1# 使用RSA密钥对(PKCS1模式)签名及签名恢复(ArkTS)
2
3
4对应的算法规格请查看[签名验签算法规格:RSA](crypto-sign-sig-verify-overview.md#rsa)。
5
6
7**签名**
8
9
101. 调用[cryptoFramework.createAsyKeyGenerator](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreateasykeygenerator)、[AsyKeyGenerator.generateKeyPair](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#generatekeypair-1),生成密钥算法为RSA、密钥长度为1024位、素数个数为2的非对称密钥对象(KeyPair),包括公钥(PubKey)和私钥(PriKey)。
11
12   如何生成RSA非对称密钥,开发者可参考下文示例,并结合[非对称密钥生成和转换规格:RSA](crypto-asym-key-generation-conversion-spec.md#rsa)和[随机生成非对称密钥对](crypto-generate-asym-key-pair-randomly.md)理解,参考文档与当前示例可能存在入参差异,请在阅读时注意区分。
13
142. 调用[cryptoFramework.createSign](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreatesign),指定字符串参数'RSA1024|PKCS1|SHA256|SignOnly',创建非对称密钥类型为RSA1024、填充模式为PKCS1、摘要算法为SHA256的Sign实例,用于完成仅签名操作。
15
163. 调用[Sign.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-3),使用私钥(PriKey)初始化Sign实例。
17
184. 调用[Sign.sign](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#sign-1),生成数据签名。
19
20
21**验签**
22
23
241. 调用[cryptoFramework.createVerify](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreateverify),指定字符串参数'RSA1024|PKCS1|SHA256|Recover',与签名的Sign实例保持一致。创建Verify实例,用于完成验签操作。
25
262. 调用[Verify.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-5),使用公钥(PubKey)初始化Verify实例。
27
283. 调用[Verify.recover](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#recover12),对数据进行签名恢复。
29
30- 异步方法示例:
31
32  ```ts
33  import { cryptoFramework } from '@kit.CryptoArchitectureKit';
34  import { buffer } from '@kit.ArkTS';
35  // 完整的明文被拆分为input1和input2
36  let input1: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("This is Sign test plan1", 'utf-8').buffer) };
37  async function signMessagePromise(priKey: cryptoFramework.PriKey) {
38    let signAlg = "RSA1024|PKCS1|NoHash|OnlySign";
39    let signer = cryptoFramework.createSign(signAlg);
40    await signer.init(priKey);
41    let signData = await signer.sign(input1);
42    return signData;
43  }
44  async function verifyMessagePromise(signMessageBlob: cryptoFramework.DataBlob, pubKey: cryptoFramework.PubKey) {
45    let verifyAlg = "RSA1024|PKCS1|NoHash|Recover";
46    let verifier = cryptoFramework.createVerify(verifyAlg);
47    await verifier.init(pubKey);
48    let rawSignData = await verifier.recover(signMessageBlob);
49    return rawSignData;
50  }
51  async function main() {
52    let keyGenAlg = "RSA1024";
53    let generator = cryptoFramework.createAsyKeyGenerator(keyGenAlg);
54    let keyPair = await generator.generateKeyPair();
55    let signData = await signMessagePromise(keyPair.priKey);
56    let rawSignData = await verifyMessagePromise(signData, keyPair.pubKey);
57    if (rawSignData != null) {
58      console.info('recover result: ' + rawSignData.data);
59    } else {
60      console.error("get verify recover result fail!");
61    }
62  }
63  ```
64
65- 同步方法示例:
66
67  ```ts
68  import { cryptoFramework } from '@kit.CryptoArchitectureKit';
69  import { buffer } from '@kit.ArkTS';
70  // 完整的明文被拆分为input1和input2
71  let input1: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from("This is Sign test plan1", 'utf-8').buffer) };
72  function signMessagePromise(priKey: cryptoFramework.PriKey) {
73    let signAlg = "RSA1024|PKCS1|NoHash|OnlySign";
74    let signer = cryptoFramework.createSign(signAlg);
75    signer.initSync(priKey);
76    let signData = signer.signSync(input1);
77    return signData;
78  }
79  function verifyMessagePromise(signMessageBlob: cryptoFramework.DataBlob, pubKey: cryptoFramework.PubKey) {
80    let verifyAlg = "RSA1024|PKCS1|NoHash|Recover";
81    let verifier = cryptoFramework.createVerify(verifyAlg);
82    verifier.initSync(pubKey);
83    let rawSignData = verifier.recoverSync(signMessageBlob);
84    return rawSignData;
85  }
86  function main() {
87    let keyGenAlg = "RSA1024";
88    let generator = cryptoFramework.createAsyKeyGenerator(keyGenAlg);
89    let keyPair = generator.generateKeyPairSync();
90    let signData = signMessagePromise(keyPair.priKey);
91    let rawSignData = verifyMessagePromise(signData, keyPair.pubKey);
92    if (rawSignData != null) {
93      console.info('recover result: ' + rawSignData.data);
94    } else {
95      console.error("get verify recover result fail!");
96    }
97  }
98  ```
99