crypto verifier.verify()总是返回false - javascript

时间:2017-04-28 17:59:32

标签: node.js cryptography rsa digital-signature

我正在尝试使用cypto verifier.verify来验证我的公钥的RSA签名。当我在openssl上执行此操作时,验证将返回为已验证, 但是当我在我的程序中执行它时,verifier.verify总是返回false。 这是我测试的openssl命令,以确保我的签名或公钥没有问题。

OpenSSL的> dgst -sha256 -verify pubkey.pem -signature sign.txt.sha256 sign.txt 验证确定

event is the signature that is passed in: "AIcrnumIAYQ6GegOIQzUlz9FS/uIiVlprXQyp8SFTtEEq4B/xv4flufsf35RS5Ki
ajUgAGWnmQ1gdXVNAV3Hpidip2EXTrHyfNF8MCGhueCgKPNML9fA+pW0K8RLTDUK
6V8/41fwQ+d/k6LjErenoa8sXFC3qRAg3w6xzmrtfLnHqjYW86kRVo4fCzAOeHse
a4jtJ9+EDjJfwB4vnP4eMF/QlrRvc1+U4aVB3nEtPb/l8/c5W70NWGz3JOrpENum
E7GnjwSk6bOysDQxCQ1z+AF4fv/VqmBizF4LFk+NbyYM8Z4T/cMlz0bU4VNJBlf5
k526esT9Mj4Eo93y+fW+cA=="

    const crypto = require('crypto');
    var fs = require('fs');
    var expired = false;


    const pub = '-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnVi9xDUe6+Kimb2TniZ\nX/pBGIhy5glXpHYgGmTOeYQa45bDkdwn3ydk15M/K7xpwJsHWSM2K2cQzCO7YCu8\nrgEMHggezt69KtXt78ohNy7AwD2Vheo6uXfaR91X9bc2dZ9oR2pEWHh3MX5jXA9y\nRopDfA/xdWj8ZiZK0RPGzyGufRauhFUaf48+2emr0nwluAfl5v1fV7vm/sBxitbj\nwl7rmka6SYodhMPRnMphFbv66sN50fPcZop8kWHp+LcvXB0TIhccRvnPHkTqjc7/\nbGiGQly6cL7JkQrDbcDCuGqPc397qDHb2ABpyZKWCHpkVAwNyc5Y1uOjaSJgPwq6\n8QIDAQAB\n-----END PUBLIC KEY-----\n';

    exports.handler = (event, context, callback) => {

    // from site https://github.com/nodejs/node-v0.x-archive/issues/6938
    //data is signed string that's passed into this in an above not shown function wrapper.
        try{
        //var message = new Buffer(event);   
        var message = event //needs to be just string apparently
        var verifier = crypto.createVerify("RSA-SHA256");
        console.log("message " + message);   
        //verifier.update takes in the string that was signed.
        verifier.update(message); //was data

        //verifier.verify
        //pub is a string of public signature in PEM format
        //signature is the base64 binary encoded version of data
        //base64 tells the format so it can be verified
        //expired is a bool, for this example, hard coded above to false, you'll want to check that for real.

        //console.log('vf: ', verifier.verify(pub, message, 'base64'));


        callback(null, {
            verified: (verifier.verify(pub, message, 'base64'))
        });
        } catch (e) {
        callback("Bad Request: " + e);
        }
    };

0 个答案:

没有答案
相关问题
最新问题