盲签测试失败

Blind signature test fails

在下面的代码中,我复制了整个盲签名过程:首先客户端选择一条消息并对其进行盲化,然后服务器对其进行签名,然后客户端取消对服务器签名的盲化并将其与原始消息一起发回,最后服务器检查如果非盲签名有效。

问题是结果是假的,非盲签名与原消息不符,我不明白为什么会这样。你能指出我哪里做错了吗?

import java.math.BigInteger
import java.security.SecureRandom

import org.bouncycastle.crypto.digests.SHA1Digest
import org.bouncycastle.crypto.engines.RSABlindingEngine
import org.bouncycastle.crypto.engines.RSAEngine
import org.bouncycastle.crypto.generators.RSABlindingFactorGenerator
import org.bouncycastle.crypto.generators.RSAKeyPairGenerator
import org.bouncycastle.crypto.params.RSABlindingParameters
import org.bouncycastle.crypto.params.RSAKeyGenerationParameters
import org.bouncycastle.crypto.params.RSAKeyParameters
import org.bouncycastle.crypto.signers.PSSSigner

object ProvinGrounds {
    // Create a key pair for server
    val serverKeyPair = {
        val generator = new RSAKeyPairGenerator
        val bigInteger = new BigInteger("10001", 16)
        val params = new RSAKeyGenerationParameters(bigInteger, new SecureRandom, 2048, 80)

        generator.init(params)
        generator.generateKeyPair
    }   

    val public = serverKeyPair.getPublic.asInstanceOf[RSAKeyParameters]
  val message = "hello there".getBytes 

  // Generate a blinding factor
  val blindingFactorGenerator = new RSABlindingFactorGenerator
  blindingFactorGenerator.init(public)
  val blindingFactor = blindingFactorGenerator.generateBlindingFactor
  val blindingParams = new RSABlindingParameters(public, blindingFactor)

  // Blind the message and send it to server  
  val blindEngine = new RSABlindingEngine
  blindEngine.init(true, blindingParams)
  val blindedMessage = blindEngine.processBlock(message, 0, message.length)

  // Server signs a blinded message and sends a blind signature to client
  val serverSigner = new PSSSigner(new RSAEngine, new SHA1Digest, 20)
  serverSigner.init(true, serverKeyPair.getPrivate)
  serverSigner.update(blindedMessage, 0, blindedMessage.length)
  val blindedMessageSignature = serverSigner.generateSignature

  // Client unblinds a signature and sends it back to server along with original message
  val unBlindEngine = new RSABlindingEngine
  unBlindEngine.init(false, blindingParams)
  val unblindedMessageSignature = blindEngine.processBlock(blindedMessageSignature, 0, blindedMessageSignature.length)

  // Server checks an original message against an unblinded signature
  val checkSigner = new PSSSigner(new RSAEngine, new SHA1Digest, 20)
  checkSigner.init(false, public)
  checkSigner.update(message, 0, message.length)
  checkSigner.verifySignature(unblindedMessageSignature)  //> res0: Boolean = false, why false?
}

您可能想要阅读有关使用盲签名的内容。致盲后不能使用 PSS。仅当您在盲化后直接对结果执行模幂运算(原始 RSA 签名)时,盲化 属性 才会得到维护。 the Wikipedia article about blind signatures.

的 RSA 部分对此进行了很好的解释

此外,您可能应该在消息中输入哈希 "hello there" 而不是消息本身。这个在之前提到的wiki文章中也有提到