# learn

**Repository Path**: beeskluo/learn

## Basic Information

- **Project Name**: learn
- **Description**: js
- **Primary Language**: Python
- **License**: Not specified
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 0
- **Forks**: 1
- **Created**: 2022-04-28
- **Last Updated**: 2022-04-28

## Categories & Tags

**Categories**: Uncategorized

**Tags**: None

## README

1. 添加sm2，国密证书制作，及验证
    1. 公钥秘钥使用sm2算法
    2. 根证书制作步骤：
        1.  生成根证书秘钥
            openssl ecparam -out ca.key -name SM2 -genkey
        2.  生成根证书请求文件
            openssl req  -key ca.key -new -out ca.req
        3.  生成根证书
            openssl x509 -req -in ca.req -signkey ca.key -out ca.pem
    3. sm2证书制作步骤
        1. 生成sm2秘钥对
            openssl ecparam -out site.key -name SM2 -genkey
        2. 生成证书请求文件
            openssl req -key site.key -new -out site.req
        3. 生成证书
            openssl x509 -req -in site.req -CA  ca.pem -CAkey ca.key -out site.pem -CAcreateserial
        4. 转为der格式
            openssl x509 -outform der -in site.pem -out site.der
    4. 验证
        /work2/learn/openssl/sm2# ../openssl_demo site.der 

        root@ubuntu:/work2/learn/openssl/sm2# ../openssl_demo site.der 
        File name site.der
        1. Certificate Version=[0]
        2. Certificate Serial len=[20] Serial:240DDC77DA57AD64CFFC2CD8B1F4F6070FAAF3E8
        3. signature=[ecdsa-with-SHA256][ecdsa-with-SHA256]
        4. issuer_name=[/C=cn/ST=fj/L=fz/O=rj/OU=fz/CN=zhengjnq/emailAddress=359791866@qq.com]
        5. Certificate time
            From: Wed Feb 19 17:45:24 2020
            To  : Fri Mar 20 17:45:24 2020
        6. subject num=[7][/C=cn/ST=fj/L=fz/O=fx/OU=fx/CN=zengjuq/emailAddress=359791866@qq.com]
        7. Subject PublicKey
        公钥算法:[id-ecPublicKey]
        证书类型:408
        加密级别:256 bit
        公钥长度=[65]
        04 30 D7 F8 BE CE 8E BF   07 69 59 68 2B 07 87 96   FC D0 78 8C 41 EE B9 71   C0 60 0C 4E EC 84 2B B9   
        EF F4 B0 4B 99 AF CF 42   17 92 64 31 FE CC 0E 0D   03 02 D1 3D 0B 0B 04 6A   4D C1 31 84 BD 9F F1 BB   
        79
        扩展学习1：如何精细的获取 证书接受者的数据?
        subject_name_num=[7]
        [00][countryName]=[cn]
        [01][stateOrProvinceName]=[fj]
        [02][localityName]=[fz]
        [03][organizationName]=[fx]
        [04][organizationalUnitName]=[fx]
        [05][commonName]=[zengjuq]
        [06][emailAddress]=[359791866@qq.com]
        扩展学习2：如何精细的获取 证书签发着的数据?
        subject_name_num=[7]
        [00][countryName]=[cn]
        [01][stateOrProvinceName]=[fj]
        [02][localityName]=[fz]
        [03][organizationName]=[rj]
        [04][organizationalUnitName]=[fz]
        [05][commonName]=[zhengjnq]
        [06][emailAddress]=[359791866@qq.com]
        X509 扩展处理 
        X509 证书扩展项个数 [0]
        ********************************************************