RSA签名与rsa模块和m2crypto生成的有所不同 [英] RSA Signature is different generated from rsa module and m2crypto
问题描述
我正在将服务从Python 2.7迁移到Python 3.5,该服务通过RSA加密/解密与另一服务进行通信.
I am migrating a service from Python 2.7 to Python 3.5 which communicated with another service using RSA encryption/decryption.
Python(v2.7)m2crypto(0.25.1)<正确签名>
Python(v2.7) m2crypto(0.25.1) < Correct Signature >
key = M2Crypto.RSA.load_key(private_key)
digest = hashlib.sha1(bytes(cipher_text, encoding="UTF-8")).hexdigest()
signature = hexlify(key.private_encrypt(digest, M2Crypto.RSA.pkcs1_padding))
Python(v3.5)rsa(v3.4.2)
Python(v3.5) rsa(v3.4.2)
pri_key = rsa.PrivateKey.load_pkcs1(private_key)
signature = hexlify(rsa.sign(cipher_text.encode(), pri_key, "SHA-1"))
以上代码产生的签名不同.这些软件包之间有什么区别?
Signature produced by above codes are different. What is the difference between these packages?
推荐答案
您正在执行不同的加密操作. 用私钥加密!=数字签名
You are executing different cryptographic operations. encrypt with private key != digital signature
signature = hexlify(key.private_encrypt(digest, M2Crypto.RSA.pkcs1_padding))
和
signature = hexlify(rsa.sign(cipher_text.encode(), pri_key, "SHA-1"))
具有PCKS#1 v1.5的数字签名对摘要算法标识符和ASN中编码的消息的摘要进行RSA加密.
A digital signature with PCKS#1 v1.5 makes a RSA encryption on digest algorithm identifier and the digest of the message encoded in ASN.1
signature =
RSA_Encryption(
ASN.1(DigestAlgorithmIdentifier + SHA1(message) ))
虽然加密不包含摘要算法标识符
While encryption does not include the digest algorithm identifier
似乎Python key.private_encrypt
是openssl RSA_private_encrypt 的包装器>查看有关您正在使用的pkcs1_padding
的警告
Seems Python key.private_encrypt
is a wrapper on openssl RSA_private_encrypt Take a look to the warning about thepkcs1_padding
you are using
RSA_PKCS1_PADDING
PKCS#1 v1.5填充.此功能不处理PKCS#1中指定的 algorithmIdentifier .生成或验证PKCS#1签名时,应使用RSA_sign(3)
和RSA_verify(3)
.
PKCS #1 v1.5 padding. This function does not handle the algorithmIdentifier specified in PKCS #1. When generating or verifying PKCS #1 signatures, RSA_sign(3)
and RSA_verify(3)
should be used.
对于数字签名,应使用sign
而不是private_encrypt
.但是,如果您希望通过加密来隐藏邮件的内容,则应使用带有公开密钥而不是私有密钥的加密.
You should use sign
and not private_encrypt
for digital signatures. But if you want encryption to hide the content of the message, you should use encryption with the public key, not the private.
这篇关于RSA签名与rsa模块和m2crypto生成的有所不同的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!