盲签名测试失败

时间:2015-09-22 18:47:15

标签: scala digital-signature public-key-encryption

在下面的代码中,我复制了整个盲签名过程:第一个客户端选择一个消息并使其盲目,然后服务器对其进行签名,然后客户端取消绑定服务器的签名并将其与原始消息一起发回,最后服务器检查是否为非盲签名有效。

问题是结果是错误的,非盲的签名与原始消息不匹配,我不明白为什么会这样。你能指出我犯了哪个错误吗?

import java.math.BigInteger
import java.security.SecureRandom

import org.bouncycastle.crypto.digests.SHA1Digest
import org.bouncycastle.crypto.engines.RSABlindingEngine
import org.bouncycastle.crypto.engines.RSAEngine
import org.bouncycastle.crypto.generators.RSABlindingFactorGenerator
import org.bouncycastle.crypto.generators.RSAKeyPairGenerator
import org.bouncycastle.crypto.params.RSABlindingParameters
import org.bouncycastle.crypto.params.RSAKeyGenerationParameters
import org.bouncycastle.crypto.params.RSAKeyParameters
import org.bouncycastle.crypto.signers.PSSSigner

object ProvinGrounds {
    // Create a key pair for server
    val serverKeyPair = {
        val generator = new RSAKeyPairGenerator
        val bigInteger = new BigInteger("10001", 16)
        val params = new RSAKeyGenerationParameters(bigInteger, new SecureRandom, 2048, 80)

        generator.init(params)
        generator.generateKeyPair
    }   

    val public = serverKeyPair.getPublic.asInstanceOf[RSAKeyParameters]
  val message = "hello there".getBytes 

  // Generate a blinding factor
  val blindingFactorGenerator = new RSABlindingFactorGenerator
  blindingFactorGenerator.init(public)
  val blindingFactor = blindingFactorGenerator.generateBlindingFactor
  val blindingParams = new RSABlindingParameters(public, blindingFactor)

  // Blind the message and send it to server  
  val blindEngine = new RSABlindingEngine
  blindEngine.init(true, blindingParams)
  val blindedMessage = blindEngine.processBlock(message, 0, message.length)

  // Server signs a blinded message and sends a blind signature to client
  val serverSigner = new PSSSigner(new RSAEngine, new SHA1Digest, 20)
  serverSigner.init(true, serverKeyPair.getPrivate)
  serverSigner.update(blindedMessage, 0, blindedMessage.length)
  val blindedMessageSignature = serverSigner.generateSignature

  // Client unblinds a signature and sends it back to server along with original message
  val unBlindEngine = new RSABlindingEngine
  unBlindEngine.init(false, blindingParams)
  val unblindedMessageSignature = blindEngine.processBlock(blindedMessageSignature, 0, blindedMessageSignature.length)

  // Server checks an original message against an unblinded signature
  val checkSigner = new PSSSigner(new RSAEngine, new SHA1Digest, 20)
  checkSigner.init(false, public)
  checkSigner.update(message, 0, message.length)
  checkSigner.verifySignature(unblindedMessageSignature)  //> res0: Boolean = false, why false?
}

1 个答案:

答案 0 :(得分:1)

您可能想要阅读使用盲签名的信息。致盲后你不能使用PSS。只有在盲法后直接对结果执行模幂运算(原始RSA签名)时,才会保持致盲属性。这在the Wikipedia article about blind signatures的RSA部分中得到了很好的解释。

此外,您可能应该通过邮件"hello there"而不是邮件本身提供哈希值。在之前提到的Wiki文章中也提到了这一点。

相关问题
最新问题