Node.js NodeJS RSA预灰化标志
我正在运行NodeJS 8.12.0,必须在散列上设置签名,而无需重新散列,执行原始签名。或者,换句话说,用私钥加密散列值Node.js NodeJS RSA预灰化标志,node.js,rsa,signature,cryptojs,Node.js,Rsa,Signature,Cryptojs,我正在运行NodeJS 8.12.0,必须在散列上设置签名,而无需重新散列,执行原始签名。或者,换句话说,用私钥加密散列值 const crypto = require('crypto'); // 4096 bits key. let pk = "<BASE64 DER>"; let pub = "<BASE64 DER>"; // Transform them to PEM. pk = `-----BEGIN PRIVATE KEY-----\n${pk.rep
const crypto = require('crypto');
// 4096 bits key.
let pk = "<BASE64 DER>";
let pub = "<BASE64 DER>";
// Transform them to PEM.
pk = `-----BEGIN PRIVATE KEY-----\n${pk.replace('\n', '')}\n-----END PRIVATE KEY-----\n`;
pub = `-----BEGIN PUBLIC KEY-----\n${pub.replace('\n', '')}\n-----END PUBLIC KEY-----\n`;
// Load the data to sign and set the signature.
const fingerprint = Buffer.from('2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824','hex');
const signature = crypto.privateEncrypt({
key: pk,
padding: crypto.constants.RSA_PKCS1_PADDING
},
fingerprint
);
// Unfortunately, the server is not able to verify the signature...
console.log(signature.toString('hex'));
但是,当我将其放入
privateEncrypt
中时,也没有得到正确的输出。这里有人能帮我吗?您正在尝试手动执行PKCS1
-填充(RSASSA-PKCS1-V1\u 5
)。但这不是必须的。连接(这里用于SHA-256
)和您的数据(fingerprint
)就足够了,剩下的部分由隐式地选择的填充(crypto.constants.RSA\u PKCS1\u padding
)完成,即
//签名
var指纹=缓冲区。从('2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824','hex');
变量id=缓冲区。从([0x30、0x31、0x30、0x0d、0x06、0x09、0x60、0x86、0x48、0x01、0x65、0x03、0x04、0x02、0x01、0x05、0x00、0x04、0x20]);
var allData=Buffer.concat([id,fingerprint]);
var signature=crypto.privateEncrypt(privateKey,allData);//默认情况下,crypto.constants.RSA_PKCS1_填充
//使用createVerify进行验证
var verify=crypto.createVerify('RSA-SHA256');
验证。更新(“”);
var verified=验证。验证(公钥、签名);//提供真实的
//使用publicDecrypt进行验证
var decryptedFingerprint=crypto.publicDecrypt(公钥,缓冲区。从(签名)).slice(-32);//提供指纹
注意:如果要手动填充,必须在allData
-缓冲区之前设置字节序列0x00 | | | 0x01 | | | PS | | 0x00
PS
由达到密钥长度所需的任意数量的0xff
-字节组成(以字节为单位)。此外,国旗
crypto.constants.RSA_NO_PADDING
必须在privateEncrypt
调用中显式设置。但是,这是没有必要的,因为结果是相同的。详细信息在@tperfitt中描述:没错,前缀丢失了。我已经改正了。谢谢
// 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824
H = 2c f2 4d ba 5f b0 a3 0e 26 e8 3b 2a c5 b9 e2 9e 1b 16 1e 5c 1f a7 42 5e 73 04 33 62 93 8b 98 24
emLen = 512
T = 30 31 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20 2c f2 4d ba 5f b0 a3 0e 26 e8 3b 2a c5 b9 e2 9e 1b 16 1e 5c 1f a7 42 5e 73 04 33 62 93 8b 98 24
PS = 04 06 02 00 33 ff ff ff
// 00010406020033ffffff003031300d0609608648016503040201050004202cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824
EM = 00 01 04 06 02 00 33 ff ff ff 00 30 31 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20 2c f2 4d ba 5f b0 a3 0e 26 e8 3b 2a c5 b9 e2 9e 1b 16 1e 5c 1f a7 42 5e 73 04 33 62 93 8b 98 24
// Signing
var fingerprint = Buffer.from('2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824','hex');
var id = Buffer.from([0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20]);
var allData = Buffer.concat([id, fingerprint]);
var signature = crypto.privateEncrypt(privateKey, allData); // crypto.constants.RSA_PKCS1_PADDING by default
// Verifying with createVerify
var verify = crypto.createVerify('RSA-SHA256');
verify.update('<the signed data>');
var verified = verify.verify(publicKey, signature); // provides true
// Verifying with publicDecrypt
var decryptedFingerprint = crypto.publicDecrypt(publicKey, Buffer.from(signature)).slice(-32); // provides fingerprint