从JavaScript创build一个PEM文件看起来不同于Java导致签名validation失败
我试图validation与公钥RSA签名的SHA1,我已经写了下面的Java代码完美的作品,但是JavaScript无法validation它何时使用相同的模数和由crypto或ursa创build的指数。 虽然如果我用它对Java创build的Pem文件它的作品。 任何想法或build议的Java代码转换为JavaScript的最佳方式?
JAVA:
import java.math.BigInteger; import java.security.KeyFactory; import java.security.Signature; import java.security.interfaces.RSAPublicKey; import java.security.spec.RSAPublicKeySpec; import java.util.Base64; public class Verify { static public Boolean verifySignature(String modulus, String exponent , String encodedMsg, String encodedSignature, String signatureAlgorithm) throws Exception { try { RSAPublicKeySpec senderPublicKeySpec = new RSAPublicKeySpec( new BigInteger(modulus, 16), new BigInteger(exponent, 16) ); RSAPublicKey rsaPublicKey = (RSAPublicKey) KeyFactory.getInstance(Constants.RSA_KEY).generatePublic(senderPublicKeySpec); System.out.println("------------ pem file ----------------"); System.out.println("format:" + rsaPublicKey.getFormat());//x.509 byte[] data = rsaPublicKey.getEncoded(); rsaPublicKey.getFormat(); String base64encoded = new String(Base64.getEncoder().encode(data)); System.out.println(base64encoded); System.out.println("----------------------------"); Signature signature = Signature.getInstance("SHA1withRSA"); signature.initVerify(rsaPublicKey); signature.update(encodedMsg.getBytes()); //this returns true; return signature.verify(Base64.getDecoder().decode(encodedSignature.getBytes())); } catch (Exception invaKeySpeExp) { throw new Exception(invaKeySpeExp.getMessage()); } } 使用Javascript:
'use strict'; var ursa = require('ursa'); function verifySignature( modulus, exponent, encodedMsg) { var pem = fs.readFileSync('./java.pem'); var publicKeyNode = ursa.createPublicKeyFromComponents(new Buffer(modulus,'binary'), new Buffer(exponent,'binary')); var publicKeyJava = ursa.createPublicKey(pem); var sig = ursa.createVerifier(signatureAlgorithm); sig.update(encodedMsg); var successJ = sig.verify(publicKeyJava , new Buffer(encodedSignature, 'base64'), 'base64'); console.log(successJ); var successN = sig.verify(publicKeyNode , new Buffer(encodedSignature, 'base64'), 'base64'); console.log(successN); }
OUTPUT:
true //from verifying against PEM file created by Java crypto.js:126 //from Verifying against modulus and exponent return this._handle.digest(outputEncoding); ^ Error: Not initialized at Error (native) at Hash.digest (crypto.js:126:23) at Object.verify (/Users/aemami/WebstormProjects/temp/node_modules/ursa/lib/ursa.js:705:39) at verifySignature (/Users/aemami/WebstormProjects/temp/index.js:28:22) at Object.<anonymous> (/Users/aemami/WebstormProjects/temp/index.js:64:1) at Module._compile (module.js:460:26) at Object.Module._extensions..js (module.js:478:10) at Module.load (module.js:355:32) at Function.Module._load (module.js:310:12) at Function.Module.runMain (module.js:501:10)