所以我从Java得到的签名与我在openssl中获得的签名不匹配。 以下是我正在做的事情的一个例子:
在使用openssl的终端中,我正在这样做。
echo +pkCdYME5SzI7A2PV0r8/8FqYGZyvTp+4DoGkdaMYRs= hash
openssl dgst -sha256 -sign "private.key" -out hash.sha256 hash
base64 < hash.sha256 > hash.bin
cat hash.bin
results posted below
Java代码:(哈希与我用于openssl的代码匹配)
private String createSignature(String hash) throws ProductException {
try {
Signature privateSignature = Signature.getInstance("SHA256withRSA");
privateSignature.initSign(getPrivateKey());
privateSignature.update(hash.getBytes(UTF_8));
byte[] signature = privateSignature.sign();
String result = Base64.encodeBase64String(signature);
System.out.println(result); //THIS RESULT SHOULD MATCH BUT DOESN'T
return result;
} catch (NoSuchAlgorithmException | SignatureException | InvalidKeyException e) {
throw new ProductException(Codes.AUTHENTICATION_ERROR, e);
}
}
private PrivateKey getPrivateKey() throws ProductException {
try {
String key = IOUtils.toString(this.getClass().getResourceAsStream("private.key"));
PemObject pem = new PemReader(new StringReader(key)).readPemObject();
byte[] content = pem.getContent();
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PKCS8EncodedKeySpec ks = new PKCS8EncodedKeySpec(content);
return keyFactory.generatePrivate(ks);
} catch (IOException | NoSuchAlgorithmException | InvalidKeySpecException e) {
throw new ProductException(Codes.AUTHENTICATION_ERROR, e);
}
}
请帮忙! 我已经搜索了互联网,我不知道我做错了什么。
我的 openssl 签名 = O8DRek17ySzz+p2N8brH/9CdY3b+GN5bnyaTtn+ZP3SDIBvtqkk/lp+zb1BZ80a6xCIID8CTjNU+/svrV/q/rXEqEQc3jk3ZVUo0RJB52rgW26EQWyieAdqRlIbQqPhaCIrpWrs+WImGk7cPnkTEueIm+EzxG8ptjF5cAZH3lustVLt8SM9sXjQJzxzMgF2g0XN+1GQniAdWT/oNJXv0ZG7PSFACfcoSTSdN4wHkVAG4/PF/d6H+M5eTkEu6NhXfbfBBtavGmBiDgM6FPFDJ4r+2Rzvc/vpSiglUUQgxD58PTH47Y8xMc4t4/yahrchi2if2cJ7e89RBb1IHNus+eB8zPS0MHBn2OWDUM66P1KRanwzebDfg08VhRbW8zVnmNUNzXxAdCWa3kwsDe7hx+36oHfJwoyqIFwjJi8TKZm0JLKMf0SaLh/6zK0bIdgoXw23AfJni1ewmUqZbpE6Q4A0TgxaJg1aozb06l7Nb523FqV6ScRZ0wJK3s51Dduy5j1V1jt0+YYd+0zACyYfr5a+vypEygzsZ2Rzu3Q/l4VoPlZF2dr50TLnbhTvFnyK9mvc0zaTmsuHI5UJAbcpFBTXiDWb0DoWo4PkHRVFPvIMai37UxW4c5V0ybchlQHrEKYQ8NigYHGX5j8GsFhZJgg73Het1YwoWdsz1PksoYTY=
我的 Java 签名 = 8dKc1otqL+thKQ7yTPeHX7T5fuOgv6PmHvlP5QyEHEXZILwD/234polMSs20i4na9wCuUdcSA+mHEKpY7Dkyd8VLTcZZ8RC8AlPE5bvzXc/uZhyPpBuSA7mDDOARbg3mx5usq4ythdqxj6OvdOBAJXXFB6Jc/c1XVd8IxDnRJoz5MlwxZIp94TAyW11QbMGNZuzcbsdEdsBuXU1MR4gzVfMLJjMcIM3YTtsP3bktsPAs5W2Asp9lDg5GuIOgWgXpTlj3VY6NF64SCI1tY4LhE7zq16YXQ6ykJ490YSVX5J9z+cDvZcVgfvgKCZuk4wgnXo6PbE4Wm4FDuzu35DEQi9Y5EEHzXlb5aNFQP3S6lumyfqOCmZlQcNVS53ur1fY4P8cnOuHZelyYS1Dw54q0SDCjFuANK2Ltl8rIZOZQWbg6jo45HbpaHUgt1NMkmj/UC/rLSnofa/YYbcJ2YZbqUdyX/yTBlzEuLR0/4Bgv9zvBw8HI0h3icv7/1NYaKo/eBSki6HNyDh2pDWX6IHQTFMzdFKeoXVAQLfaJREIpMPu+rDExI6Ozl0r9D61fY+XtMrptGNTFzf1h4cwUAZAC737Ahc6qsr+jQkDWDJt6oJbgziNE4C2JZriRtvRDACpryt6MGH1QnYPGYfCVs/xSxaYEtGJsjRRkG+lkpojcJ+A=
您的问题很可能来自使用echo准备签名函数的输入。 默认情况下,echo在其输出的任何内容后附加换行符,并且表示它的字节会弄乱签名。
尝试跳过换行符echo -n,看看它是否有效。