Java和.NET互操作(RSA)签名 [英] Java and .NET interop on (RSA) signatures
问题描述
我在基于.net的智能卡上签名一些数据,并尝试在java环境中验证签名,但没有成功。
I'm signing some data on a .net-based smartcard and trying to verify that signature in a java environment - but without success.
(c#):
RSACryptoServiceProvider rsaProvider = new RSACryptoServiceProvider(1024);
// In a different method, rsaParams.Exponent and rsaParams.Modulus are set
rsaProvider.ImportParameters(rsaParams); // Here I'm importing the key
SHA1 sha1 = SHA1.Create();
byte[] signature = rsaProvider.SignData(data, sha1);
客户端(Java):
Signature sig = Signature.getInstance("SHA1withRSA");
sig.initVerify(rsaPublicKey); // initiate the signature with public key
sig.update(data); // update signature with the data that was signed by the card
sig.verify(signedData); // Test card signature - this always returns false
然后我尝试在Java客户端上创建签名(用于测试) - 并且证明在Java客户端上创建的签名与在智能卡上创建的签名不同。我这样创建:
I then tried to create the signature on the Java client (for testing) - and it turns out that the signature created on the Java client is different from the one created on the smartcard. I created it like this:
Signature sig = Signature.getInstance("SHA1withRSA");
sig.initSign(rsaPrivateKey);
sig.update(data);
locallySigned = sig.sign();
现在我明白签名是类似于传递数据+使用的算法的哈希。这是可能的实现不兼容?我缺少别的东西吗?谢谢!
Now I understand that the signature is something like the hash of (passed data + the used algorithm). Is it possible that the implementations are not compatible here? Am I missing something else? Thanks!
PS:是的,我验证了输入和输出都正确地从/传送到卡,关键参数设置,输入/
PS: Yes, I verified that both input and output are transferred correctly from/to the card, that the key parameters are set and that input/output are exactly the same.
修改:Java中的密钥生成:
Key Generation in Java:
// Create a key-pair and install the private key on the card
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
SecureRandom random = SecureRandom.getInstance("SHA1PRNG", "SUN");
keyGen.initialize(1024, random);
KeyPair keyPair = keyGen.genKeyPair();
privateKey = (RSAPrivateKey)keyPair.getPrivate();
publicKey = (RSAPublicKey)keyPair.getPublic();
,然后设置卡上的私钥的exp和mod。
and then I'm setting exp and mod of the private key on the card.
推荐答案
//在另一种方法中,设置rsaParams.Exponent和rsaParams.Modulus
// In a different method, rsaParams.Exponent and rsaParams.Modulus are set
要在RSA密钥中设置私钥指数,您应该使用 RSAParameters.D 。 RSAParameters.Exponent 用于公式指数。
To set the private exponent in an RSA key, you should use RSAParameters.D. RSAParameters.Exponent is for the public exponent.
这篇关于Java和.NET互操作(RSA)签名的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
