堆栈内存溢出
  简体   繁体   English

无法使用RSA验证SHA1签名

[英]Could not verify SHA1 signature with RSA

 原文  2017-03-09 20:09:32       java/ c#/ x509certificate/ sha1

问题描述

I am trying to verify a certificate signature in Java, but it is failing. 我正在尝试验证Java中的证书签名,但是失败了。 I guess there is a difference between SHA1 and SHA1withRSA, but how do I fix it? 我猜想SHA1和SHA1withRSA之间有区别,但是如何解决?

This is code for signing in using C# (certificate is mycer.p12): 这是使用C#登录的代码(证书是mycer.p12): 

static string Sign(string token, string cer_name, string passw)
        {
            try
            {
                if (!File.Exists(cer_name))
                {
                    MessageBox.Show("File not found " + cer_name);
                    return "";
                }
                X509Certificate2 cert = new X509Certificate2(cer_name, passw, X509KeyStorageFlags.Exportable);
                RSACryptoServiceProvider csp = null;
                csp = (RSACryptoServiceProvider)cert.PrivateKey;
                if (csp == null)
                {
                    MessageBox.Show("No valid cert was found");
                    return "";
                }
                Encoding encoding = Encoding.GetEncoding("UTF-8");
                byte[] data = encoding.GetBytes(token);
                RSACryptoServiceProvider rsaClear = new RSACryptoServiceProvider();
                rsaClear.ImportParameters(csp.ExportParameters(true));
                byte[] signature = rsaClear.SignData(data, CryptoConfig.MapNameToOID("SHA1"));
                bool isValid = csp.VerifyData(data, "SHA1", signature);
                if (isValid) return Convert.ToBase64String(signature).Trim(new char[] { '\0', '\n' }).Replace("\n", "");
                else
                {
                    MessageBox.Show("Siganture verification = FALSE");
                    return "";
                }
            }
            catch (Exception e)
            {
                MessageBox.Show(e.ToString());
                return "";
            }
        }

I use this command to extract public key 我使用此命令提取公钥

openssl pkcs12 -in mycer.p12 -clcerts -nokeys -out publicKEY.pem

And now this code in Java to verify but it returns false: 现在,此代码以Java验证,但返回false: 

 public static boolean verify(String plainText, String signature, String publicKeyFile) {
            try {
CertificateFactory f = CertificateFactory.getInstance("X.509");
        X509Certificate certificate = (X509Certificate)f.generateCertificate(new FileInputStream(publicKeyFile));
                Signature publicSignature = Signature.getInstance("SHA1withRSA");
                publicSignature.initVerify(publicKey);
                publicSignature.update(plainText.getBytes("UTF-8"));
                byte[] signatureBytes = Base64.decode(signature);
                return publicSignature.verify(signatureBytes);
            } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException | UnsupportedEncodingException e) {
                e.printStackTrace();
                return false;
            }
        }

1 个解决方案

解决方案1
 0 已采纳  2017-03-10 22:24:21

This post helped me https://stackoverflow.com/a/16980246/1444413 这篇文章对我有帮助https://stackoverflow.com/a/16980246/1444413 

KeyStore p12 = KeyStore.getInstance("pkcs12");
p12.load(new FileInputStream("mycer.p12"), "password".toCharArray());
String alias = (String) p12.aliases().nextElement();
X509Certificate c = (X509Certificate) p12.getCertificate(alias);
.... c.getPublicKey() ....

And then method verify().. returned true. 然后方法verify()..返回true。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 验证 C# 中的 RSA SHA256 签名 - Verify RSA SHA256 signature in C# 将 SHA1 和 RSA 与 java.security.Signature 与 MessageDigest 和 Cipher 一起使用 - Using SHA1 and RSA with java.security.Signature vs. MessageDigest and Cipher 如何验证 java 程序中生成的 C++ 中的 RSA SHA1 签名 - How to validate a RSA SHA1 signature in C++ generated in a java program Java中的HMAC SHA1签名 - HMAC SHA1 Signature in Java SHA1和DSA的数字签名 - Digital signature with SHA1 and DSA 试图将 Java RSA-PSS 签名验证码(带有 SHA256 hash,SHA1 MGF 哈希)转换为 Python - trying to convert Java RSA-PSS signature verification code (with SHA256 hash, SHA1 MGF hash) to Python 如何验证从具有正确SHA1签名的Android应用程序发送POST数据? - How to verify POST data is sent from Android app with correct SHA1 signature? 验证Java中的Open SSL SHA1哈希 - Verify Open SSL SHA1 hash in Java 在Java中验证hmac sha1签名 - Verifying hmac sha1 signature in Java 无法在Android上验证rsa签名 - Cannot verify rsa signature on Android
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM