盲签测试失败
Blind signature test fails
在下面的代码中,我复制了整个盲签名过程:首先客户端选择一条消息并对其进行盲化,然后服务器对其进行签名,然后客户端取消对服务器签名的盲化并将其与原始消息一起发回,最后服务器检查如果非盲签名有效。
问题是结果是假的,非盲签名与原消息不符,我不明白为什么会这样。你能指出我哪里做错了吗?
import java.math.BigInteger
import java.security.SecureRandom
import org.bouncycastle.crypto.digests.SHA1Digest
import org.bouncycastle.crypto.engines.RSABlindingEngine
import org.bouncycastle.crypto.engines.RSAEngine
import org.bouncycastle.crypto.generators.RSABlindingFactorGenerator
import org.bouncycastle.crypto.generators.RSAKeyPairGenerator
import org.bouncycastle.crypto.params.RSABlindingParameters
import org.bouncycastle.crypto.params.RSAKeyGenerationParameters
import org.bouncycastle.crypto.params.RSAKeyParameters
import org.bouncycastle.crypto.signers.PSSSigner
object ProvinGrounds {
// Create a key pair for server
val serverKeyPair = {
val generator = new RSAKeyPairGenerator
val bigInteger = new BigInteger("10001", 16)
val params = new RSAKeyGenerationParameters(bigInteger, new SecureRandom, 2048, 80)
generator.init(params)
generator.generateKeyPair
}
val public = serverKeyPair.getPublic.asInstanceOf[RSAKeyParameters]
val message = "hello there".getBytes
// Generate a blinding factor
val blindingFactorGenerator = new RSABlindingFactorGenerator
blindingFactorGenerator.init(public)
val blindingFactor = blindingFactorGenerator.generateBlindingFactor
val blindingParams = new RSABlindingParameters(public, blindingFactor)
// Blind the message and send it to server
val blindEngine = new RSABlindingEngine
blindEngine.init(true, blindingParams)
val blindedMessage = blindEngine.processBlock(message, 0, message.length)
// Server signs a blinded message and sends a blind signature to client
val serverSigner = new PSSSigner(new RSAEngine, new SHA1Digest, 20)
serverSigner.init(true, serverKeyPair.getPrivate)
serverSigner.update(blindedMessage, 0, blindedMessage.length)
val blindedMessageSignature = serverSigner.generateSignature
// Client unblinds a signature and sends it back to server along with original message
val unBlindEngine = new RSABlindingEngine
unBlindEngine.init(false, blindingParams)
val unblindedMessageSignature = blindEngine.processBlock(blindedMessageSignature, 0, blindedMessageSignature.length)
// Server checks an original message against an unblinded signature
val checkSigner = new PSSSigner(new RSAEngine, new SHA1Digest, 20)
checkSigner.init(false, public)
checkSigner.update(message, 0, message.length)
checkSigner.verifySignature(unblindedMessageSignature) //> res0: Boolean = false, why false?
}
您可能想要阅读有关使用盲签名的内容。致盲后不能使用 PSS。仅当您在盲化后直接对结果执行模幂运算(原始 RSA 签名)时,盲化 属性 才会得到维护。 the Wikipedia article about blind signatures.
的 RSA 部分对此进行了很好的解释
此外,您可能应该在消息中输入哈希 "hello there"
而不是消息本身。这个在之前提到的wiki文章中也有提到
在下面的代码中,我复制了整个盲签名过程:首先客户端选择一条消息并对其进行盲化,然后服务器对其进行签名,然后客户端取消对服务器签名的盲化并将其与原始消息一起发回,最后服务器检查如果非盲签名有效。
问题是结果是假的,非盲签名与原消息不符,我不明白为什么会这样。你能指出我哪里做错了吗?
import java.math.BigInteger
import java.security.SecureRandom
import org.bouncycastle.crypto.digests.SHA1Digest
import org.bouncycastle.crypto.engines.RSABlindingEngine
import org.bouncycastle.crypto.engines.RSAEngine
import org.bouncycastle.crypto.generators.RSABlindingFactorGenerator
import org.bouncycastle.crypto.generators.RSAKeyPairGenerator
import org.bouncycastle.crypto.params.RSABlindingParameters
import org.bouncycastle.crypto.params.RSAKeyGenerationParameters
import org.bouncycastle.crypto.params.RSAKeyParameters
import org.bouncycastle.crypto.signers.PSSSigner
object ProvinGrounds {
// Create a key pair for server
val serverKeyPair = {
val generator = new RSAKeyPairGenerator
val bigInteger = new BigInteger("10001", 16)
val params = new RSAKeyGenerationParameters(bigInteger, new SecureRandom, 2048, 80)
generator.init(params)
generator.generateKeyPair
}
val public = serverKeyPair.getPublic.asInstanceOf[RSAKeyParameters]
val message = "hello there".getBytes
// Generate a blinding factor
val blindingFactorGenerator = new RSABlindingFactorGenerator
blindingFactorGenerator.init(public)
val blindingFactor = blindingFactorGenerator.generateBlindingFactor
val blindingParams = new RSABlindingParameters(public, blindingFactor)
// Blind the message and send it to server
val blindEngine = new RSABlindingEngine
blindEngine.init(true, blindingParams)
val blindedMessage = blindEngine.processBlock(message, 0, message.length)
// Server signs a blinded message and sends a blind signature to client
val serverSigner = new PSSSigner(new RSAEngine, new SHA1Digest, 20)
serverSigner.init(true, serverKeyPair.getPrivate)
serverSigner.update(blindedMessage, 0, blindedMessage.length)
val blindedMessageSignature = serverSigner.generateSignature
// Client unblinds a signature and sends it back to server along with original message
val unBlindEngine = new RSABlindingEngine
unBlindEngine.init(false, blindingParams)
val unblindedMessageSignature = blindEngine.processBlock(blindedMessageSignature, 0, blindedMessageSignature.length)
// Server checks an original message against an unblinded signature
val checkSigner = new PSSSigner(new RSAEngine, new SHA1Digest, 20)
checkSigner.init(false, public)
checkSigner.update(message, 0, message.length)
checkSigner.verifySignature(unblindedMessageSignature) //> res0: Boolean = false, why false?
}
您可能想要阅读有关使用盲签名的内容。致盲后不能使用 PSS。仅当您在盲化后直接对结果执行模幂运算(原始 RSA 签名)时,盲化 属性 才会得到维护。 the Wikipedia article about blind signatures.
的 RSA 部分对此进行了很好的解释此外,您可能应该在消息中输入哈希 "hello there"
而不是消息本身。这个在之前提到的wiki文章中也有提到