M2crypto签名“算法"(M2crypto signature). [英] M2crypto signature "algorithm"
问题描述
这两个代码提供相同的签名,这是预期的:
These two codes provide the same signature, which is expected:
代码1:
from M2Crypto import RSA, EVP
import base64, hashlib
text = "some text"
pkey = EVP.load_key("mykey.pem") #"mykey.pem" was generated as: openssl genrsa -des3 -out mykey.pem 2048
pkey.sign_init()
pkey.sign_update(text)
signature = pkey.sign_final()
print base64.b64encode(signature)
code2:
pkey = RSA.load_key("mykey.pem")
signature = pkey.sign(hashlib.sha1(text).digest())
print base64.b64encode(signature)
但是,如果我想模仿"签名算法,即用私钥加密摘要,则会得到一个不同的签名,即:
However, if I want to "imitate" the signature algorithm, i.e. encrypting the digest with the private key, I get a different signature, i.e.:
pkey = RSA.load_key("mykey.pem")
signature = pkey.private_encrypt(hashlib.sha1(text).digest(), RSA.pkcs1_padding)
print base64.b64encode(signature) #different from the two above
能否请您提供一些解释?后一种签名方式有什么问题?
Could you please provide some explanation? What is wrong with the latter way of signing?
推荐答案
我相信不同之处在于RSA_sign
与摘要数据一起对摘要PKCS1 algorithmIdentifier进行签名,其中RSA_private_encrypt
仅对摘要数据进行签名.
I believe the difference is that RSA_sign
signs the digest PKCS1 algorithmIdentifier along with the digest data, where RSA_private_encrypt
signs only the digest data.
在 RSA_private_encrypt 手册页中:
From the RSA_private_encrypt man page:
RSA_PKCS1_PADDING
PKCS #1 v1.5 padding. This function does not handle the
algorithmIdentifier specified in PKCS #1. When generating or
verifying PKCS #1 signatures, RSA_sign(3) and RSA_verify(3) should
be used.
这篇关于M2crypto签名“算法"(M2crypto signature).的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!