how can realize openssl pkeyutl -sign by java

放肆的年华 提交于 2021-01-28 21:06:53

问题


the command line is

openssl pkeyutl   -sign -inkey pkcs1.pem -pkeyopt digest:sha1  -in testlog 

I want to realize it by java. But NONEwithRSA or SHA1withRSA neither give the same output. the NONEwithRSA's output is the same with

openssl pkeyutl   -sign -inkey pkcs1.pem   -in testlog 

which has no -pkeyopt digest:sha1

the java code just like

 Signature sign = Signature.getInstance(algorithm);
 sign.initSign(privatekey);
 sign.update(keyByte);
 return sign.sign();

I don't know how to amend this.

thank's very much

What I really want to do is to implement the C function by Java

RSA_sign(NID_sha1, token, token_size, sig, &len, key->rsa)

which dose not hash the Plaintext

https://github.com/usb4java/usb4java-javax-examples/blob/97b95c80e8af87f935f736ed7b4f4a197d4643ac/src/main/java/org/usb4java/javax/examples/adb/Adb.java This can meet my needs.


回答1:


openssl pkeyutl -sign with an RSA private key and -pkeyopt digest:$alg does steps 2-5 of EMSA-PKCS1-v1_5 plus the private modexp (i.e. 8.2.1 step 2 using RSASP1 from 5.2.1); without that -pkeyopt it does not do step 2, which encodes the hash value in a simple ASN.1 structure.

The Java Signature algorithms that include a hash like SHA1withRSA do all steps of EMSA-PKCS1-v1_5 plus modexp, while the scheme NONEwithRSA does only steps 3-5 plus modexp, and neither of these matches what you want. If you can't supply the data to let Signature do the hashing, you'll need to do step 2 yourself and then NONEwithRSA. Although ASN.1 encoding in general can be complicated (and decoding even more so), this case can be done simply by concatenating a prefix determined entirely by the hash algorithm to the hash value; see note 1 on page 47.

Meta: there have been lots of Qs about the differences in RSA v1_5 signatures between openssl rsautl, pkeyutl with and without -pkeyopt digest, or dgst -sign and other systems like Java, all to do with the issue of including or not including the ASN.1 encoding step (and many of them older than rfc8017!) but I can't find any that is a good dupe for this Q.



来源:https://stackoverflow.com/questions/62955968/how-can-realize-openssl-pkeyutl-sign-by-java

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!