我们使用一个tuple { message, signature }存储签发的消息,当验证一个消息的时候,需要提供消息、签名和签名者的公共密钥。
这里的例子将使用FIPS 186-2规范中的数字签名标准。这个标准中描述了三个被认可的签名机制。我们将使用使用数字签名(Digital Signature (DS)) 算法,而不是与之对应的RSA digital signature algorithm (RSASS)或the Elliptic Curve digital signature algorithm (ECDSA)
This article will examine the second issue - understanding what will be (or has been) signed. As with the previous article, we examine the details of the process so that when things go wrong, we can understand why and then correct the issue. Topics to be visited in this article are as follows. Though the impact of strings and streams appear early, we visit the topic last.
* Digital Signatures
o Key Generation
o Message Signing
o Message Verification
* Signature Formats
o IEEE P1363
o DER Encoding
o OpenPGP
* Generating Keys, Signing, and Verifying
o Crypto++
o Java
o C#
* Strings and Streams
o Crypto++
o Java
o C#