What's the detail in "SHA1withRSA"?

java encryption rsa digital-signature sha1
14,026

The digital signature algorithm defined in PCKS#1 v15 makes a RSA encryption on digest algorithm identifier and the digest of the message encoded in ASN.1

signature = 
    RSA_Encryption( 
      ASN.1(DigestAlgorithmIdentifier  + SHA1(message) ))

See (RFC2313)

10.1 Signature process

The signature process consists of four steps: message digesting, data encoding, RSA encryption, and octet-string-to-bit-string conversion. The input to the signature process shall be an octet string M, the message; and a signer's private key. The output from the signature process shall be a bit string S, the signature.

So your rsaDecodeHex contains the algorithm identifier and the SHA1 digest of plainText

Share:
14,026
Jswq
Author by

Jswq

I graduated from the University Of Technology with a computer science Major.

Updated on June 26, 2022

Comments

  • Jswq
    Jswq almost 2 years

    Innocently, I thought "SHA1withRSA algorithm" was simply operating the plainText with "SHA1", and use RSA/pkcs1padding to encrypt the result of "SHA1"。However, I found I was wrong until I wrote some java code to test what I thought. I use RSA publickey to decrypt the signature which I use the corresponding privatekey to sign with "SHA1withRSA algorithm" . But I found the result is not equal to "SHA1(plainText)", below is my java code:

        String plaintext= "123456";
    Signature signature=Signature.getInstance("SHA1withRSA",new BouncyCastleProvider());
    signature.initSign(pemPrivatekey);
    signature.update(plaintext.getBytes());
    byte[] sign = signature.sign();
    //RSA decode
    byte[] bytes = RsaCipher.decryptByRsa(sign, pemPublickey);
    String rsaDecodeHex=Hex.toHexString(bytes);
    System.out.println(rsaDecodeHex.toLowerCase());

    String sha1Hex = Hash.getSha1(plaintext.getBytes());
    System.out.println(sha1Hex);
    //rsaDecodeHex!=sha1Hex

    Easy to find that rsaDecodeHex!=sha1Hex, where

    rsaDecodeHex=3021300906052b0e03021a050004147c4a8d09ca3762af61e59520943dc26494f8941b

    and

    sha1Hex=7c4a8d09ca3762af61e59520943dc26494f8941b 。

    So, What's the detail in "SHA1withRSA" ?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Using SHA1 and RSA with java.security.Signature vs. MessageDigest and Cipher
Extracting Private key from pkcs12 and text encryption
RSA/NONE/PKCS1Padding giving error as java.security.NoSuchAlgorithmException
how to do verify using java.security.Signature
javax.crypto.BadPaddingException: Decryption error
encrypting and decryption large file using rsa in java
java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException : DER input, Integer tag error
Java ssh-rsa string to public key
java.security.NoSuchAlgorithmException: RSA Signature not available
Bouncy Castle vs Java default RSA with OAEP