1. 首頁
  2. 問答
  3. 簽名數據和蟒蛇驗證它

簽名數據和蟒蛇驗證它

2012-07-07 84 views
1

我寫了下面的代碼符號數據,安卓簽名數據和蟒蛇驗證它

import java.security.KeyFactory; 
import java.security.KeyPair; 
import java.security.KeyPairGenerator; 
import java.security.PrivateKey; 
import java.security.PublicKey; 
import java.security.Signature; 
import java.security.spec.RSAPublicKeySpec; 

import android.app.Activity; 
import android.os.Bundle; 

public class TestActivity extends Activity { 
    /** Called when the activity is first created. */ 
    @Override 
    public void onCreate(Bundle savedInstanceState) { 
     super.onCreate(savedInstanceState); 
      setContentView(R.layout.main); 

     try{ 
     String m ="This is my message"; 
     System.out.println(m); 

     KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA"); 
     keyPairGen.initialize(1024); 
     KeyPair kp = keyPairGen.generateKeyPair(); 
     PrivateKey priKey = kp.getPrivate(); 
     PublicKey pubKey = kp.getPublic(); 


     KeyFactory keyFactory = KeyFactory.getInstance("RSA"); 
     RSAPublicKeySpec publicKeySpec = keyFactory.getKeySpec(pubKey, RSAPublicKeySpec.class); 

     System.out.println("WITH toString: "); 
     System.out.println("Mod :" + publicKeySpec.getModulus().toString()); 
     System.out.println("Exp :" + publicKeySpec.getPublicExponent().toString()); 
     System.out.println("PublicKey:" + pubKey.toString()); 




     System.out.println("PublicKey:" + pubKey); 
     System.out.println("PublicKey Base64:" +MyBase64.encode(pubKey.getEncoded())); 

     Signature instance = Signature.getInstance("SHA1withRSA"); 
     instance.initSign(priKey); 
     instance.update(m.getBytes()); 
     byte[] signature = instance.sign(); 
     System.out.println("Signature: " + MyBase64.encode(signature)); 
     }catch(Exception e){ 
      e.printStackTrace(); 
     } 

    } 
}

我複製從亞行logcat粘貼值到Python和我使用驗證它在Python:

mod=#I paste mod here 
exp=#I paste exp here 
signature=#I paste signature here 

message="This is my message" 

publicKey = RSA.construct((mod,exp)) 
print 'PublicKey Base64: ' + publicKey.exportKey() 
print str(publicKey) 
test = SHA.new(message) 
verifier = PKCS1_v1_5.new(publicKey) 
signature_base = base64.b64decode(signature) 
print "Verification: " + str(verifier.verify(test, signature_base))

我發現MyBase64.encode(pubKey.getEncoded())(在Java中)是相同publicKey.exportKey()(在python)

然而,驗證結果總是爲false。

Java代碼似乎工作正常,如果我使用javac運行它。

任何幫助,可能會出錯?

來源

2012-07-07 d34th4ck3r

+0

順便說一句,您實施的方案與數字簽名幾乎沒有共同之處,因爲您不使用任何證書。只要散列數據(使用SHA-1或其他算法)就可以提供與當前實現相同的完全相同的保證。 – vond 2012-07-07 19:11:22

回答

1

這樣的錯誤常常與額外的空白偷偷進入數據字符串有關。在計算哈希之前嘗試剝離它。

來源

2012-07-07 00:26:23

+0

我試過打印mod,exp和簽名的大小是一樣的。 – d34th4ck3r 2012-07-07 20:29:19

相關問題

 相關問題