1# 使用RSA密钥对签名验签(PSS模式)(ArkTS)
2
3
4对应的算法规格请查看[签名验签算法规格:RSA](crypto-sign-sig-verify-overview.md#rsa)。
5
6
7**签名**
8
9
101. 调用[cryptoFramework.createAsyKeyGeneratorBySpec](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreateasykeygeneratorbyspec10)、[AsyKeyGeneratorBySpec.generateKeyPair](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#generatekeypair-3),指定密钥参数,生成RSA非对称密钥对(KeyPair)。
11   如何生成RSA非对称密钥,开发者可参考下文示例,并结合[非对称密钥生成和转换规格:RSA](crypto-asym-key-generation-conversion-spec.md#rsa)和[指定密钥参数生成非对称密钥对](crypto-generate-asym-key-pair-from-key-spec.md)理解,参考文档与当前示例可能存在入参差异,请在阅读时注意区分。
12
132. 调用[cryptoFramework.createSign](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreatesign),指定字符串参数'RSA|PSS|SHA256|MGF1_SHA256',创建非对称密钥类型为不带长度的RSA、填充模式为PSS、摘要算法为SHA256、掩码算法为MGF1_SHA256的Sign实例,用于完成签名操作。
14
153. 调用[Sign.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-3),使用私钥(PriKey)初始化Sign实例。
16
174. 调用[Sign.setSignSpec](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#setsignspec10),设置签名参数。此处设置盐值的长度(SignSpecItem.PSS_SALT_LEN_NUM)为32字节。在验签时将校验此数据。
18
195. 调用[Sign.getSignSpec](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#getsignspec10),获取其他签名参数。
20
216. 调用[Sign.update](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#update-3),传入待签名的数据。
22   当前单次update长度没有限制,开发者可以根据数据量判断如何调用update。
23
247. 调用[Sign.sign](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#sign-1),生成数据签名。
25
26
27**验签**
28
29
301. 调用[cryptoFramework.createVerify](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreateverify),指定字符串参数'RSA2048|PSS|SHA256|MGF1_SHA256',创建非对称密钥类型为RSA2048、填充模式为PSS、摘要算法为SHA256、掩码算法为MGF1_SHA256的Verify实例,用于完成验签操作。
31
322. 调用[Verify.setVerifySpec](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#setverifyspec10),设置签名参数。需要与签名时设置的保持一致。
33
343. 调用[Verify.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-5),使用公钥(PubKey)初始化Verify实例。
35
364. 调用[Verify.update](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#update-5),传入待验证的数据。
37   当前单次update长度没有限制,开发者可以根据数据量判断如何调用update。
38
395. 调用[Verify.verify](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#verify-1),对数据进行验签。
40
41- 异步方法示例:
42
43  ```ts
44  import { cryptoFramework } from '@kit.CryptoArchitectureKit';
45  import { buffer } from '@kit.ArkTS';
46  // 根据密钥参数属性构造RSA非对称密钥对密钥参数
47  function genRsaKeyPairSpec(nIn: bigint, eIn: bigint, dIn: bigint) {
48    let rsaCommSpec: cryptoFramework.RSACommonParamsSpec = {
49      n: nIn,
50      algName: "RSA",
51      specType: cryptoFramework.AsyKeySpecType.COMMON_PARAMS_SPEC
52    };
53    let rsaKeyPairSpec: cryptoFramework.RSAKeyPairSpec = {
54      params: rsaCommSpec,
55      sk: dIn,
56      pk: eIn,
57      algName: "RSA",
58      specType: cryptoFramework.AsyKeySpecType.KEY_PAIR_SPEC
59    };
60    return rsaKeyPairSpec;
61  }
62  // 生成RSA2048密钥对参数
63  function genRsa2048KeyPairSpec(): cryptoFramework.RSAKeyPairSpec {
64    let nIn = BigInt("0x9260d0750ae117eee55c3f3deaba74917521a262ee76007cdf8a56755ad73a1598a1408410a01434c3f5bc54a88b57fa19fc4328daea0750a4c44e88cff3b2382621b80f670464433e4336e6d003e8cd65bff211da144b88291c2259a00a72b711c116ef7686e8fee34e4d933c868187bdc26f7be071493c86f7a5941c3510806ad67b0f94d88f5cf5c02a092821d8626e8932b65c5bd8c92049c210932b7afa7ac59c0e886ae5c1edb00d8ce2c57633db26bd6639bff73cee82be9275c402b4cf2a4388da8cf8c64eefe1c5a0f5ab8057c39fa5c0589c3e253f0960332300f94bea44877b588e1edbde97cf2360727a09b775262d7ee552b3319b9266f05a25");
65    let eIn = BigInt("0x010001");
66    let dIn = BigInt("0x6a7df2ca63ead4dda191d614b6b385e0d9056a3d6d5cfe07db1daabee022db08212d97613d3328e0267c9dd23d787abde2afcb306aeb7dfce69246cc73f5c87fdf06030179a2114b767db1f083ff841c025d7dc00cd82435b9a90f695369e94df23d2ce458bc3b3283ad8bba2b8fa1ba62e2dce9accff3799aae7c840016f3ba8e0048c0b6cc4339af7161003a5beb864a0164b2c1c9237b64bc87556994351b27506c33d4bcdfce0f9c491a7d6b0628c7c852be4f0a9c3132b2ed3a2c8881e9aab07e20e17deb074691be677776a78b5c502e05d9bdde72126b3738695e2dd1a0a98a14247c65d8a7ee79432a092cb0721a12df798e44f7cfce0c498147a9b1");
67    return genRsaKeyPairSpec(nIn, eIn, dIn);
68  }
69
70  async function verifyMessagePSS() {
71    // 完整的明文被拆分为input1和input2
72    let plan1 = "This is Sign test plan1";
73    let plan2 = "This is Sign test plan2";
74    let input1: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(plan1, 'utf-8').buffer) };
75    let input2: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(plan2, 'utf-8').buffer) };
76    // 获得RSA密钥对密钥参数对象
77    let rsaKeyPairSpec = genRsa2048KeyPairSpec();
78    // 构造RSA密钥对生成器
79    let rsaGeneratorSpec = cryptoFramework.createAsyKeyGeneratorBySpec(rsaKeyPairSpec);
80    // sign和verfiy均支持RSA密钥带长度/不带长度的写法
81    let signer = cryptoFramework.createSign("RSA|PSS|SHA256|MGF1_SHA256");
82    let verifyer = cryptoFramework.createVerify("RSA2048|PSS|SHA256|MGF1_SHA256");
83    let keyPair = await rsaGeneratorSpec.generateKeyPair();
84    await signer.init(keyPair.priKey);
85    // 在签名初始化后,对PSS参数进行set和get操作
86    let setN = 32;
87    signer.setSignSpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM, setN);
88    let saltLen = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM);
89    console.info("SaltLen == " + saltLen);
90    let tf = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_TRAILER_FIELD_NUM);
91    console.info("trailer field == " + tf);
92    let md = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_MD_NAME_STR);
93    console.info("md == " + md);
94    let mgf = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_MGF_NAME_STR);
95    console.info("mgf == " + mgf);
96    let mgf1Md = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_MGF1_MD_STR);
97    console.info("mgf1Md == " + mgf1Md);
98    await signer.update(input1);
99    let signMessageBlob = await signer.sign(input2);
100    // 在验签初始化前,对PSS参数进行set和get操作
101    verifyer.setVerifySpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM, setN);
102    saltLen = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM);
103    console.info("SaltLen == " + saltLen);
104    tf = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_TRAILER_FIELD_NUM);
105    console.info("trailer field == " + tf);
106    md = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_MD_NAME_STR);
107    console.info("md == " + md);
108    mgf = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_MGF_NAME_STR);
109    console.info("mgf == " + mgf);
110    mgf1Md = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_MGF1_MD_STR);
111    await verifyer.init(keyPair.pubKey);
112    await verifyer.update(input1);
113    let verifyResult = await verifyer.verify(input2, signMessageBlob);
114    if (verifyResult == true) {
115      console.info('verify success');
116    } else {
117      console.error('verify failed');
118    }
119  }
120  ```
121
122
123- 同步方法示例:
124
125  ```ts
126  import { cryptoFramework } from '@kit.CryptoArchitectureKit';
127  import { buffer } from '@kit.ArkTS';
128  // 根据密钥参数属性构造RSA非对称密钥对密钥参数
129  function genRsaKeyPairSpec(nIn: bigint, eIn: bigint, dIn: bigint) {
130    let rsaCommSpec: cryptoFramework.RSACommonParamsSpec = {
131      n: nIn,
132      algName: "RSA",
133      specType: cryptoFramework.AsyKeySpecType.COMMON_PARAMS_SPEC
134    };
135    let rsaKeyPairSpec: cryptoFramework.RSAKeyPairSpec = {
136      params: rsaCommSpec,
137      sk: dIn,
138      pk: eIn,
139      algName: "RSA",
140      specType: cryptoFramework.AsyKeySpecType.KEY_PAIR_SPEC
141    };
142    return rsaKeyPairSpec;
143  }
144  // 生成RSA2048密钥对参数
145  function genRsa2048KeyPairSpec(): cryptoFramework.RSAKeyPairSpec {
146    let nIn = BigInt("0x9260d0750ae117eee55c3f3deaba74917521a262ee76007cdf8a56755ad73a1598a1408410a01434c3f5bc54a88b57fa19fc4328daea0750a4c44e88cff3b2382621b80f670464433e4336e6d003e8cd65bff211da144b88291c2259a00a72b711c116ef7686e8fee34e4d933c868187bdc26f7be071493c86f7a5941c3510806ad67b0f94d88f5cf5c02a092821d8626e8932b65c5bd8c92049c210932b7afa7ac59c0e886ae5c1edb00d8ce2c57633db26bd6639bff73cee82be9275c402b4cf2a4388da8cf8c64eefe1c5a0f5ab8057c39fa5c0589c3e253f0960332300f94bea44877b588e1edbde97cf2360727a09b775262d7ee552b3319b9266f05a25");
147    let eIn = BigInt("0x010001");
148    let dIn = BigInt("0x6a7df2ca63ead4dda191d614b6b385e0d9056a3d6d5cfe07db1daabee022db08212d97613d3328e0267c9dd23d787abde2afcb306aeb7dfce69246cc73f5c87fdf06030179a2114b767db1f083ff841c025d7dc00cd82435b9a90f695369e94df23d2ce458bc3b3283ad8bba2b8fa1ba62e2dce9accff3799aae7c840016f3ba8e0048c0b6cc4339af7161003a5beb864a0164b2c1c9237b64bc87556994351b27506c33d4bcdfce0f9c491a7d6b0628c7c852be4f0a9c3132b2ed3a2c8881e9aab07e20e17deb074691be677776a78b5c502e05d9bdde72126b3738695e2dd1a0a98a14247c65d8a7ee79432a092cb0721a12df798e44f7cfce0c498147a9b1");
149    return genRsaKeyPairSpec(nIn, eIn, dIn);
150  }
151
152  function verifyMessagePSS() {
153    // 完整的明文被拆分为input1和input2
154    let plan1 = "This is Sign test plan1";
155    let plan2 = "This is Sign test plan2";
156    let input1: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(plan1, 'utf-8').buffer) };
157    let input2: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(plan2, 'utf-8').buffer) };
158    // 获得RSA密钥对密钥参数对象
159    let rsaKeyPairSpec = genRsa2048KeyPairSpec();
160    // 构造RSA密钥对生成器
161    let rsaGeneratorSpec = cryptoFramework.createAsyKeyGeneratorBySpec(rsaKeyPairSpec);
162    // sign和verfiy均支持RSA密钥带长度/不带长度的写法
163    let signer = cryptoFramework.createSign("RSA|PSS|SHA256|MGF1_SHA256");
164    let verifyer = cryptoFramework.createVerify("RSA2048|PSS|SHA256|MGF1_SHA256");
165    let keyPair = rsaGeneratorSpec.generateKeyPairSync();
166    signer.initSync(keyPair.priKey);
167    // 在签名初始化后,对PSS参数进行set和get操作
168    let setN = 32;
169    signer.setSignSpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM, setN);
170    let saltLen = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM);
171    console.info("SaltLen == " + saltLen);
172    let tf = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_TRAILER_FIELD_NUM);
173    console.info("trailer field == " + tf);
174    let md = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_MD_NAME_STR);
175    console.info("md == " + md);
176    let mgf = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_MGF_NAME_STR);
177    console.info("mgf == " + mgf);
178    let mgf1Md = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_MGF1_MD_STR);
179    console.info("mgf1Md == " + mgf1Md);
180    signer.updateSync(input1);
181    let signMessageBlob = signer.signSync(input2);
182    // 在验签初始化前,对PSS参数进行set和get操作
183    verifyer.setVerifySpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM, setN);
184    saltLen = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM);
185    console.info("SaltLen == " + saltLen);
186    tf = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_TRAILER_FIELD_NUM);
187    console.info("trailer field == " + tf);
188    md = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_MD_NAME_STR);
189    console.info("md == " + md);
190    mgf = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_MGF_NAME_STR);
191    console.info("mgf == " + mgf);
192    mgf1Md = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_MGF1_MD_STR);
193    verifyer.initSync(keyPair.pubKey);
194    verifyer.updateSync(input1);
195    let verifyResult = verifyer.verifySync(input2, signMessageBlob);
196    if (verifyResult == true) {
197      console.info('verify success');
198    } else {
199      console.error('verify failed');
200    }
201  }
202  ```