本文介绍了验证与phpseclib在Java中(安卓)产生SHA1withRSA签名的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

这就是我想要做的:

  • 生成一个512位的RSA密钥中的Java / Android版
  • 生成SHA1withRSA签名在Java中的一些信息
  • 发送信息,签名和公钥到PHP(用于测试,这将在同一时间内完成)
  • 在使用phpseclib验证消息在PHP

我得那么远:

在Java方面:

String msg = "Test message";

// generate keypair
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
keyGen.initialize(512);
KeyPair keyPair = keyGen.generateKeyPair();

// generate signature
Signature signature = Signature.getInstance("SHA1withRSA");
signature.initSign(keyPair.getPrivate(), SecureRandom.getInstance("SHA1PRNG"));
signature.update(msg.getBytes());
byte[] sigBytes = signature.sign();

// send message, signature and public key to php script
List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>(uploadNum + 1);
nameValuePairs.add(new BasicNameValuePair("msg", msg));
nameValuePairs.add(new BasicNameValuePair("signature", Base64.encodeToString(sigBytes,
        Base64.DEFAULT)));
nameValuePairs.add(new BasicNameValuePair("pubkey", Base64.encodeToString(keyPair
        .getPublic().getEncoded(), Base64.DEFAULT)));

HttpClient httpClient = new DefaultHttpClient();
HttpPost httpPost = new HttpPost(UPLOAD_SCRIPT);
httpPost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
HttpResponse response = httpClient.execute(httpPost);

在PHP端:

编辑:如前所述纽伯特,解决的办法就是添加 $ rsa-&GT; setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1); 。另外我补充各地 $修正功能_ POST ['PUBKEY'] ,因为我注意到的base64恩codeD密钥与断行结束。

As neubert mentioned, the solution is to add $rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);. In addition I added the trim function around $_POST['pubkey'] as I noticed that the base64-encoded key ends with a linebreak.

include('Crypt/RSA.php');
$rsa = new Crypt_RSA();
$rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
$rsa->loadKey("-----BEGIN PUBLIC KEY-----\n" . trim($_POST['pubkey']) . "\n-----END PUBLIC KEY-----");
echo $rsa->verify($_POST['msg'], base64_decode($_POST['signature'])) ? 'verified' : 'unverified';

什么情况是:

phpseclib给了我一个PHP的通知无效签名,结果是未验证。

phpseclib gives me a php notice "Invalid signature" and the result is "unverified".

我已经测试这与在PHP端,例如不同的变化的base64解码递给LOADKEY(...)前的公共密钥,而不是使用Base64解码的签名,让走----- BEGIN公钥----- \ N的东西,但没有任何帮助,以便为止。

I already tested this with different variations on the PHP side, e.g. base64-decoding the public key before handing it to loadKey(...), not base64-decoding the signature, leaving away the "-----BEGIN PUBLIC KEY-----\n" things, but nothing helped so far.

那么,做我必须做的,使这项工作?

So what do I have to do to make this work?

编辑:现在,它的工作原理

推荐答案

好像$ _ POST ['味精']可能需要base64_de code()倒是呢?此外,尝试做 $ rsa-&GT; setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1)。默认情况下phpseclib做它,虽然比较安全,不为广泛支持OAEP填充也不是默认的大多数东西。

Seems like $_POST['msg'] might need to be base64_decode()'d as well? Also, try doing $rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1). By default phpseclib does OAEP padding which, although more secure, is not as widely supported nor is it the default for most stuff.

这篇关于验证与phpseclib在Java中(安卓)产生SHA1withRSA签名的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-23 14:39