以前一直是认为,数字签名就是私钥加密,验签就是公钥解密,后来老师提示说并不完全是这样,具体原因当时没记住...
搜了一些资料,http://www.ietf.org/rfc/rfc3279.txt
2.2节提到了:
2.2 Signature Algorithms Certificates and CRLs conforming to [RFC 3280] may be signed with any public key signature algorithm. The certificate or CRL indicates the algorithm through an algorithm identifier which appears in the signatureAlgorithm field within the Certificate or CertificateList. This algorithm identifier is an OID and has optionally associated parameters. This section identifies algorithm identifiers and parameters that MUST be used in the signatureAlgorithm field in a Certificate or CertificateList. Signature algorithms are always used in conjunction with a one-way hash function. This section identifies OIDS for RSA, DSA, and ECDSA. The contents of the parameters component for each algorithm vary; details are provided for each algorithm. The data to be signed (e.g., the one-way hash function output value) is formatted for the signature algorithm to be used. Then, a private key operation (e.g., RSA encryption) is performed to generate the signature value. This signature value is then ASN.1 encoded as a BIT STRING and included in the Certificate or CertificateList in the signature field.
看了才知道,原来以前的理解是不完整的,数字签名其实是经历了哈希算法,RSA私钥加密,编码为位串类型。并不能简单等同与只有私钥加密。
随后继续搜了一些
http://www.faqs.org/rfcs/rfc2313.html
这个更具体了。
10.1 Signature process The signature process consists of four steps: message digesting, data encoding, RSA encryption, and octet-string-to-bit-string conversion. The input to the signature process shall be an octet string M, the message; and a signer's private key. The output from the signature process shall be a bit string S, the signature.详细的说了包含四个过程:消息摘要,数据BER编码,RSA加密,字节串转为串 、
10.2 Verification process The verification process for both signature algorithms consists of four steps: bit-string-to-octet-string conversion, RSA decryption, data decoding, and message digesting and comparison. The input to the verification process shall be an octet string M, the message; a signer's public key; and a bit string S, the signature. The output from the verification process shall be an indication of success or failure.这里说了验签过程也是四个部分:位串转为字节串,RSA解密,数据BER解码,计算消息摘要并对比。