我在iOS上签名数据并用Java验证它时遇到了麻烦。
到目前为止我尝试了什么:
iOS(Swift):
let text = "Hello World!"
let publicKey = heimdall.publicKeyComponents()!
let hashedText = text.sha512()
let modulus = publicKey.modulus.base64EncodedStringWithOptions(NSDataBase64EncodingOptions(rawValue: 0))
let exponent = publicKey.exponent.base64EncodedStringWithOptions(NSDataBase64EncodingOptions(rawValue: 0))
let signature = heimdall.sign(hashedText.dataUsingEncoding(NSUTF8StringEncoding)!)!.base64EncodedStringWithOptions(NSDataBase64EncodingOptions(rawValue: 0))
let verSig = NSData(base64EncodedString: signature, options: NSDataBase64DecodingOptions(rawValue: 0))
let message: NSDictionary = ["text": text, "signature": signature, "modulus": modulus, "exponent": exponent ]
我使用Swift Heimdall进行RSA-Key处理,消息通过http发送为JSON。
在Java方面:
final byte[] signature = Base64.decodeBase64( message.getSignature() );
final byte[] modulus = Base64.decodeBase64( message.getModulus() ) ;
final byte[] exponent = Base64.decodeBase64( message.getExponent() );
final String messageText = message.getText();
final Signature sig = Signature.getInstance( "SHA512withRSA" );
final KeyFactory keyMaker = KeyFactory.getInstance( "RSA" );
final RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec( new BigInteger( modulus ),
new BigInteger( exponent ) );
final RSAPublicKey pubKey = (RSAPublicKey)keyMaker.generatePublic( pubKeySpec );
sig.initVerify( pubKey );
sig.update( messageText.getBytes() );
final boolean result = sig.verify( signature );
但结果总是错误的: - / 据我所知,数据传输正确。 也许我正在搞乱编码。
答案 0 :(得分:1)
我解决了这个问题,我删除了消息的初始哈希(在iOS上)。一切正常。 Heimdall.sign在签名之前已经对数据进行了哈希处理。