这可能是以下内容的重复: Java Signature.verify results in SignatureException: Signature encoding error Caused by IOException: Sequence tag error ,但答案没有回答我的问题。
拥有此代码:
String RSA_CIPHER_ALGORITHM = "RSA/ECB/PKCS1Padding";
String RSA_KEY_FACTORY_ALGORITHM = "RSA";
String RSA_SIGNATURE_ALGORITHM = "SHA512withRSA";
KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_FACTORY_ALGORITHM);
RSAPublicKey key = (RSAPublicKey)keyFactory.generatePublic(pubKeySpec);
Signature signature = Signature.getInstance(RSA_SIGNATURE_ALGORITHM);
signature.initVerify(key);
signature.update(data);
出现此错误:
java.security.SignatureException: Signature encoding error
at sun.security.rsa.RSASignature.engineVerify(RSASignature.java:204)
at java.security.Signature$Delegate.engineVerify(Signature.java:1219)
at java.security.Signature.verify(Signature.java:652)
...
Caused by: java.io.IOException: Sequence tag error
at sun.security.util.DerInputStream.getSequence(DerInputStream.java:297)
at sun.security.rsa.RSASignature.decodeSignature(RSASignature.java:229)
at sun.security.rsa.RSASignature.engineVerify(RSASignature.java:195)
... 45 common frames omitted
答案 0 :(得分:2)
当您的签名包含PKCS#1 compatible padding时(步骤4和5),这通常会发生,但它不包含所使用的哈希方法的DER编码标识符。该编码的标识符以表示ASN.1 SEQUENCE的DER标签开始(步骤1和2)。
您可以使用原始RSA密码查看编码:
// setup
Signature sigAlg = Signature.getInstance("SHA512withRSA");
sigAlg.initSign(keyPair.getPrivate());
byte[] signature = sigAlg.sign();
// check padding manually
Cipher rsaRaw = Cipher.getInstance("RSA/ECB/NoPadding");
// encrypt or decrypt is actually the same operation for raw RSA
rsaRaw.init(Cipher.ENCRYPT_MODE, keyPair.getPublic());
byte[] paddedSig = rsaRaw.doFinal(signature);
// using Bouncy Castle's hex encoder, you can use any encoder
System.out.println(Hex.toHexString(paddedSig));
然后你可以看到序列字节(值30
,在大量FF
字节(填充)和单个字节值00
之后。如果是当然是有效签名:
0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff003051300d060960864801650304020305000440cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
您可能只会得到代表哈希值的64个字节。