从XML签名值获取sha1哈希值 [英] Get the sha1-hashed value from XML signature value

查看:121
本文介绍了从XML签名值获取sha1哈希值的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我需要帮助我理解XML数字签名方法 rsa-sha1 的人.我想签名值= RSA-encrypt(sha1(signedInfo),privatekey).

I need someone to help me understand XML digital signature method rsa-sha1. I suppose the signature value = RSA-encrypt(sha1(signedInfo), privatekey).

注意Base64.encode(sha1(signedInfo))包含28个字符.所以我认为Base64.encode(RSA-decrypt(signaturevalue),publickey)也应该返回28个字符.但是,我实际上得到了一个48个字符的字符串.

Note Base64.encode(sha1(signedInfo)) contains 28 characters. So I think Base64.encode(RSA-decrypt(signaturevalue), publickey) should return 28 characters as well. However, I actually got a 48-character string.

Base64 base64 = new Base64();
byte[] encrypted = base64.decode(signatureValue);
try {
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.DECRYPT_MODE, getX509Cert().getPublicKey());
        byte[] cipherText = cipher.doFinal(encrypted);

        System.out.println(base64.encodeToString(cipherText));
        //print out MCEwCQYFKw4DAhoFAAQU0G+7jFPydS/sWGO1QPjB0v3XTz4=
        //which contains 48 characters. 
 }
 catch (Exception ex){
    ex.printStackTrace();
 }

XML文件中指示的签名方法

Signature method as indicated in XML file

<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>

推荐答案

RSA签名实际上与使用私钥加密不同,但是JCE通过允许 Cipher 中的向后"操作来推广此错误.>对于RSA(仅适用于RSA),它实际上进行PKCS1-v1_5签名和恢复,而不是按设计的方式进行加密和解密.

RSA signing is not actually the same as encrypting with the private key, but JCE promotes this mistake by allowing 'backwards' operations in Cipher for RSA (only) which actually do PKCS1-v1_5 signature and recovery instead of encryption and decryption as they were designed to.

对于PKCS1至v1.5中的原始标准化RSA签名方案,现在重新命名为RSASSA-PKCS1-v1_5,该值将被填充(用'type'01多个FF和一个00)并用私钥进行modexp'不仅是哈希,而且是包含哈希的ASN.1结构.请参见 rfc8017的9.2节或rfc3447中的编码操作EMSA-PKCS1-v1_5或rfc2437中的9.2.1,尤其是步骤2和(对于较新的两个版本)注释"项目1.

For the original standardized RSA signature scheme in PKCS1 through v1.5, now retronymed RSASSA-PKCS1-v1_5, the value that is padded (with 'type' 01 multiple FFs and one 00) and modexp'ed with the private key is not just the hash but an ASN.1 structure containing the hash. See the encoding operation EMSA-PKCS1-v1_5 in section 9.2 of rfc8017 or rfc3447 or 9.2.1 in rfc2437, especially step 2 and (for the newer two versions) 'Notes' item 1.

复制使用SHA1和RSAjava.security.Signature与MessageDigest和Cipher结合使用
单独的摘要&使用Java安全提供程序进行签名

这篇关于从XML签名值获取sha1哈希值的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆