开发者

How to make this RSA lib (with en/decryption functionality only(!)) sign something?

Or concrete - I am using this javascript RSA library for the client side code of my experimental project... I would like to be able to sign and verify messages (-> encrypt with private and decrypt with public key)

Is there a way to alter the key data in a w开发者_开发技巧ay that the algorithms for en/decrypting do it with the "reverse" key? I tried to swap e and d (because that is what it seemed to me from wikipedia the difference is) - for "signing" it worked (but I assume it was undecryptable garbage)... for "verifying" I tried to calculate d mod (p-1), d mod (q-1) and 1/q mod p with e instead of e for usage of the decryption algorithm for verification... but is it really what I think it is? If it was, I suppose it wouldn't have to be stored in the private key, because it would be very easy to calculate, having d, p and q...?

The point: If there is a way to feed a modified private key into the encryption algorighm for signing and the same for the counterpart - how do I do this? What modifications have to be done to the keys?


Look here: http://www.di-mgt.com.au/rsa_alg.html#signing


You can't.

Encryption and signatures have different paddings. Sometimes you see suggestions to encrypt the hash of your message to get a signature. However, this suggestion is bincorrect. It leads to something that is incompatible with correct signature schemes. Moreover, your implementation may be actually be insecure. RSA paddings have long history of flaws. Even standardization commitees don't always get it right.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜