这两个代码提供相同的签名,这是预期的:
代码1:
from M2Crypto import RSA, EVP
import base64, hashlib
text = "some text"
pkey = EVP.load_key("mykey.pem") #"mykey.pem" was generated as: openssl genrsa -des3 -out mykey.pem 2048
pkey.sign_init()
pkey.sign_update(text)
signature = pkey.sign_final()
print base64.b64encode(signature)
代码2:
pkey = RSA.load_key("mykey.pem")
signature = pkey.sign(hashlib.sha1(text).digest())
print base64.b64encode(signature)
但是,如果我想“模仿”签名算法,即用私钥加密摘要,则会得到一个不同的签名,即:
pkey = RSA.load_key("mykey.pem")
signature = pkey.private_encrypt(hashlib.sha1(text).digest(), RSA.pkcs1_padding)
print base64.b64encode(signature) #different from the two above
您能提供一些解释吗?后一种签名方式有什么问题?