如何解决Java中的RSA签名消息验证失败
我已经用Java中的RSA私钥签署了一条消息。可以使用公共密钥在Java本身中成功验证它。但是,当我尝试在Go中验证具有相同签名的消息时,它失败了。
重现该问题的步骤:
- 使用Java代码中的sign方法生成签名
- 在Java代码中运行验证方法
- 替换Java生成的签名字符串后,运行Go测试功能
无论如何,如果我使用纯文本而不是哈希,则可以在Java和Go中成功验证(我已经用Java方法注释掉了这行代码)
Java代码
public static String sign(String plaintext,PrivateKey privateKey){
try {
Signature privateSignature = Signature.getInstance("SHA256withRSA");
privateSignature.initSign(privateKey);
byte[] hash = sha256Hash(plaintext.getBytes());
privateSignature.update(hash);
//privateSignature.update(plaintext.getBytes());
byte[] signature = privateSignature.sign();
return Base64.getEncoder().encodeToString(signature);
}catch (Exception ex){
System.out.println("Exception:"+ex.toString());
return "";
}
}
public static void verify(String plaintext,String signature,PublicKey publicKey){
try {
Signature publicSignature = Signature.getInstance("SHA256withRSA");
publicSignature.initVerify(publicKey);
byte[] hash = sha256Hash(plaintext.getBytes());
publicSignature.update(hash);
//publicSignature.update(plaintext.getBytes());
byte[] signatureBytes = Base64.getDecoder().decode(signature);
System.out.println("Verified:"+publicSignature.verify(signatureBytes));
}catch (Exception ex){
System.out.println("Exception:"+ex);
}
}
public static byte[] sha256Hash(byte[] content) {
try {
MessageDigest digest = MessageDigest.getInstance("SHA-256");
return digest.digest(content);
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e.getMessage(),e);
}
}
去测试功能
func Test_sigVerify(t *testing.T) {
data := []byte("Hello World")
dig := sha256.Sum256(data)
signature := "VP8J3fGZXgHPM9wpKpW0t3mihPSM0VFFjcrZ9IjFpazQMqbKGMryz7Z7D0ufG/hOXPZrKdgtoXQ3jXmcQyvhFB+CEo5j3KsoQ5xq5pGZoaOWjjO7tRxZ2zNfwDkCY+TOKm1JB4So1/ELQU2FCowDfJDxlezPCrAgQFAD0ZkN6Omx/0Hd2HIWCRnOgYyjJvO6DPyaUvd2N+UB0JhrLxDQSi6NJS6b2VZGHANQB3Ik7FDXO5o19qmAxgrv5/ZS1wLRqn+jClFTzbXt3DBPOFHk/3P71ugU6cCkx+BRmGJyrbSgmWi/Z4zDpwy+IdWbfJCCByoaFizZp72rxrPtYqU1fA=="
publicKey,err := parsePublicKey3()
if err != nil {
fmt.Println("Public key paring error:",err)
}
b64,err := base64.StdEncoding.DecodeString(signature)
if err != nil {
fmt.Println("Decoding error:",err)
}
verifyErr := rsa.VerifyPKCS1v15(publicKey,crypto.SHA256,dig[:],b64)
if verifyErr != nil {
fmt.Println("Verify Error:",verifyErr)
return
}
fmt.Println("successfully verified")
}
func parsePublicKey3() (*rsa.PublicKey,error) {
pString := `-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnOCGYMjRR1toSvSgWq2DB1ytz5VF5I1M7wkOksxnJhbgiEC7MnlrctEgPqQXWzzULk/StQSbwip39ZbDEr+uLC/yks2z1+8DmgZe8WR5b/6SBXV3hrPc/rWS0v+fYHkdJ2buhqhqcOfwYntu1tEk3tGyjubQDa6XobDZRHhuRF9mzw7Eld2Atf//wxiGzHylNVa+/SysozVy68ZUcn3tveYClxOEuVYIv3EEnsWnkBPu5/PHBplLr7t6IdJ86viB9hkdocYWj5TQgMccwees6fZ7MKcLeh+WryyajqFJsppvT70t4RmiABjrp1BWB4VEoA9PYwiOKEPsDD8OZOCSQIDAQAB
-----END PUBLIC KEY-----`
var err error
block,_ := pem.Decode([]byte(pString))
if block == nil {
fmt.Println("block is nil")
return nil,err
}
publicKey,err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return nil,err
}
return publicKey.(*rsa.PublicKey),nil
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。