"SHA1withRSA"中的详细信息是什么?
What's the detail in "SHA1withRSA"?
我天真地以为"SHA1withRSA algorithm"只是用"SHA1"对明文进行运算,然后用RSA/pkcs1padding对"SHA1"的结果进行加密。结果发现是错了,直到我写了一些 java 代码来测试我的想法。
我使用 RSA 公钥解密签名,我使用相应的私钥用 "SHA1withRSA algorithm" 签名。但是我发现结果不等于"SHA1(plainText)",下面是我的java代码:
String plaintext= "123456";
Signature signature=Signature.getInstance("SHA1withRSA",new BouncyCastleProvider());
signature.initSign(pemPrivatekey);
signature.update(plaintext.getBytes());
byte[] sign = signature.sign();
//RSA decode
byte[] bytes = RsaCipher.decryptByRsa(sign, pemPublickey);
String rsaDecodeHex=Hex.toHexString(bytes);
System.out.println(rsaDecodeHex.toLowerCase());
String sha1Hex = Hash.getSha1(plaintext.getBytes());
System.out.println(sha1Hex);
//rsaDecodeHex!=sha1Hex
很容易找到rsaDecodeHex!=sha1Hex,其中
rsaDecodeHex=3021300906052b0e03021a050004147c4a8d09ca3762af61e59520943dc26494f8941b
和
sha1Hex=7c4a8d09ca3762af61e59520943dc26494f8941b 。
那么,"SHA1withRSA"中的细节是什么?
PCKS#1 v15定义的数字签名算法对摘要算法标识符和ASN.1编码的消息摘要进行RSA加密
signature =
RSA_Encryption(
ASN.1(DigestAlgorithmIdentifier + SHA1(message) ))
参见 (RFC2313)
10.1 Signature process
The signature process consists of four steps: message digesting, data
encoding, RSA encryption, and octet-string-to-bit-string conversion.
The input to the signature process shall be an octet string M, the
message; and a signer's private key. The output from the signature
process shall be a bit string S, the signature.
因此您的 rsaDecodeHex 包含 plainText
的算法标识符和 SHA1 摘要
我天真地以为"SHA1withRSA algorithm"只是用"SHA1"对明文进行运算,然后用RSA/pkcs1padding对"SHA1"的结果进行加密。结果发现是错了,直到我写了一些 java 代码来测试我的想法。 我使用 RSA 公钥解密签名,我使用相应的私钥用 "SHA1withRSA algorithm" 签名。但是我发现结果不等于"SHA1(plainText)",下面是我的java代码:
String plaintext= "123456";
Signature signature=Signature.getInstance("SHA1withRSA",new BouncyCastleProvider());
signature.initSign(pemPrivatekey);
signature.update(plaintext.getBytes());
byte[] sign = signature.sign();
//RSA decode
byte[] bytes = RsaCipher.decryptByRsa(sign, pemPublickey);
String rsaDecodeHex=Hex.toHexString(bytes);
System.out.println(rsaDecodeHex.toLowerCase());
String sha1Hex = Hash.getSha1(plaintext.getBytes());
System.out.println(sha1Hex);
//rsaDecodeHex!=sha1Hex
很容易找到rsaDecodeHex!=sha1Hex,其中
rsaDecodeHex=3021300906052b0e03021a050004147c4a8d09ca3762af61e59520943dc26494f8941b
和
sha1Hex=7c4a8d09ca3762af61e59520943dc26494f8941b 。
那么,"SHA1withRSA"中的细节是什么?
PCKS#1 v15定义的数字签名算法对摘要算法标识符和ASN.1编码的消息摘要进行RSA加密
signature =
RSA_Encryption(
ASN.1(DigestAlgorithmIdentifier + SHA1(message) ))
参见 (RFC2313)
10.1 Signature process
The signature process consists of four steps: message digesting, data encoding, RSA encryption, and octet-string-to-bit-string conversion. The input to the signature process shall be an octet string M, the message; and a signer's private key. The output from the signature process shall be a bit string S, the signature.
因此您的 rsaDecodeHex 包含 plainText