Js is signed with SHA1withRSA

Preface:

Recent development projects inadvertently used SHA1withRSA signature algorithm, throughout the Baidu, less information, through the source code example query method of use, some understanding of this, all this summary.

SHA1WithRSA: Uses the SHA algorithm for signature and RSA algorithm for encryption.

This section does not introduce SHA and RSA algorithms in detail, but simply describes how to use SHA1withRSA to enter data into the signature algorithm.

The main use of the JSRsasign library, very powerful.

Step 1: First generate the secret key pair (either automatically or in the background)

As a front end we do not need to understand how to generate a secret key, not Baidu search. Provide a url web.chacuo.net/netrsakeypa here…

Here we have the public and private keys, for example:

Note that both public and private keys must have a header and a tail.

Public key:

The private key:

Step 2: Use the private key to check the data

import Jsrsasign,{KJUR,hex2b64} from 'jsrsasign'; // Sign the URL with your private keyexport functionSignature (URL){// Private key signaturelet privateKey = '-----BEGIN PRIVATE KEY-----MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAKpHfFmxCZuMHDoeNod+TTSeE4Y6TusQ8UB4kquw0kQDQfNTpuEP0Y2o0Oc6TPI7 F4zJsy266bWp3zznvOlLXwObFcz1aAGXHHOybgu4ma+nwYvX5/9R2HRaExTPABe9GjhpMPLWWoJAsCLHm3J0tzMVI7rq1bcMD3c4lI3omdXhAgMBAAECgYEA ibVAWqTzWSlplpLilJdPRvNkZNR5CF/uS653J4Tbt4dO6cNIHZGWblMNh0K+AdRKSmDAmIYmBfW4hWAAhkefMU+eHP4fzPZ1D/FC7EMceRCYmfQZST30QBEj 93Qb8qhlP9bn/KZ3UGdrEHTERGOEaV5cmJT15iJx7jbyz/YNRsECQQDhm4j6ii+b7PuLCGz49Ajv3WxMH/TlZFWaWjsIHjrA1moSiCN4zeLZOfEhpQzKz8li MDrotbBoo+lIxYxdFHGJAkEAwTfbwUTBB/h3k9pE7suA/XcnUHPA/ZJNpHc2LSDwyr9FlonNjUzBQnTAFrQAeWQ0LsGjoyJTGN5UME4GBypjmQJAOHTDgm6y G0Lib5hcLLBkzCGMyD/2+LBy+3046H8oFLmTMa//sGtVKSbmwJSc7uOwcXHATBurWYQrDJri1SgYgQJBAIAXfukuomWdU/DB18cTRI1ES9zrEDtKnYx1t4XN e7R9fy2gZ5PQGaLr8VhbtqDDTFDe8JO6sqoe4mMvppFjiakCQC099wyiYfj8edUGmKRlWI4lGkckj0pKpwiIeVJ0fzAvhHzGTvySIj0fngqKy6bs4GnDNJQo Q4UnPRi7srC0voA=-----END PRIVATE KEY-----';
  let sig = new KJUR.crypto.Signature({"alg": "SHA1withRSA"."prov": "cryptojs/jsrsa"."prvkeypem": privateKey}); 
  sign = hex2b64(sign); 
  return sign;
};Copy the code

Using es6 syntax, it should be easier to understand.

The URL is the data you need to check, and hex2b64 converts the result to Base64 format.

So I get sign.

Step 3: Verify the signature using the public key

import Jsrsasign,{KJUR,hex2b64} from 'jsrsasign'; // Check the signature with the public keyexport function verify(url,data) {
  try {
    let publicKey = '-----BEGIN PUBLIC KEY-----MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCEO23dYaK65jtxrtBHoT8nVlfw3kGw6fAJBJ5GuFL01QQ1yI42Fl+3fxHJauZiMoXBbB+WdeBh 4iypp9U9cXLuf5UldNOFKY667sy4HLSYyB6GcLrSpEutRSTbMC2wwu2YOQt73cUob9li2usF/+p8EuJ++unySr5V151lqCJrxwIDAQAB-----END PUBLIC KEY-----';
    let sig = new KJUR.crypto.Signature({"alg": "SHA1withRSA"."prov": "cryptojs/jsrsa"."prvkeypem": publicKey});
    sig.updateString(url);
    let result = sig.verify(data);
    returnresult; } catch(e) { console.error(e); }};Copy the code

Url: signed data,

Data: indicates the signature obtained after signing.

The main method is verify.

Conclusion: If you have any questions or errors check out the Github resources for examples. Github address: github.com/kjur/jsrsas… .

Please point out any questions.

Related Posts

React Basics

[Memory]_ Implement Queue Using Stacks

Continuous Integration of Front-end Docker + GitLab CI (II)