我想用Java生成RSA-SHA256簽名,但無(wú)法在控制臺(tái)上生成與OpenSSL相同的簽名。這是我對(duì)OpenSSL所做的工作(在本教程之后):生成密鑰對(duì):openssl genrsa -out private.pem 1024提取公鑰:openssl rsa -in private.pem -out public.pem -outform PEM -pubout創(chuàng)建數(shù)據(jù)哈希:echo 'data to sign' > data.txtopenssl dgst -sha256 < data.txt > hash生成的哈希文件從(stdin)=我手動(dòng)刪除的文件開始(首先忘了提起它,謝謝mata)。簽名哈希:openssl rsautl -sign -inkey private.pem -keyform PEM -in hash > signature為了在Java中重現(xiàn)結(jié)果,我首先將私鑰從PEM轉(zhuǎn)換為DER:openssl pkcs8 -topk8 -inform PEM -outform DER -in private.pem -nocrypt > private.der現(xiàn)在,我編寫了這個(gè)Java類來(lái)生成相同的簽名:public class RSATest { public static void main(String[] args) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, SignatureException { byte[] encodedPrivateKey = readFile("private.der"); byte[] content = readFile("data.txt"); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encodedPrivateKey); RSAPrivateKey privateKey = (RSAPrivateKey) keyFactory .generatePrivate(keySpec); Signature signature = Signature.getInstance("SHA256withRSA"); signature.initSign(privateKey); signature.update(content); byte[] signatureBytes = signature.sign(); FileOutputStream fos = new FileOutputStream("signature-java"); fos.write(signatureBytes); fos.close(); } private static byte[] readFile(String filename) throws IOException { File file = new File(filename); BufferedInputStream bis = new BufferedInputStream(new FileInputStream( file)); byte[] bytes = new byte[(int) file.length()]; bis.read(bytes); bis.close(); return bytes; }}不幸的是結(jié)果并不相同,所以我想我一定做錯(cuò)了什么,但我不知道該怎么辦。你們中的某人可以幫助我找到錯(cuò)誤嗎?
為什么我用OpenSSL和Java生成的RSA-SHA256簽名不同?
慕碼人8056858
2019-10-29 14:25:34
