我已经使用openssl生成了EC曲线键,并使用sha256摘要生成了签名
数据:265a33bf7a514b6671e6e02aaee2383759348d9f
openssl dgst -sha256 -sign key1.pem data > sig1
公钥文件 pubkey1.pem
-----BEGIN PUBLIC KEY-----
MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAE/2CznS1gXRaO6z8UvF1SOs97Dwp5HUdo
1Y9OW91lfLl1NA8uXUFY7wJYvTl2dbnuZ1muh7htsxMVgEEbn+XCdQ==
-----END PUBLIC KEY-----
签名文件为base64编码
MEUCIQDqUv33+c3svyYOXPVZCYx49TE2Vxq4uP5kSV2ZJ4o/JwIgEqWkxdSMNuQNuzL4KXTEeH/O
ZBFjyErxvHgdHTCjeh0=
通过身份验证
[bash]$ base64 -d sig1b64 > sig1d
[bash]$ openssl dgst -sha256 -verify pubkey1.pem -signature sig1d
data
Verified OK
当我使用Java Bouncycastle库进行验证时,它无法验证签名,这是代码段
public boolean verifyMessage (final String param,final String message , final String signature , final String algo ) throws Exception
{
byte[] content = param.getBytes();
InputStream is = new ByteArrayInputStream(content);
InputStreamReader isr = new InputStreamReader(is);
Reader br = new BufferedReader(isr);
PEMParser parser = new PEMParser(br);
Object obj = parser.readObject();
PublicKey thepubKeyofA = null;
if (obj instanceof org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) {
SubjectPublicKeyInfo eckey = (SubjectPublicKeyInfo) obj;
thepubKeyofA = new JcaPEMKeyConverter().setProvider("BC").getPublicKey(eckey);
Signature ecdsaVerify = Signature.getInstance("SHA256withECDSA", "BC");
ecdsaVerify.initVerify(thepubKeyofA);
ecdsaVerify.update(message.getBytes());
boolean result = ecdsaVerify.verify(Utils.decodeBASE64(signature));
return result;
}