我创建了以下方法来检查RSA密钥是否能够签名并验证签名:
public static boolean checkKeys(RSAPrivateKey privateKey, RSAPublicKey publicKey) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
Security.addProvider(new BouncyCastleProvider());
byte[] data = { 65, 66, 67, 68, 69, 70, 71, 72, 73, 74 };
Signature signer = Signature.getInstance("SHA1withRSA", "BC");
signer.initSign(privateKey);
signer.update(data);
byte[] signature = signer.sign();
Signature verifier = Signature.getInstance("SHA1withRSA", "BC");
verifier.initVerify(publicKey);
verifier.update(data);
return verifier.verify(signature);
}
但它总是返回false。即使我使用绝对正确的RSA密钥对。
我缺少什么?
修改
以下是验证RSA签名的全部源代码,以及测试RSA密钥:
Security.addProvider(new BouncyCastleProvider());
String modulus = "6196090b423ba91c28bf6cf10de26bf530d9178c10e51a01ab4476abf2f9f1428eca5db7af5d3f9626bce5b16548a8550eba113bb141494b2f682b8971a537ded23e4071fcdc1156f917cb6dfe2cd084736623b8c6110b724298876d5a21e36a775b90d0ec077bef39e57d551d11a6299f5e45ad6d1ec88bd290118f2d605357";
String publicExponent = "010001";
String privateExponent = "5037134214f493a2d8ffd95e208aa1315030f34128561a558ae1e126a0b8c18f736e7730d94eae490f98b0ba6c461850aaa55a2b161e5350212ce0b4bf1d0f59ecc0cff6723dc65aa776a35177e025d3b50f5b49cedd4b897bdb2f97f0415f7655f2e731972fc9b9a5c868dfdd8fe3806315f76e661690f9c3a5aacf170b0711";
String primeP = "8b1648f46e7b199f2da610869f1148d26689e3095d7d5de00af92287860791f842d943a15b0c5f3cc24e804c47e838b27f8e7749373974a238c37d87bb65c6df";
String primeQ = "b39d4874941830f6e12dcf39263c7f2a8b7ac5766f57e64768700d3897796027bce4969f4f5b823ba85c39c50abf626442aaaa8900e690225b5857023451da89";
String primeExponentP = "97f7e00e922e677cca628d2495dc0660cfd29fc56547f29b935b95153df047fbcdb1f21b4fe9d15932ac81d9b1936a748b8fea7798ff39100bfc56a473d19a45";
String primeExponentQ = "95234475ec93c190af25c4f3328a88470b369153addec12207f495049d0d8ace0596f4ecb73e9b77acc03e2a8cd61c1f976c682c5690d5dd914d6436b2afd48d";
String crtCoefficient = "12baadb22b28d1352b2ac335617c4cd0fe3416c6b3054020950a20700c8dba7ae41946dcec842f29c149032488bc3fadead4eeae0e66935e245b407e99c49b9a";
BigInteger modulusBI = new BigInteger(1, Utils.hexStringToByteArray(modulus));
BigInteger publicExponentBI = new BigInteger(1, Utils.hexStringToByteArray(publicExponent));
BigInteger privateExponentBI = new BigInteger(1, Utils.hexStringToByteArray(privateExponent));
BigInteger primePBI = new BigInteger(1, Utils.hexStringToByteArray(primeP));
BigInteger primeQBI = new BigInteger(1, Utils.hexStringToByteArray(primeQ));
BigInteger primeExponentPBI = new BigInteger(1, Utils.hexStringToByteArray(primeExponentP));
BigInteger primeExponentQBI = new BigInteger(1, Utils.hexStringToByteArray(primeExponentQ));
BigInteger crtCoefficientBI = new BigInteger(1, Utils.hexStringToByteArray(crtCoefficient));
KeyFactory rsaFactory = KeyFactory.getInstance("RSA", "BC");
RSAPrivateCrtKeySpec privateCrtKeySpec = new RSAPrivateCrtKeySpec(
modulusBI,
publicExponentBI,
privateExponentBI,
primePBI,
primeQBI,
primeExponentPBI,
primeExponentQBI,
crtCoefficientBI
);
RSAPrivateCrtKey privateKeyCRTDev = (RSAPrivateCrtKey) rsaFactory.generatePrivate(privateCrtKeySpec);
RSAPublicKeySpec publicKeySpec = new java.security.spec.RSAPublicKeySpec(privateKeyCRTDev.getModulus(), privateKeyCRTDev.getPublicExponent());
RSAPublicKey publicKeyDev = (RSAPublicKey) rsaFactory.generatePublic(publicKeySpec);
byte[] data = { 65, 66, 67, 68, 69, 70, 71, 72, 73, 74 };
Signature signer = Signature.getInstance("SHA1withRSA", "BC");
signer.initSign(privateKeyCRTDev);
signer.update(data);
byte[] signature = signer.sign();
Signature verifier = Signature.getInstance("SHA1withRSA", "BC");
verifier.initVerify(publicKeyDev);
verifier.update(data);
boolean ok = verifier.verify(signature);
此返回始终为false。如果私钥和公钥不匹配,我的测试密钥有什么问题?为什么签名无法验证?