A X509 Digital Certificate signed by a CA contains these two amongst other fields. 1. Signature Algorithm 2. Signature Value I understand that the "Signature Algorithm" field contains the hash algorithm that was used by the CA to sign the certificate. And the "Signature Value" is the signature computed on the hash. My question is what is the data that is hashed ? Is it the public key that is part of the CSR(Certificate Signing Request) or the entire CSR?
It is neither the public key on its own, nor the CSR that was used to request the certificate, that forms the signature input. According to RFC 5280 - Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile:
The signatureValue field contains a digital signature computed upon the ASN.1 DER encoded tbsCertificate. The ASN.1 DER encoded tbsCertificate is used as the input to the signature function.
The syntax of tbsCertificate
(tbs = to be signed) is:
TBSCertificate ::= SEQUENCE {
version [0] EXPLICIT Version DEFAULT v1,
serialNumber CertificateSerialNumber,
signature AlgorithmIdentifier,
issuer Name,
validity Validity,
subject Name,
subjectPublicKeyInfo SubjectPublicKeyInfo,
issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
-- If present, version MUST be v2 or v3
subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
-- If present, version MUST be v2 or v3
extensions [3] EXPLICIT Extensions OPTIONAL
-- If present, version MUST be v3
}
The DER encoding of this structure is the data over which the signature is computed.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With