我目前在使用 Crypto++ 签署/验证字符串时遇到问题。我已经尝试了这个网站上列出的方法几个月,但没有成功。我之前尝试过这里发布的 C 风格解决方案:http://www.cryptopp.com/wiki/Elliptic_Curve_Digital_Signature_Algorithm ,但目前正在使用过滤器进行实现。
我下面的尝试是对此处发布的解决方案的修改:Get ECDSA signature with Crypto++ .
以下代码输出错误:
错误:VerifierFilter:数字签名无效
ECDSA<ECP, SHA256>::PrivateKey privateKey;
ECDSA<ECP, SHA256>::PublicKey publicKey;
AutoSeededRandomPool prng, rrng;
privateKey.Initialize(prng, CryptoPP::ASN1::secp256k1());
privateKey.MakePublicKey(publicKey);
string signature;
signature.erase();
string message = "Do or do not. There is no try.";
StringSource(message, true,
new SignerFilter(rrng,
ECDSA<ECP, SHA256>::Signer(privateKey),
new StringSink(signature)));
try
{
StringSource(signature + message, true,
new SignatureVerificationFilter(
ECDSA<ECP, SHA256>::Verifier(publicKey), NULL,
SignatureVerificationFilter::THROW_EXCEPTION
) // SignatureVerificationFilter
); // StringSource
}
catch (CryptoPP::Exception& e)
{
std::cerr << "\n\nERROR: " << e.what() << std::endl;
}
感谢任何帮助,谢谢。
最佳答案
在长时间浏览 Wiki 之后,我想我可能偶然发现了解决方案。
http://www.cryptopp.com/wiki/SignatureVerificationFilter#Signature_Generation_and_Verification
In the example above, the filter receives a concatenation of message+signature. When SIGNATURE_AT_BEGIN is not specified in the constructor, SIGNATURE_AT_END is implied and the signature to be verified must be presented after the message. If the signature is inserted first, SIGNATURE_AT_BEGIN must be be specified as an additional flags value as shown below.
因为使用了THROW_EXCEPTION,所以signature和message必须互换,或者必须添加SIGNATURE_AT_BEGIN。在这种情况下,以下代码不会抛出异常。
StringSource ss(signature + message, true,
new SignatureVerificationFilter(
verifier, NULL,
THROW_EXCEPTION | SIGNATURE_AT_BEGIN
) // SignatureVerificationFilter
); // StringSource
关于c++ - ECDSA 未正确签名/验证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/28114798/