RSA密钥签名的验证始终返回false

时间:2015-04-30 13:15:29

标签: java rsa digital-signature sign verify

我创建了以下方法来检查RSA密钥是否能够签名并验证签名:

public static boolean checkKeys(RSAPrivateKey privateKey, RSAPublicKey publicKey) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
    Security.addProvider(new BouncyCastleProvider());

    byte[] data = { 65, 66, 67, 68, 69, 70, 71, 72, 73, 74 };

    Signature signer = Signature.getInstance("SHA1withRSA", "BC");
    signer.initSign(privateKey);
    signer.update(data);

    byte[] signature = signer.sign();

    Signature verifier = Signature.getInstance("SHA1withRSA", "BC");
    verifier.initVerify(publicKey);
    verifier.update(data);

    return verifier.verify(signature); 
}

但它总是返回false。即使我使用绝对正确的RSA密钥对。

我缺少什么?

修改

以下是验证RSA签名的全部源代码,以及测试RSA密钥:

        Security.addProvider(new BouncyCastleProvider());

        String modulus = "6196090b423ba91c28bf6cf10de26bf530d9178c10e51a01ab4476abf2f9f1428eca5db7af5d3f9626bce5b16548a8550eba113bb141494b2f682b8971a537ded23e4071fcdc1156f917cb6dfe2cd084736623b8c6110b724298876d5a21e36a775b90d0ec077bef39e57d551d11a6299f5e45ad6d1ec88bd290118f2d605357";
        String publicExponent = "010001";
        String privateExponent = "5037134214f493a2d8ffd95e208aa1315030f34128561a558ae1e126a0b8c18f736e7730d94eae490f98b0ba6c461850aaa55a2b161e5350212ce0b4bf1d0f59ecc0cff6723dc65aa776a35177e025d3b50f5b49cedd4b897bdb2f97f0415f7655f2e731972fc9b9a5c868dfdd8fe3806315f76e661690f9c3a5aacf170b0711";
        String primeP = "8b1648f46e7b199f2da610869f1148d26689e3095d7d5de00af92287860791f842d943a15b0c5f3cc24e804c47e838b27f8e7749373974a238c37d87bb65c6df";
        String primeQ = "b39d4874941830f6e12dcf39263c7f2a8b7ac5766f57e64768700d3897796027bce4969f4f5b823ba85c39c50abf626442aaaa8900e690225b5857023451da89";
        String primeExponentP = "97f7e00e922e677cca628d2495dc0660cfd29fc56547f29b935b95153df047fbcdb1f21b4fe9d15932ac81d9b1936a748b8fea7798ff39100bfc56a473d19a45";
        String primeExponentQ = "95234475ec93c190af25c4f3328a88470b369153addec12207f495049d0d8ace0596f4ecb73e9b77acc03e2a8cd61c1f976c682c5690d5dd914d6436b2afd48d";
        String crtCoefficient = "12baadb22b28d1352b2ac335617c4cd0fe3416c6b3054020950a20700c8dba7ae41946dcec842f29c149032488bc3fadead4eeae0e66935e245b407e99c49b9a";

        BigInteger modulusBI = new BigInteger(1, Utils.hexStringToByteArray(modulus));
        BigInteger publicExponentBI = new BigInteger(1, Utils.hexStringToByteArray(publicExponent));
        BigInteger privateExponentBI = new BigInteger(1, Utils.hexStringToByteArray(privateExponent));
        BigInteger primePBI = new BigInteger(1, Utils.hexStringToByteArray(primeP));
        BigInteger primeQBI = new BigInteger(1, Utils.hexStringToByteArray(primeQ));
        BigInteger primeExponentPBI = new BigInteger(1, Utils.hexStringToByteArray(primeExponentP));
        BigInteger primeExponentQBI = new BigInteger(1, Utils.hexStringToByteArray(primeExponentQ));
        BigInteger crtCoefficientBI = new BigInteger(1, Utils.hexStringToByteArray(crtCoefficient));

        KeyFactory rsaFactory = KeyFactory.getInstance("RSA", "BC");

        RSAPrivateCrtKeySpec privateCrtKeySpec = new RSAPrivateCrtKeySpec(
                modulusBI,
                publicExponentBI,
                privateExponentBI,
                primePBI,
                primeQBI,
                primeExponentPBI,
                primeExponentQBI,
                crtCoefficientBI
                );
        RSAPrivateCrtKey privateKeyCRTDev = (RSAPrivateCrtKey) rsaFactory.generatePrivate(privateCrtKeySpec);

        RSAPublicKeySpec publicKeySpec = new java.security.spec.RSAPublicKeySpec(privateKeyCRTDev.getModulus(), privateKeyCRTDev.getPublicExponent()); 
        RSAPublicKey publicKeyDev = (RSAPublicKey) rsaFactory.generatePublic(publicKeySpec);

        byte[] data = { 65, 66, 67, 68, 69, 70, 71, 72, 73, 74 };

        Signature signer = Signature.getInstance("SHA1withRSA", "BC");
        signer.initSign(privateKeyCRTDev);
        signer.update(data);

        byte[] signature = signer.sign();

        Signature verifier = Signature.getInstance("SHA1withRSA", "BC");
        verifier.initVerify(publicKeyDev);
        verifier.update(data);

        boolean ok = verifier.verify(signature);

此返回始终为false。如果私钥和公钥不匹配,我的测试密钥有什么问题?为什么签名无法验证?

0 个答案:

没有答案