问题
the command line is
openssl pkeyutl -sign -inkey pkcs1.pem -pkeyopt digest:sha1 -in testlog
I want to realize it by java. But NONEwithRSA or SHA1withRSA neither give the same output. the NONEwithRSA's output is the same with
openssl pkeyutl -sign -inkey pkcs1.pem -in testlog
which has no -pkeyopt digest:sha1
the java code just like
Signature sign = Signature.getInstance(algorithm);
sign.initSign(privatekey);
sign.update(keyByte);
return sign.sign();
I don't know how to amend this.
thank's very much
What I really want to do is to implement the C function by Java
RSA_sign(NID_sha1, token, token_size, sig, &len, key->rsa)
which dose not hash the Plaintext
https://github.com/usb4java/usb4java-javax-examples/blob/97b95c80e8af87f935f736ed7b4f4a197d4643ac/src/main/java/org/usb4java/javax/examples/adb/Adb.java This can meet my needs.
回答1:
openssl pkeyutl -sign with an RSA private key and -pkeyopt digest:$alg does steps 2-5 of EMSA-PKCS1-v1_5 plus the private modexp (i.e. 8.2.1 step 2 using RSASP1 from 5.2.1); without that -pkeyopt it does not do step 2, which encodes the hash value in a simple ASN.1 structure.
The Java Signature algorithms that include a hash like SHA1withRSA do all steps of EMSA-PKCS1-v1_5 plus modexp, while the scheme NONEwithRSA does only steps 3-5 plus modexp, and neither of these matches what you want. If you can't supply the data to let Signature do the hashing, you'll need to do step 2 yourself and then NONEwithRSA. Although ASN.1 encoding in general can be complicated (and decoding even more so), this case can be done simply by concatenating a prefix determined entirely by the hash algorithm to the hash value; see note 1 on page 47.
Meta: there have been lots of Qs about the differences in RSA v1_5 signatures between openssl rsautl, pkeyutl with and without -pkeyopt digest, or dgst -sign and other systems like Java, all to do with the issue of including or not including the ASN.1 encoding step (and many of them older than rfc8017!) but I can't find any that is a good dupe for this Q.
来源:https://stackoverflow.com/questions/62955968/how-can-realize-openssl-pkeyutl-sign-by-java