从javascript创建PEM文件看起来与Java不同,导致签名验证失败

时间:2015-12-14 19:33:14

标签: node.js cryptography rsa digital-signature pem

我正在尝试使用其公钥来验证带有RSA签名的SHA1,我已经编写了下面的java代码,但是javascript无法验证它何时使用由crypto或ursa创建的相同模数和指数。虽然如果我使用它来对抗java创建的pem文件,它的工作原理。 有关将java代码转换为javascript的最佳方法的任何想法或建议吗?

JAVA:

import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.Signature;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.RSAPublicKeySpec;
import java.util.Base64;
public class Verify {
static public Boolean verifySignature(String modulus, String exponent , String encodedMsg, String encodedSignature, String signatureAlgorithm)
        throws Exception {

    try {
        RSAPublicKeySpec senderPublicKeySpec =
                new RSAPublicKeySpec(
                        new BigInteger(modulus, 16),
                        new BigInteger(exponent, 16)
                );

        RSAPublicKey rsaPublicKey = (RSAPublicKey) KeyFactory.getInstance(Constants.RSA_KEY).generatePublic(senderPublicKeySpec);

        System.out.println("------------ pem file ----------------");
        System.out.println("format:" +  rsaPublicKey.getFormat());//x.509
        byte[] data = rsaPublicKey.getEncoded();
        rsaPublicKey.getFormat();
        String base64encoded = new String(Base64.getEncoder().encode(data));
        System.out.println(base64encoded);
        System.out.println("----------------------------");

        Signature signature = Signature.getInstance("SHA1withRSA");
        signature.initVerify(rsaPublicKey);
        signature.update(encodedMsg.getBytes());

 //this returns true;
        return signature.verify(Base64.getDecoder().decode(encodedSignature.getBytes()));

    } catch (Exception invaKeySpeExp) {
        throw new Exception(invaKeySpeExp.getMessage());
    }
}

Javascript:

'use strict';

var ursa = require('ursa');

function verifySignature( modulus,  exponent,  encodedMsg) {
var pem = fs.readFileSync('./java.pem');
var publicKeyNode = ursa.createPublicKeyFromComponents(new Buffer(modulus,'binary'), new Buffer(exponent,'binary'));
var publicKeyJava = ursa.createPublicKey(pem);

var sig = ursa.createVerifier(signatureAlgorithm);
sig.update(encodedMsg);
var successJ = sig.verify(publicKeyJava , new Buffer(encodedSignature, 'base64'), 'base64');
console.log(successJ);


var successN = sig.verify(publicKeyNode , new Buffer(encodedSignature, 'base64'), 'base64');
console.log(successN);
}

输出:

true  //from verifying against PEM file created by Java
crypto.js:126 //from Verifying against modulus and exponent
return this._handle.digest(outputEncoding);
                  ^
Error: Not initialized
at Error (native)
at Hash.digest (crypto.js:126:23)
at Object.verify (/Users/aemami/WebstormProjects/temp/node_modules/ursa/lib/ursa.js:705:39)
at verifySignature (/Users/aemami/WebstormProjects/temp/index.js:28:22)
at Object.<anonymous> (/Users/aemami/WebstormProjects/temp/index.js:64:1)
at Module._compile (module.js:460:26)
at Object.Module._extensions..js (module.js:478:10)
at Module.load (module.js:355:32)
at Function.Module._load (module.js:310:12)
at Function.Module.runMain (module.js:501:10)

0 个答案:

没有答案
相关问题
最新问题