我在 Java 中找到了使用 Bouncy Castle 的盲签名实现,并在我的 C# 项目中实现了它。但我需要在得到对方签名后才能解盲该消息。
这是我的代码:
class Program
{
public static AsymmetricCipherKeyPair generateKeys(int keySize)
{
RsaKeyPairGenerator r = new RsaKeyPairGenerator();
r.Init(new RsaKeyGenerationParameters(new BigInteger("10001", 16), new SecureRandom(),
keySize, 80));
AsymmetricCipherKeyPair keys = r.GenerateKeyPair();
return keys;
}
public static BigInteger generateBlindingFactor(ICipherParameters pubKey)
{
RsaBlindingFactorGenerator gen = new RsaBlindingFactorGenerator();
gen.Init(pubKey);
return gen.GenerateBlindingFactor();
}
public static byte[] blind(ICipherParameters key, BigInteger factor, byte[] msg) {
RsaBlindingEngine eng = new RsaBlindingEngine();
RsaBlindingParameters param = new RsaBlindingParameters((RsaKeyParameters) key, factor);
PssSigner blindSigner = new PssSigner(eng, new Sha1Digest(), 15);
blindSigner.Init(true, param);
blindSigner.BlockUpdate(msg, 0, msg.Length);
byte[] blinded = null;
try {
blinded = blindSigner.GenerateSignature();
} catch (Exception ex) {
Console.WriteLine(" ");
}
return blinded;
}
public static byte[] unblind(ICipherParameters key, BigInteger factor, byte[] msg) {
RsaBlindingEngine eng = new RsaBlindingEngine();
RsaBlindingParameters param = new RsaBlindingParameters((RsaKeyParameters) key,factor);
eng.Init(false, param);
return eng.ProcessBlock(msg, 0, msg.Length);
}
public static byte[] sign(ICipherParameters key, byte[] toSign)
{
Sha1Digest dig = new Sha1Digest();
RsaEngine eng = new RsaEngine();
PssSigner signer = new PssSigner(eng, dig, 15);
signer.Init(true, key);
signer.BlockUpdate(toSign, 0, toSign.Length);
byte[] sig = null;
try
{
sig = signer.GenerateSignature();
}
catch (Exception ex)
{
Console.WriteLine(" ");
}
return sig;
}
public static bool verify(ICipherParameters key, byte[] msg, byte[] sig)
{
PssSigner signer = new PssSigner(new RsaEngine(), new Sha1Digest(), 15);
signer.Init(false, key);
signer.BlockUpdate(msg, 0, msg.Length);
return signer.VerifySignature(sig);
}
public static byte[] signBlinded(ICipherParameters key, byte[] msg)
{
RsaEngine signer = new RsaEngine();
signer.Init(true, key);
return signer.ProcessBlock(msg, 0, msg.Length);
}
static void Main(string[] args)
{
AsymmetricCipherKeyPair bob_keyPair = generateKeys(1024);
AsymmetricCipherKeyPair alice_keyPair = generateKeys(1024);
try {
byte[] msg = Encoding.ASCII.GetBytes("OK");
//----------- Bob: Generating blinding factor based on Alice's public key -----------//
BigInteger blindingFactor = generateBlindingFactor(alice_keyPair.Public);
//----------------- Bob: Blinding message with Alice's public key -----------------//
byte[] blinded_msg =
blind(alice_keyPair.Public, blindingFactor, msg);
byte[] unblinded_msg =
unblind(alice_keyPair.Private, blindingFactor, blinded_msg);
//------------- Bob: Signing blinded message with Bob's private key -------------//
byte[] sig = sign(bob_keyPair.Private, blinded_msg);
//------------- Alice: Verifying Bob's signature -------------//
if (verify(bob_keyPair.Public, blinded_msg, sig)) {
//---------- Alice: Signing blinded message with Alice's private key ----------//
byte[] sigByAlice =
signBlinded(alice_keyPair.Private, blinded_msg);
//------------------- Bob: Unblinding Alice's signature -------------------//
byte[] unblindedSigByAlice =
unblind(alice_keyPair.Public, blindingFactor, sigByAlice);
//---------------- Bob: Verifying Alice's unblinded signature ----------------//
Console.WriteLine(verify(alice_keyPair.Public, msg,
unblindedSigByAlice));
// Now Bob has Alice's signature for the original message
//Console.WriteLine(Encoding.ASCII.GetString(unblindedSigByAlice));
}
Console.WriteLine(Encoding.ASCII.GetString(unblinded_msg));
} catch (Exception e) {
}
Console.ReadLine();
}
}
如何取消这条消息的盲注?
你能解盲这条消息吗?