RSA签名功能问题
|
我正在使用RSA sign()函数来为私有流生成签名的URL。我当时在测试PHP代码,但想在Flex中重新编码。这是PHP代码的一部分:
function getCannedPolicy($resource, $expires, $key, $privatekeyfile){
$priv_key = file_get_contents($privatekeyfile);
$pkeyid = openssl_get_privatekey($priv_key);
$policy_str = \'{\"Statement\":[{\"Resource\":\"\'.$resource.\'\",\"Condition\":{\"DateLessThan\":{\"AWS:EpochTime\":\'.$expires.\'}}}]}\';
$policy_str = trim( preg_replace( \'/\\s+/\', \'\', $policy_str ) );
$res = openssl_sign($policy_str, $signature, $pkeyid, OPENSSL_ALGO_SHA1);
$signature_base64 = (base64_encode($signature));
$repl = array(\'+\' => \'-\',\'=\' => \'_\',\'/\' => \'~\');
$signature_base64 = strtr($signature_base64,$repl);
$url = $resource . \'?Expires=\'.$expires. \'&Signature=\' . $signature_base64 . \'&Key-Pair-Id=\'. $key;
return $url;
}
我在Flex中编写了相同的函数。这是代码:
private function getCannedPolicy(resource:String, expires:uint, key:String, privatekey:String):String{
var unsigned:String = \'{\"Statement\":[{\"Resource\":\"\' +resource+ \'\",\"Condition\":{\"DateLessThan\":{\"AWS:EpochTime\":\' +expires+ \'}}}]}\';
var signed:String = \'\';
var signature:String = \'\';
var regex:RegExp = /\\s+/g;
unsigned = unsigned.replace(regex,\'\');
var src:ByteArray = new ByteArray();
src.writeUTFBytes(unsigned);
var dst:ByteArray = new ByteArray();
var hash:SHA1 = new SHA1();
src = hash.hash(src);
var rsa:RSAKey = PEM.readRSAPrivateKey(privatekey);
trace(rsa.dump());
rsa.sign(src, dst, src.length);
dst.position = 0;
signature = Base64.encodeByteArray(dst);
signature = signature.split(\"+\").join(\"-\");
signature = signature.split(\"=\").join(\"_\");
signature = signature.split(\"\\/\").join(\"~\");
signed = resource+\'?Expires=\' +expires+ \'&Signature=\' +signature+ \'&Key-Pair-Id=\' +key;
return signed;
}
这两个函数(PHP和Flex)的输出格式相同。但是,当我使用Flex函数中的签名URL时,该流不起作用。
我用于openssl_sign()php函数的替代方法是as3crypto库中的sign()函数。也许这是问题所在?也许加密是不同的。
没有找到相关结果
已邀请:
1 个回复
门锑腺潮