Kotlinでopensslで生成した鍵を元に署名を検証する

#Kotlin #openssl

「OpenSSLで生成したRSA鍵をJavaで読み込む - unhurried」の内容をKotlinに移植しただけ。

code:bash

# PEM形式の秘密鍵を生成する

openssl genrsa -out private_key.pem 2048

# PKC8/DER形式に変換する

openssl pkcs8 -in private_key.pem -topk8 -nocrypt -outform DER -out private_key.pk8

# DER形式の公開鍵を生成する

openssl rsa -in private_key.pem -pubout -outform DER -out public_key.der

code:kt

import java.nio.file.Files

import java.nio.file.Paths

import java.security.KeyFactory

import java.security.Signature

import java.security.spec.PKCS8EncodedKeySpec

import java.security.spec.X509EncodedKeySpec

import java.util.*

fun base64Encode(bytes: ByteArray): String =

Base64.getEncoder().encodeToString(bytes)

fun base64Decode(str: String): ByteArray =

Base64.getDecoder().decode(str)

// (base: http://unhurried.hatenablog.com/entry/openssl_java_rsa_key)

// (base: https://www.erestage.com/develop/java_sha256_rsa/)

fun main() {

val publicKey = run {

val publicKeyDerBytes = Files.readAllBytes(Paths.get("public_key.der"))

val keySpec = X509EncodedKeySpec(publicKeyDerBytes)

KeyFactory.getInstance("RSA").generatePublic(keySpec)

}

println("public key: ${publicKey}")

val privateKey = run {

val privateKeyPk8Bytes = Files.readAllBytes(Paths.get("private_key.pk8"))

val keySpec = PKCS8EncodedKeySpec(privateKeyPk8Bytes)

KeyFactory.getInstance("RSA").generatePrivate(keySpec)

}

println("private key: ${privateKey}")

// Data

val message = "hello, world"

// Sign

val signer = Signature.getInstance("SHA256withRSA")

signer.initSign(privateKey)

signer.update(message.toByteArray())

val sign: ByteArray = signer.sign()

println("signature: ${base64Encode(sign)}")

// Verify

val verifier = Signature.getInstance("SHA256withRSA")

verifier.initVerify(publicKey)

verifier.update(message.toByteArray())

val result: Boolean = verifier.verify(sign)

println("verified: $result")

}

code:実行例

public key: Sun RSA public key, 2048 bits

modulus: 25588896105080581762112563158451388834763229940010110451175705766869777451701981290885053309419204073186689905686378304420337274610195622752620815683549964252761668705536728764896545692264645052364968230602944593753804229003959607160182128070476804906642503052616972100001372976467904830962009439914568060013564808199403765812526297264642120321002188814175445675626164298499710547598396871022312153217006838716403691635310441764626385098828634692712502890939661511138370120824920782212774832609955724895501212302471767999444898135713483579429338722727391385296145782875126470231274223553630458995175491786919704185081

public exponent: 65537

private key: sun.security.rsa.RSAPrivateCrtKeyImpl@ffd2368b

signature: yJc0i9mz/C7F9nM4NW3PJYktGkdJ0PRakwmq7BiyDC7VnJjtKeNyueDyr2JfRFeb6zruEmayKrXL4oG25nvTPRiQ/r1NuMFmn3HJMAqjfs0CZ9FkqhukO0gj8I+0WfPQPfu2seVHbNSmFAPFHk67j6M2LGzvxLYsliY3qXNNkkiXsQA4Zhlj6dtleTY+YhTmkQ60xJeQ9JVXyVmHlGYhR2GiNawE2c14dHgEflzZa6y9w3OfM8cUyfHaNiYDka9ILN+nNq4asx9AspDC5cZjCTwY6AydisfSbAI3xY9U2mojcWERiLx6+hR38Fqbftz8hLATwwE9Vi+giEAqbWRQ1g==

verified: true