Preface:
Recent development projects inadvertently used SHA1withRSA signature algorithm, throughout the Baidu, less information, through the source code example query method of use, some understanding of this, all this summary.
SHA1WithRSA: Uses the SHA algorithm for signature and RSA algorithm for encryption.
This section does not introduce SHA and RSA algorithms in detail, but simply describes how to use SHA1withRSA to enter data into the signature algorithm.
The main use of the JSRsasign library, very powerful.
Step 1: First generate the secret key pair (either automatically or in the background)
As a front end we do not need to understand how to generate a secret key, not Baidu search. Provide a url web.chacuo.net/netrsakeypa here…
Here we have the public and private keys, for example:
Note that both public and private keys must have a header and a tail.
Public key:
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCU4aJUKL4FKuMQ6WMt3slH8uoh
w4Agrd5sBA6iXKZFyAosdMfwn/CB64xwVnZSUeHYzTKlAkGYACOY9JWp/K3eHTXV
80oY98FwZmcVpM5y5YTfTvW/zT4kZ9eF1EFrfixX2t2vLKuXH/2Pd78+284kl2SB
batPq/N/du/1Ruq0PwIDAQAB
-----END PUBLIC KEY-----
Copy the code
The private key:
-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJTholQovgUq4xDp
Yy3eyUfy6iHDgCCt3mwEDqJcpkXICix0x/Cf8IHrjHBWdlJR4djNMqUCQZgAI5j0
lan8rd4dNdXzShj3wXBmZxWkznLlhN9O9b/NPiRn14XUQWt+LFfa3a8sq5cf/Y93
vz7bziSXZIFtq0+r83927/VG6rQ/AgMBAAECgYBWpKlPyRYs87SJlwl9HHaPRLM1
Sw0593XF7uaFXt31JmGlVaE2TB4vveFRT0A00Cpbfa/Hj/SUfSA6V7zx3HdiNOoS
O23s4ean0fraK4vGuyXL/LtAWAE37X59ciLnZCmGxpEr6PmvbIyxRHG0zZFwfr4G
Tr2BlpYpBJ7iMxM1wQJBAMNdbe+E8Rx3sT3VZcdQ3JGOlBdylCrVb09mu5dmcwxu
dCNxUjwt175GRMmW/6Ql384CqYE19r50INFaI/TJFdcCQQDDFuNtT3MxzAD8kslo
qO6jx2wW18ogNdtc9+zlFd2hBAZZshlEVAW8iyQCyll65cqf/egN8I1/ElBfIrMM
qjfZAkBepXbLITbGOd5uPGIQi8Yv5kksit/pWHmSmAytrn5yOVieixnx+auZjOVq
XHMBDTA91+BSrtgZMJ1tjyP4RSsFAkBSw3QKXKlXF9/XRwKRFxHeg2zUqAlE7vQ4
Fan3afZTJ9z10nurpCWm3jSRxnx9id0TUOlQeJveq8tTAOqK1e/JAkEApLGftZP7
6EVr0sz2z4FnuAtp7YmbDxA7nKLKNYjolLyrw5gM+mGIcYAyxfPUz+ddTNtdfuh0
sjFkxWcUVBWYnQ==
-----END PRIVATE KEY-----Copy the code
Step 2: Use the private key to check the data
import Jsrsasign,{KJUR,hex2b64} from 'jsrsasign'; // Sign the URL with your private keyexport functionSignature (URL){// Private key signaturelet privateKey = '-----BEGIN PRIVATE KEY-----MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAKpHfFmxCZuMHDoeNod+TTSeE4Y6TusQ8UB4kquw0kQDQfNTpuEP0Y2o0Oc6TPI7 F4zJsy266bWp3zznvOlLXwObFcz1aAGXHHOybgu4ma+nwYvX5/9R2HRaExTPABe9GjhpMPLWWoJAsCLHm3J0tzMVI7rq1bcMD3c4lI3omdXhAgMBAAECgYEA ibVAWqTzWSlplpLilJdPRvNkZNR5CF/uS653J4Tbt4dO6cNIHZGWblMNh0K+AdRKSmDAmIYmBfW4hWAAhkefMU+eHP4fzPZ1D/FC7EMceRCYmfQZST30QBEj 93Qb8qhlP9bn/KZ3UGdrEHTERGOEaV5cmJT15iJx7jbyz/YNRsECQQDhm4j6ii+b7PuLCGz49Ajv3WxMH/TlZFWaWjsIHjrA1moSiCN4zeLZOfEhpQzKz8li MDrotbBoo+lIxYxdFHGJAkEAwTfbwUTBB/h3k9pE7suA/XcnUHPA/ZJNpHc2LSDwyr9FlonNjUzBQnTAFrQAeWQ0LsGjoyJTGN5UME4GBypjmQJAOHTDgm6y G0Lib5hcLLBkzCGMyD/2+LBy+3046H8oFLmTMa//sGtVKSbmwJSc7uOwcXHATBurWYQrDJri1SgYgQJBAIAXfukuomWdU/DB18cTRI1ES9zrEDtKnYx1t4XN e7R9fy2gZ5PQGaLr8VhbtqDDTFDe8JO6sqoe4mMvppFjiakCQC099wyiYfj8edUGmKRlWI4lGkckj0pKpwiIeVJ0fzAvhHzGTvySIj0fngqKy6bs4GnDNJQo Q4UnPRi7srC0voA=-----END PRIVATE KEY-----';
let sig = new KJUR.crypto.Signature({"alg": "SHA1withRSA"."prov": "cryptojs/jsrsa"."prvkeypem": privateKey});
sign = hex2b64(sign);
return sign;
};Copy the code
Using es6 syntax, it should be easier to understand.
The URL is the data you need to check, and hex2b64 converts the result to Base64 format.
So I get sign.
Step 3: Verify the signature using the public key
import Jsrsasign,{KJUR,hex2b64} from 'jsrsasign'; // Check the signature with the public keyexport function verify(url,data) {
try {
let publicKey = '-----BEGIN PUBLIC KEY-----MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCEO23dYaK65jtxrtBHoT8nVlfw3kGw6fAJBJ5GuFL01QQ1yI42Fl+3fxHJauZiMoXBbB+WdeBh 4iypp9U9cXLuf5UldNOFKY667sy4HLSYyB6GcLrSpEutRSTbMC2wwu2YOQt73cUob9li2usF/+p8EuJ++unySr5V151lqCJrxwIDAQAB-----END PUBLIC KEY-----';
let sig = new KJUR.crypto.Signature({"alg": "SHA1withRSA"."prov": "cryptojs/jsrsa"."prvkeypem": publicKey});
sig.updateString(url);
let result = sig.verify(data);
returnresult; } catch(e) { console.error(e); }};Copy the code
Url: signed data,
Data: indicates the signature obtained after signing.
The main method is verify.
Conclusion: If you have any questions or errors check out the Github resources for examples. Github address: github.com/kjur/jsrsas… .
Please point out any questions.