无法在 Java 中验证在 iOS 上签名的数据 [英] Data signed on iOS can't be verified in Java

问题描述

我有一些数据，我正在使用椭圆曲线私钥通过 SecKeyRawSign 在 iOS 上签名.但是，在 Java 中使用 Signature.verify() 验证数据返回 false

I have some data that I'm signing on iOS with SecKeyRawSign using Elliptic Curve private key. However, verifying that data in Java using Signature.verify() returns false

数据是一个随机的64位整数，像这样拆分成字节

The data is a random 64 bit integer, split into bytes like so

uint64_t nonce = (some 64 bit integer)
NSData *nonceData = [NSData dataWithBytes: &nonce length: sizeof(nonce)];

根据这些数据，我正在创建一个 SHA256 摘要

From that data I'm creating a SHA256 digest

int digestLength = CC_SHA256_DIGEST_LENGTH;
uint8_t *digest = malloc(digestLength);
CC_SHA256(nonceData.bytes, (CC_LONG)nonceData.length, digest);
NSData *digestData = [NSData dataWithBytes:digest length:digestLength];

然后用私钥签名

size_t signedBufferSize = kMaxCipherBufferSize;
uint8_t *signedBuffer = malloc(kMaxCipherBufferSize);

OSStatus status = SecKeyRawSign(privateKeyRef,
                                kSecPaddingPKCS1SHA256,
                                (const uint8_t *)digestData.bytes,
                                digestData.length,
                                &signedBuffer[0],
                                &signedBufferSize);

NSData *signedData = nil;
if (status == errSecSuccess) {
    signedData = [NSData dataWithBytes:signedBuffer length:signedBufferSize];
}

似乎一切正常.

然后，在 Java 服务器中，我尝试验证签名数据

Then, in Java server, I'm trying to verify that signed data

PublicKey publicKey = (a public key sent from iOS, X509 encoded)

Long nonce = (64 bit integer sent from iOS)
String signedNonce = (base64 encoded signed data)

ByteBuffer buffer = ByteBuffer.allocate(Long.BYTES);
buffer.putLong(nonce);
byte[] nonceBytes = buffer.array();
byte[] signedNonceBytes = Base64.getDecoder().decode(signedNonce.getBytes());

Signature signer = Signature.getInstance( "SHA256withECDSA" );
signer.initVerify( publicKey );
signer.update( nonceBytes );
Boolean isVerified = signer.verify( signedNonceBytes );

此时signer.verify()返回false

我也尝试对普通数据而不是 SHA256 摘要进行签名，但这也不起作用.

I also tried to sign plain data, instead of SHA256 digest, but that doesn't work either.

我错过了什么?我是否正确签署了数据?我使用了正确的填充吗?是否还需要对数据进行其他操作才能使用 SHA256withECDSA 算法对其进行验证?

What am I missing? Am I signing the data correctly? Am I using correct padding? Is there something else to be done with data to be able to verify it with SHA256withECDSA algorithm?

推荐答案

字节顺序不匹配:

• iOS 是小端.你创建 nonceData 的方式，这个顺序被保留.
• 在 Java 方面，ByteBuffer 默认为 big endian，独立于底层操作系统/硬件.

• iOS is little endian. The way you create nonceData, this order is retained.
• On the Java side, ByteBuffer defaults to big endian, independent of the underlying operating system / hardware.

所以你需要改变字节顺序:

So you need to change the byte order:

ByteBuffer buffer = ByteBuffer.allocate(Long.BYTES);
buffer.order(ByteOrder.LITTLE_ENDIAN);
buffer.putLong(nonce);

这篇关于无法在 Java 中验证在 iOS 上签名的数据的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！