5
EBB3FBD96F3B047AF44D01C2CDC3C46D612F32F78C10E44C25EB2847B6
D65A9C278F874E4CCBE8258AF10BCE8E0266144EE35DA801EF0820C2176
2CD9F4C3B306BB715833E3E5AA3D4699B7CA6564C9BCE5EC350416275A
6E61932E9F8AC7A77FB357DD89C5E492FE3798FA0642B4D12D153079F5EF
D778F3341B20A0A202E2F99B3077B59D05D2C1549BE23F9BAF65949F2C6
CD9B30D06001BF8FE6CDC7BEEB85ED0FB7137BB18527E2520779C35A9A8
767BB7A70CF4EC12BAE65252B074DAB2226F2E8FA0ED1DC1E3B77E91B44C
8155F3F78940255BDAA0D6B33B79477E597BBB4D9



二、交换CA证书（实际XFS里不涉及Root Key，CA_KDH和CA_KRD均由GRG提供）

1. Root Key的证书：
主体信息（包含公钥信息）：
30820224a00302010202053400000001300d06092a864886f70d01010b050
0303f310b300906035504061302555331153013060355040a130c54523334
2053616d706c65733119301706035504031310545233342053616d706c652
0526f6f74301e170d3130313130323030303030305a170d333031303237323
3353935395a303f310b300906035504061302555331153013060355040a13
0c545233342053616d706c657331193017060355040313105452333420536
16d706c6520526f6f7430820122300d06092a864886f70d010101050003820
10f003082010a0282010100de675d2ec062c6416238006f826ca527182583f2
add2fe8c1d81e6ad5ec1e85b39beaf970894db2b4f22773979541c1223d51a8
2b61ff5418c1e5f367927c9baaac32f3e162055d0776ec3924225c3df42c2238
ff9aaaa3e8a47287152ace3cca9147d5f8220be73484b08ded743f7a43ee6eb
986199d111450b6a15f0507ab4e072ddb8db1696c8001fd799677e835f396a7
269eadc2d7ac20abdaa1dd88dd4856ff11a176a7c3940bc7d609accc9f3c51dd
0017c3fedd9c7bd0bfdeafa0b09161f9c71e92ae73af175adb153cbefce2c3a0fc
dea394c44230a37f82edc448eb9b0669fc82e9435e699a9ae3191ad4eea5dc
d1d2cdc3be6c751078e6c13869f0203010001a33f303d300f0603551d130101f
f040530030101ff301d0603551d0e0416041482831c86a73ae0b6f42e4ccef7c
9c3a24f4ac9ec300b0603551d0f040403020106
签名（self-signed）：
ccfd8fb4b83478f48ec56078ee82879ab1d468101a682d51298cdc132c935f0
39d47536e1f4b01ed9e528b69c5260b2f785bb6862c502e786e5c63f881338
ffccbb929fe4ee308b50f6c731ade8955020a5bffde0608de51df86cd188730f
bcc4c06f50d57f50d0450dfb922258e85969c41068966173c266643e9e74be
eddb8234acd670271bffcf517ab4df0aa88e146aa7543d32d186a4e9c2bff985
cb0de1475e84aa0f585604d6837c2af87ef8259896ad306adf7913f4d3187f58
c83280357b1c4fe41bc9693044db07043d50007738e67a816a5235991a805f
7fc853d8aa83a34d520b8e806bacf56d065684e9021136213c1329f08f5c441
6504b6fe

CA_KDH的证书：
主体信息（包含公钥信息）：
30820226a00302010202053400000005300d06092a864886f70d01010b05
00303f310b300906035504061302555331153013060355040a130c5452333
42053616d706c65733119301706035504031310545233342053616d706c65
20526f6f74301e170d3130313130323030303030305a170d32353130323832
33353935395a3041310b300906035504061302555331153013060355040a1
30c545233342053616d706c6573311b301906035504031312545233342053
616d706c65204341204b444830820122300d06092a864886f70d010101050
00382010f003082010a0282010100aefa1d7396c3dba499e55d7aa50714ac5e
75c1271d9000eaeed2a007ab646670515f43212c8a20bc32cb67b1cd5d712f6
6776f776d58bc5f81730c539636222b4428c8aafcfcd00cbce849707066c194
6d0eafb23313b6a6adbf23e922f595d1ee57a6c4be014d6a64e5d9c45429c9
20410e1f12c25e5500065d497a4778cf03560de81186ced7e5b7474a1d4703e
aaf94406a3c73144df8c971f879cf33ae8e9848de5051b46029a62c9497bce8
6af152460b3943ae24cff9ce88f5a50485da14b3d31dd3c69df24105d252625
3ea3889fe1c6fd833a813af43fec40c40f882dade4eebfe5801448ddcbd9de4f
bb69d56a0810e082b732a35ea2a16707286ff0203010001a33f303d300f060
3551d130101ff040530030101ff301d0603551d0e04160414b82a580a0d79f64
a07c758abc39365635f37ca18300b0603551d0f040403020106
签名（signedby Root）：
9bfb23e196f7281cf00d01f215e8357177b0a83f32e286ecf8563136e0e419f0b
bc86b997ef9f99e0f79b0a2728e09502ed7304ed6ace0b803f59f26c898f7a8
14fa4c194ab403e1e9998d1c161516e47718ac5a785275323ea3ad98a540ee4
af65b9a8c3e831cb833bbefcbcd417343c9eb2404e8be2cc7dd572d4e1485b
b392f8bf71a792f6938928302ca3b1eeb9b1497ced831ef843aa55858222616
68238a59c09f6b85ddc9fd0617845ecb71c8f27b44dc4b14f36abfb94542482
649f293aaf7c4622aeaac08a7641569f6e53a64e104f82f38a4a097643adcb9
07fc11524af472d7d0d0907317c3df6394ecddf66271a7fb2ae30cf8d5817c835
6df83

CA_KRD的证书：
主体信息（包含公钥信息）：
30820226a00302010202053400000006300d06092a864886f70d01010b05
00303f310b300906035504061302555331153013060355040a130c5452333
42053616d706c65733119301706035504031310545233342053616d706c65
20526f6f74301e170d3130313130323030303030305a170d32353130323832
33353935395a3041310b300906035504061302555331153013060355040a1
30c545233342053616d706c6573311b301906035504031312545233342053
616d706c65204341204b524430820122300d06092a864886f70d010101050
00382010f003082010a0282010100fbf7e47f3fb3b1f4d4157ec98a5fc5854c3
4295fc6b8876f405b0e37ed9d3e5a4ce9961c13a44730e4e897aa9276bd203
0f34523ba9957f0567ba053a934ec95923eb3905efae19ca0039178c9c1f084
683e25270a735616e4ba14a55dfc93bfac84087a22bc290718303348be17a2c
6015945fd9a14705d7c43ba9480d7623fbb468d24b6120466f9f087e3d789b
82a291ce178b9c8afe30184a7cb8769620f4ecc6d212b4538f46e9a178ab2cbe
7acaecf1d91164ed0ef593340447e7850ff7d793dc48512884e20e09dea8009
0963847635bed3e92174dfa9823841d0ef8912dc227ba30c6813336846d941
248dc0d4f0e2d259658258ed1a02184729e2db0203010001a33f303d300f06
03551d130101ff040530030101ff301d0603551d0e0416041412386ecfb6a66e
dadbff096f65bbd5b050f9cc0d300b0603551d0f040403020106
签名（signedby Root）：
6b234245d7200d14181d607ac6ce7358d975d23da303f21f54b8debaf7a688c
b5ce50522324add92d0b813317abd961ad41d10757639a8c8d6185dccc8df0
63e0b5d4906b21fae41161c9137531a89cb1198f721e557a4aa7aa28c9e86998
3f06c6943134ca0253928683ade13364ebfc224aa7e1dbc20bd87916eefbf00
da202f0f46de6efc6178e38d2c9ac36fc98b7dfac140b239629ac561e284f56d
09ae1a878ee9007e105997c5d74d1ac7f9703c782b242518f173309bb9ba00a
877a47822fc859e1e3d615f55d10a0c5988473fa5848667363faea4a7612956
5ab0798d7ede1a18ba54b600296cce36332284407ff5b734987d625c321e40
004f65e1



三、交换证书时验签

1. CT_KDH – The KDH Credential Token
主体信息#1（包含公钥信息）：
30820239A00302010202053400000006300D06092A864886F70D01010B0
5003041310B300906035504061302555331153013060355040A130C54523
3342053616D706C6573311B301906035504031312545233342053616D706
C65204341204B4448301E170D3130313130323030303030305A170D32303
13032393233353935395A3040310B3009060355040613025553311530130
60355040A130C545233342053616D706C6573311A3018060355040313115
45233342053616D706C65204B4448203130820122300D06092A864886F7
0D01010105000382010F003082010A0282010100C3EB8F2904BECB6F91EF
CA38DBB75DD91931CA8FE211663F486FCABA07A0C2ED87CB5286C508DA
2D1F0EDEDDC0A7DB5C605DBCB9AB73D161BB1A0F1B0EE555780FAF7BCAB
A5E06DFEF889E51F68FE65DC21AF0003A86F1706E461E1502BEA45877BAE
202658FBCA2EBED56920186357F714E5BEEC970A1EA8808A9F4262F2F644
38279D87C64C17E39BA7130F47B4AA4413643F86A9862A35AD9373D8E2D
28C592C8A521731BA95C8E44327ABB0ECE50BFAE6CE8EAF4934E948C6A3
B8BEBE268A6927BC87E1AE792D53153399B4B82882C9A79E431D10DCE58
407053B92BF6D6D67229BB72AAE010827E7126D7570406CAAA9F4DB4F28
C4BD64A9EFC98A0EACD0203010001A351304F30090603551D1304023000
300B0603551D0F0404030206C030090603551D1304023000301D0603551
D0E041604140F11A10AC75E19696CBD16A27A321B185A8D8707300B060355
1D0F0404030206C0
签名#1（signedby CA_KDH）：
8da7424f3a23ddb3844c3c1ac529b7ad13bfa5b2a3f3a9145502fbac540882a
653908198fe58d5c252693517980957892809e93440f0d7e2163bf4282c32f
2d57c998468f896e2c6a8ee2f1eb76c03c83d8f85a3eb4f86ec8f8ffd126e3f6
a2bb2548b57b25388ac2facc23c8cf52fd08dd0ec00db0c7ecc0821c681dfae
6e0542596b74bd85c86f37d7a41e90d1b3238c795002496aab8a001abbc4af
f99c54d6cd01747622777e20f401481023956b1437cecae5291e4933be114fce
1b823e4c5155cbb83142bd1543829b08ae1f4c871871982d8a8ad6e887f40b5
82f8cd32ee830a5d5a4e3033a7a415feb9181bed4b93dd5e37c045e632813c
e40c49cac

主体信息#2（CRL，包括KDH序列号和过期时间）：
3081BD020101300D06092A864886F70D01010B05003041310B3009060355
04061302555331153013060355040A130C545233342053616D706C657331
1B301906035504031312545233342053616D706C65204341204B4448170D
3130313130323137333333305A170D3130313230323137333333305A3048
301602053400000008170D3130313130323137323831335A3016020534000
0000A170D3130313130323137333134365A30160205340000000B170D3130
313130323137333332355A
签名#2（signedby CA_KDH）：
36f06a3c88acbcfa9f8e3b0850eee09a9cf7b5b291886e510d349fe5f05c1bdb
7d9f39e4ea6508828f2ed3ee7963c8587452795c39462b060d5b972c9a7b5
ef890a193c57225d1c88d56eed1d03f7e9a75870d604d15e012ffd7b8506ea4
ba14e7b51018c16d8d9efb6ac5c515686b134e16b1d67f1e8bf43c8fc9a60b96
14adcce9af69c27a9453d426344f6b14450ee5838214741eabf7f87f152a9319
fad9ed3b481a113c03363d29add02e30313a293afc187b725298fb14c5d9979
6785a26cc19cf07c2bc9a23b8f6f6ee19a007904f4bf632dcfde7f2825f312fe6
28e3d0c71cd50bb08ee404e2a5f011a0b5ab4f2a61275e25009dae00660eff3
2d6c3


2. CT_KRD – The KRD Credential Token
主体信息（包含公钥信息）：
30820221a00302010202053400000007300d06092a864886f70d01010b050
03041310b300906035504061302555331153013060355040a130c54523334
2053616d706c6573311b301906035504031312545233342053616d706c652
04341204b5244301e170d3130313130323030303030305a170d3230313032
393233353935395a3040310b300906035504061302555331153013060355
040a130c545233342053616d706c6573311a3018060355040313115452333
42053616d706c65204b5244203130820122300d06092a864886f70d010101
05000382010f003082010a0282010100d45c30cb6fbb1d394ce5a87b49db6d
cf1434b0fa4e0aa371f850ee8bae7f2dc3c548d51cbda3dd01f0d6553bfb7985
1e731543984b22e362b4fc1dd3d6de82377d20132cc63965dd0ad2dd689e9
85291613540f30e75a558f915b2e9e40dd421cac6bdb74590f4428ab4684ec
b4294d3bad212f6662200eef7ddc301316fba676b7120fb91893c2ba311a84f7
3af2163b5604405fd760bb152689cf5204f20cbbd97623b5db96ccf6ba3826a
c38790d3c2c66cd7ebfd5c9f1e70cbc77f558f95501a9a9cb4ab3dfda265d010
a49ab702a0015df0f6e08d0ce36330641c4dc75ea8fe7dd5ea6b37bd643285
77f8550d3f015aa56f1ab5f25e55f59340af53f9550203010001a33930373009
0603551d1304023000301d0603551d0e041604140d72053ca982e2c189ce4
72050d34d045a9a59d3300b0603551d0f040403020430
签名（signedby CA_KRD）：
0d9ed39c97d2e17bf07134db40ba1a4aced72ad68fd519de3e22f9b8cb6a518
05b5fcd438f1c73097e6999f05cc06fbc7bf23fcb1241128e0a79d7935160068
518d18a6530fb486337c97f0cad718ca1dc2481f21c1f7de03ec56b12cea82bc8
1ebdf49442756ff3da992d28c1445747ab1021f1c14ffe43d08528e668e0406d
ff500d555d823b9f0b51c4bbdb47c6f17b3027479b5c8be4484276ed0b71cda
dc1c24946b6d186468c8574e3b8d1ea151fd894221bdbf4c2e73c9405d795e7
b7fde2199ae33176d3ae72ada80d9510204f0c870577b7f752dc479b29d5012
1391ccfca8178c86b1aad769b584e6817e162b05a311930f8a4f1ddd7527420d
7b1



四、KDH组装 KT_KDH – The KDH Key Token (1 Pass)

1. 组装envelopedData

1.1 组装TR34 keyblock明文
TR34 keyblock明文由 Version + IssuerAndSerialNumber + K_n + KBH 组成：
Version ：目前固定为1
IssuerAndSerialNumber：发行者和其独特的序列号
K_n：要传输的密钥（实际应用中一般这里就是Masterkey的明文）
KBH ：TR-34借用TR-31中 Key Block Header的概念，用来说明此次传输的密钥之后会使用的算法和其用途、属性。
注意在TR-34中，KBH里的版本信息不重要。(Because TR-34 utilizes the KBH only to define the attributes of the transported key the version field in the TR-34 KBH contains a value that applies to the format of the KBH itself.)

组成TR34 keyblock明文：
308182020101304A3041310B3009060355040613025553311530130603550
40A130C545233342053616D706C6573311B3019060355040313125452333
42053616D706C65204341204B44480205340000000604100123456789AB
CDEFFEDCBA9876543210301F06092A864886F70D01070131120410413032
35364B30544230304530303030


1.2 产生RSA密文
用键盘公钥对一个临时生成的密钥 K_E 做 RSA-oaep-sha256-mgf1-sha256 加密得到RSA密文，协议中数据：
键盘公钥：
D45C30CB6FBB1D394CE5A87B49DB6DCF1434B0FA4E0AA371F850EE8BAE
7F2DC3C548D51CBDA3DD01F0D6553BFB79851E731543984B22E362B4FC1
DD3D6DE82377D20132CC63965DD0AD2DD689E985291613540F30E75A55
8F915B2E9E40DD421CAC6BDB74590F4428AB4684ECB4294D3BAD212F66
62200EEF7DDC301316FBA676B7120FB91893C2BA311A84F73AF2163B5604
405FD760BB152689CF5204F20CBBD97623B5DB96CCF6BA3826AC38790D
3C2C66CD7EBFD5C9F1E70CBC77F558F95501A9A9CB4AB3DFDA265D010A
49AB702A0015DF0F6E08D0CE36330641C4DC75EA8FE7DD5EA6B37BD643
28577F8550D3F015AA56F1AB5F25E55F59340AF53F955
临时密钥K_E：
0123456789ABCDEFFEDCBA9876543210FFEEDDCCBBAA9988

得到RSA密文：2CBD086DC723286D97AA617C1E94980E539AE8BF51A926C55FE4858BE48
0856506F08F009327E2EAC813D77C7B24A0AE52325C56452F750466CD57
81EF1CB4B573A60724106D1252F18C274229599B7887BA379C5081782198D
C9A094493D389CA83D6F08D58D88E954806F7B00A620B20CA607906747
27C79D74B79E039C985E2F107BEC30A7FC82E5CD4268A1A2CD579FC822
CC366A572DC699526A1B1CC0CE3F6830AE7FEAA2BE1464F1BFB4814D978
F6007646407F224B75840F961127EF0E234726A36A36564A32D2C74605A5
0849C9BF9F93F727D1AC68FED720DEEED2AD0A064B30AC01D2BEEB3CCD
03D46315D40F1FFD6D260DC6F6537D70E02818A7



1.3 产生Encrypted key block(BE)：
用临时密钥K_E用3DES CBC算法，用PKCS#5(同PKCS#7) 填充方式，用一个随机生成的初始化向量，加密keyblock明文，得到Encrypted key block(BE)，协议中数据：
K_E：0123456789ABCDEFFEDCBA9876543210FFEEDDCCBBAA9988
随机生成的初始化向量：0123456789ABCDEF

得到Encrypted key block(BE)：
5332A1F84521DE2D3B23EBE3CB2D674B16114EC598214102C3DEE175C2A6
69400EB039136E632E4A32140AAB5546AC478799F7B7A025335F45CCA3C
D1894314FF513E3E02573ADB5135DF8B1DB3277D9DE273DC6A8B5E79D21
5F63B93A52137DBAFBE5CC3FF472919D86D2409762370FA80A77AED183E1
ED597BF9BFDC9D286934C7C1E1E8D003FB



2. 组装signedData

2.1 CA_KDH对CRL签名（注意是CA_KDH对CRL签名，而非KDH签名的）
主体信息（包含KDH序列号和过期时间）：
3081BD020101300D06092A864886F70D01010B05003041310B3009060355
04061302555331153013060355040A130C545233342053616D706C657331
1B301906035504031312545233342053616D706C65204341204B4448170D
3130313130323137333333305A170D3130313230323137333333305A3048
301602053400000008170D3130313130323137323831335A3016020534000
0000A170D3130313130323137333134365A30160205340000000B170D3130
313130323137333332355A
签名（signedby CA_KDH）：
36f06a3c88acbcfa9f8e3b0850eee09a9cf7b5b291886e510d349fe5f05c1bdb
7d9f39e4ea6508828f2ed3ee7963c8587452795c39462b060d5b972c9a7b5
ef890a193c57225d1c88d56eed1d03f7e9a75870d604d15e012ffd7b8506ea4
ba14e7b51018c16d8d9efb6ac5c515686b134e16b1d67f1e8bf43c8fc9a60b96
14adcce9af69c27a9453d426344f6b14450ee5838214741eabf7f87f152a9319
fad9ed3b481a113c03363d29add02e30313a293afc187b725298fb14c5d9979
6785a26cc19cf07c2bc9a23b8f6f6ee19a007904f4bf632dcfde7f2825f312fe6
28e3d0c71cd50bb08ee404e2a5f011a0b5ab4f2a61275e25009dae00660eff3
2d6c3

2.2 生成envelopedData的哈希：
对去除最外层SEQUENCE的envelopedData做sha256：
0201003182019e3082019a020100304a3041310b300906035504061302555
331153013060355040a130c545233342053616d706c6573311b3019060355
04031312545233342053616d706c65204341204b52440205340000000730
4506092a864886f70d0101073038300d06096086480165030402010500301
806092a864886f70d010108300b0609608648016503040201300d06092a8
64886f70d0101090400048201002cbd086dc723286d97aa617c1e94980e539
ae8bf51a926c55fe4858be480856506f08f009327e2eac813d77c7b24a0ae52
325c56452f750466cd5781ef1cb4b573a60724106d1252f18c274229599b788
7ba379c5081782198dc9a094493d389ca83d6f08d58d88e954806f7b00a62
0b20ca60790674727c79d74b79e039c985e2f107bec30a7fc82e5cd4268a1a2
cd579fc822cc366a572dc699526a1b1cc0ce3f6830ae7feaa2be1464f1bfb481
4d978f6007646407f224b75840f961127ef0e234726a36a36564a32d2c7460
5a50849c9bf9f93f727d1ac68fed720deeed2ad0a064b30ac01d2beeb3ccd03
d46315d40f1ffd6d260dc6f6537d70e02818a73081ad06092a864886f70d010
70130819f06082a864886f70d030704080123456789abcdef8081885332a1f8
4521de2d3b23ebe3cb2d674b16114ec598214102c3dee175c2a669400eb039
136e632e4a32140aab5546ac478799f7b7a025335f45cca3cd1894314ff513e
3e02573adb5135df8b1db3277d9de273dc6a8b5e79d215f63b93a52137dbafb
e5cc3ff472919d86d2409762370fa80a77aed183e1ed597bf9bfdc9d286934c7
c1e1e8d003fb
Hash type: SHA-256
Hash: 5D98145E22FCB7F6751B1A453A30C52487F924BC75EF46DB7974C7AA6C4
BC72D

2.3 组装Signed Attributes
把签名时间(1 Pass) 或 随机数(2 Pass) 和 TR-34 Key Block Header 和 envelopedData的摘要 组成Signed Attributes，协议中数据(1 Pass)：
A0818A301806092A864886F70D010903310B06092A864886F70D01070330
1C06092A864886F70D010905310F170D3132303230333136313830365A30
1F06092A864886F70D0107013112041041303235364B3054423030453030
3030302F06092A864886F70D010904312204205D98145E22FCB7F6751B1A
453A30C52487F924BC75EF46DB7974C7AA6C4BC72D

2.4 KDH对Signed Attributes签名
注意，协议中规定需要把Signed Attributes的第一个字节A0换成31再做签名。
KDH对其签名得Signature of signed attributes：
019FA5BC6AB382E7C6A08947BC555AEEA8CBF3BBDD4EC77BA6F480FFFF
71BA5ECB3F775C08EB3F3C3CEA79310DB05877AD2AA88620EB69F414B17
39E077BF1C50FD568B138E84DE9E48A1544A0DD07BBF8C5C4FB66AC99C
668342C052F15DED47B2DBF86A9768EA350A55C29E262E3CCD7107A269
D0A75FA1F3AB970671139CD28997EB535F291A9CF64393506E1943400CA6
51230B7DC407E806A44AADBAD8B85F89BB874833CD0E745F34CE38941B
309640BCB8AAD0235B1C460368B2786664AF359C033E8CCC8EFD3CBEE1
D00D52DBAC91F07402AF4BB3BBD31410D9775DCB41ACA86575CF10F83C1
BB4D7831C94943D01225CF24AE182820FA7C88C2273D



五、KRD处理KT_KDH
1. 用CA_KDH公钥验签CRL
2. 用KDH公钥验签Signed Attributes
3. 用键盘私钥解密envelopedData中的RSA密文，得到主机此次使用的临时密钥K_E（一个3DES密钥）
4. 用K_E和envelopedData中的初始化向量解密envelopedData中的Encrypted key block(BE)，得到一个明文的DER Encoded key block。
其中包含这次传输的key的明文和他的KBH(说明这次传输的key的usage和mode)








验证Rebind的流程：
1.a. 检查CRL freshness：
（这里ASC X9 TR 34–2019文档说错了。根据RFC 5280 PKIX Certificate and CRL Profile中的Validity说明，CRL并没有generation date。这里验证freshness，实际应该是用current date和CRL的Validity period比较，而不是和generation date比较）
看当前时间是否在2010/11/3 01:33:30 – 2010/12/3 01:33:30中，如果在，CRL才有效。（后面假设这个是合格的CRL）
1.b. 验签CRL
主体信息：
3081BD020101300D06092A864886F70D01010B05003041310B300906035504061302555331153013060355040A130C545233342053616D706C6573311B301906035504031312545233342053616D706C65204341204B4448170D3130313130323137333333305A170D3130313230323137333333305A3048301602053400000008170D3130313130323137323831335A30160205340000000A170D3130313130323137333134365A30160205340000000B170D3130313130323137333332355A
CAKDH的公钥：
AEFA1D7396C3DBA499E55D7AA50714AC5E75C1271D9000EAEED2A007AB646670515F43212C8A20BC32CB67B1CD5D712F66776F776D58BC5F81730C539636222B4428C8AAFCFCD00CBCE849707066C1946D0EAFB23313B6A6ADBF23E922F595D1EE57A6C4BE014D6A64E5D9C45429C920410E1F12C25E5500065D497A4778CF03560DE81186CED7E5B7474A1D4703EAAF94406A3C73144DF8C971F879CF33AE8E9848DE5051B46029A62C9497BCE86AF152460B3943AE24CFF9CE88F5A50485DA14B3D31DD3C69DF24105D2526253EA3889FE1C6FD833A813AF43FEC40C40F882DADE4EEBFE5801448DDCBD9DE4FBB69D56A0810E082B732A35EA2A16707286FF
签名：
36f06a3c88acbcfa9f8e3b0850eee09a9cf7b5b291886e510d349fe5f05c1bdb7d9f39e4ea6508828f2ed3ee7963c8587452795c39462b060d5b972c9a7b5ef890a193c57225d1c88d56eed1d03f7e9a75870d604d15e012ffd7b8506ea4ba14e7b51018c16d8d9efb6ac5c515686b134e16b1d67f1e8bf43c8fc9a60b9614adcce9af69c27a9453d426344f6b14450ee5838214741eabf7f87f152a9319fad9ed3b481a113c03363d29add02e30313a293afc187b725298fb14c5d99796785a26cc19cf07c2bc9a23b8f6f6ee19a007904f4bf632dcfde7f2825f312fe628e3d0c71cd50bb08ee404e2a5f011a0b5ab4f2a61275e25009dae00660eff32d6c3

2. Verifies the stored Cred_KDH is not contained in the (validated) CRL_{CA_KDH} .
CRL_{CA_KDH}中的序列号有3400000008、340000000A、340000000B，检查当前存储的主机证书序列号不在其中。

3. Verifies the KDH’s signature in the rebind token RBT_KDH using KDH’s public verification key V_KDH(previously stored).












附1:
X509 证书知识
SKID（证书使用者密钥标识符，subject key identifier 的简称）和 AKID（证书颁发机构密钥标识符，authority key identifier 的简称）是 X509 证书中常见的扩展字段。
比如CA_KRD其中subjectKeyIdentifier是这个证书内容中的公钥的SHA1哈希值：
证书内容中的公钥（270B）：
3082010a0282010100fbf7e47f3fb3b1f4d4157ec98a5fc5854c34295fc6b887
6f405b0e37ed9d3e5a4ce9961c13a44730e4e897aa9276bd2030f34523ba99
57f0567ba053a934ec95923eb3905efae19ca0039178c9c1f084683e25270a7
35616e4ba14a55dfc93bfac84087a22bc290718303348be17a2c6015945fd9a
14705d7c43ba9480d7623fbb468d24b6120466f9f087e3d789b82a291ce178
b9c8afe30184a7cb8769620f4ecc6d212b4538f46e9a178ab2cbe7acaecf1d91
164ed0ef593340447e7850ff7d793dc48512884e20e09dea80090963847635
bed3e92174dfa9823841d0ef8912dc227ba30c6813336846d941248dc0d4f0
e2d259658258ed1a02184729e2db0203010001
SHA1哈希值（20B）：12386ECFB6A66EDADBFF096F65BBD5B050F9CC0D





附2:
p12和p7b文件的区别： p12用于存放一个（一对）密钥；p7b用于存放一个证书。





附3: //20240611
理解主机公钥证书和键盘公钥证书中OID 2.5.29.15 keyUsage

对OID在OID 2.5.29.15 keyUsage reference info (oidref.com) 中搜索，找到RFC 5280标准：RFC 5280 – Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile (ietf.org)
标准中定义了：
KeyUsage ::= BIT STRING {
digitalSignature (0),
nonRepudiation (1), — recent editions of X.509 have
— renamed this bit to contentCommitment
keyEncipherment (2),
dataEncipherment (3),
keyAgreement(4),
keyCertSign (5),
cRLSign (6),
encipherOnly(7),
decipherOnly(8) }

协议文档里键盘公钥是 03020430，03说明bitstring，02说明bitstring负载长度是2，04是补位长度字节 说明30的后4位是补位，所以实际bitstring是0011，对应usage是keyEncipherment和dataEncipherment
协议文档里主机公钥是 030206C0，后6位是补位，实际bitstring是11，对应usage是digitalSignature和nonRepudiation
ASN.1规则中Boolean和bitstring编码方式的简介_bit string-CSDN博客