1# 使用ECDSA密钥对签名验签(ArkTS)
2
3
4对应的算法规格请查看[签名验签算法规格:ECDSA](crypto-sign-sig-verify-overview.md#ecdsa)。
5
6
7**签名**
8
9
101. 调用[cryptoFramework.createAsyKeyGenerator](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreateasykeygenerator)、[AsyKeyGenerator.generateKeyPair](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#generatekeypair-1),生成非对称密钥算法为ECC、密钥长度为256的密钥对(KeyPair)。
11
12   如何生成ECC非对称密钥,开发者可参考下文示例,并结合[非对称密钥生成和转换规格:ECC](crypto-asym-key-generation-conversion-spec.md#ecc)和[随机生成非对称密钥对](crypto-generate-asym-key-pair-randomly.md)理解,参考文档与当前示例可能存在入参差异,请在阅读时注意区分。
13
142. 调用[cryptoFramework.createSign](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreatesign),指定字符串参数'ECC256|SHA256',创建非对称密钥类型为ECC256、摘要算法为SHA256的Sign实例,用于完成签名操作。
15
163. 调用[Sign.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-3),使用私钥(PriKey)初始化Sign实例。
17
184. 调用[Sign.update](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#update-3),传入待签名的数据。
19   当前单次update长度没有限制,开发者可以根据数据量判断如何调用update。
20
215. 调用[Sign.sign](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#sign-1),生成数据签名。
22
23
24**验签**
25
26
271. 调用[cryptoFramework.createVerify](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreateverify),指定字符串参数'ECC256|SHA256',创建非对称密钥类型为ECC256、摘要算法为SHA256的Verify实例,用于完成验签操作。
28
292. 调用[Verify.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-5),使用公钥(PubKey)初始化Verify实例。
30
313. 调用[Verify.update](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#update-5),传入待验证的数据。
32   当前单次update长度没有限制,开发者可以根据数据量判断如何调用update。
33
344. 调用[Verify.verify](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#verify-1),对数据进行验签。
35
36
37- 异步方法示例:
38
39  ```ts
40  import { cryptoFramework } from '@kit.CryptoArchitectureKit';
41  import { buffer } from '@kit.ArkTS';
42  // 完整的明文被拆分为input1和input2
43  let input1: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("This is Sign test plan1", 'utf-8').buffer) };
44  let input2: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("This is Sign test plan2", 'utf-8').buffer) };
45  async function signMessagePromise(priKey: cryptoFramework.PriKey) {
46    let signAlg = "ECC256|SHA256";
47    let signer = cryptoFramework.createSign(signAlg);
48    await signer.init(priKey);
49    await signer.update(input1); // 如果明文较短,可以直接调用sign接口一次性传入
50    let signData = await signer.sign(input2);
51    return signData;
52  }
53  async function verifyMessagePromise(signMessageBlob: cryptoFramework.DataBlob, pubKey: cryptoFramework.PubKey) {
54    let verifyAlg = "ECC256|SHA256";
55    let verifier = cryptoFramework.createVerify(verifyAlg);
56    await verifier.init(pubKey);
57    await verifier.update(input1); // 如果明文较短,可以直接调用verify接口一次性传入
58    let res = await verifier.verify(input2, signMessageBlob);
59    console.info("verify result is " + res);
60    return res;
61  }
62  async function main() {
63    let keyGenAlg = "ECC256";
64    let generator = cryptoFramework.createAsyKeyGenerator(keyGenAlg);
65    let keyPair = await generator.generateKeyPair();
66    let signData = await signMessagePromise(keyPair.priKey);
67    let verifyResult = await verifyMessagePromise(signData, keyPair.pubKey);
68    if (verifyResult == true) {
69      console.info('verify success');
70    } else {
71      console.error('verify failed');
72    }
73  }
74  ```
75
76- 同步方法示例:
77
78  ```ts
79  import { cryptoFramework } from '@kit.CryptoArchitectureKit';
80  import { buffer } from '@kit.ArkTS';
81  // 完整的明文被拆分为input1和input2
82  let input1: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("This is Sign test plan1", 'utf-8').buffer) };
83  let input2: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("This is Sign test plan2", 'utf-8').buffer) };
84  function signMessagePromise(priKey: cryptoFramework.PriKey) {
85    let signAlg = "ECC256|SHA256";
86    let signer = cryptoFramework.createSign(signAlg);
87    signer.initSync(priKey);
88    signer.updateSync(input1); // 如果明文较短,可以直接调用sign接口一次性传入
89    let signData = signer.signSync(input2);
90    return signData;
91  }
92  function verifyMessagePromise(signMessageBlob: cryptoFramework.DataBlob, pubKey: cryptoFramework.PubKey) {
93    let verifyAlg = "ECC256|SHA256";
94    let verifier = cryptoFramework.createVerify(verifyAlg);
95    verifier.initSync(pubKey);
96    verifier.updateSync(input1); // 如果明文较短,可以直接调用verify接口一次性传入
97    let res = verifier.verifySync(input2, signMessageBlob);
98    console.info("verify result is " + res);
99    return res;
100  }
101  function main() {
102    let keyGenAlg = "ECC256";
103    let generator = cryptoFramework.createAsyKeyGenerator(keyGenAlg);
104    let keyPair = generator.generateKeyPairSync();
105    let signData = signMessagePromise(keyPair.priKey);
106    let verifyResult = verifyMessagePromise(signData, keyPair.pubKey);
107    if (verifyResult == true) {
108      console.info('verify success');
109    } else {
110      console.error('verify failed');
111    }
112  }
113  ```