"SHA1withRSA"的详细信息是什么? [英] What's the detail in "SHA1withRSA"?

问题描述

天真的，我以为"SHA1withRSA algorithm"只是用"SHA1"来操作plainText，然后使用RSA/pkcs1padding来加密"SHA1"的结果.但是，直到我写了一些Java代码进行测试后，我才发现自己是错的我的想法.我使用RSA公钥解密签名，然后使用"SHA1withRSA algorithm"使用相应的私钥进行签名.但是我发现结果不等于"SHA1(plainText)"，下面是我的java代码:

Innocently， I thought "SHA1withRSA algorithm" was simply operating the plainText with "SHA1", and use RSA/pkcs1padding to encrypt the result of "SHA1"。However, I found I was wrong until I wrote some java code to test what I thought. I use RSA publickey to decrypt the signature which I use the corresponding privatekey to sign with "SHA1withRSA algorithm" . But I found the result is not equal to "SHA1(plainText)", below is my java code:

    String plaintext= "123456";
    Signature signature=Signature.getInstance("SHA1withRSA",new BouncyCastleProvider());
    signature.initSign(pemPrivatekey);
    signature.update(plaintext.getBytes());
    byte[] sign = signature.sign();
    //RSA decode
    byte[] bytes = RsaCipher.decryptByRsa(sign, pemPublickey);
    String rsaDecodeHex=Hex.toHexString(bytes);
    System.out.println(rsaDecodeHex.toLowerCase());

    String sha1Hex = Hash.getSha1(plaintext.getBytes());
    System.out.println(sha1Hex);
    //rsaDecodeHex!=sha1Hex

容易找到 rsaDecodeHex！= sha1Hex ，其中

rsaDecodeHex = 3021300906052b0e03021a050004147c4a8d09ca3762af61e59520943dc26494f8941b

rsaDecodeHex=3021300906052b0e03021a050004147c4a8d09ca3762af61e59520943dc26494f8941b

和

sha1Hex = 7c4a8d09ca3762af61e59520943dc26494f8941b.

sha1Hex=7c4a8d09ca3762af61e59520943dc26494f8941b 。

那么，"SHA1withRSA"中的细节是什么?

So, What's the detail in "SHA1withRSA" ?

推荐答案

在PCKS#1 v15中定义的数字签名算法对摘要算法标识符和ASN.1中编码的消息摘要进行RSA加密

The digital signature algorithm defined in PCKS#1 v15 makes a RSA encryption on digest algorithm identifier and the digest of the message encoded in ASN.1

signature = 
    RSA_Encryption( 
      ASN.1(DigestAlgorithmIdentifier  + SHA1(message) )) 

请参阅( RFC2313 )

10.1签名过程

签名过程包括四个步骤:消息摘要，数据编码，RSA加密和八位字节字符串到位字符串的转换.签名过程的输入应是一个八位字节串M，信息;以及签名者的私钥.签名的输出过程应为字符串S(签名).

The signature process consists of four steps: message digesting, data encoding, RSA encryption, and octet-string-to-bit-string conversion. The input to the signature process shall be an octet string M, the message; and a signer's private key. The output from the signature process shall be a bit string S, the signature.

因此，您的 rsaDecodeHex 包含算法标识符和 plainText

So your rsaDecodeHex contains the algorithm identifier and the SHA1 digest of plainText

这篇关于"SHA1withRSA"的详细信息是什么?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！