On Tue, Nov 3, 2009 at 1:31 PM, Tom Jones wrote:
>
> Hello,
> I'm looking for a tag or extension which will allow me to sign a string
with a RSA private key so that I can verify it with the public key. What can
I use to do this?
You can try this, which I had lying around, and may or may not work:
<cffunction name="signText">
<cfargument name="intext" required="true" />
<cfscript>
/*
This program demonstrates the digital signature technique at
the
primative level by generating a message digest of the plaintext
and signing it with an RSA private key, to create the
signature.
To verify the signature, the message digest is again generated
from
the plaintext and compared with the decryption of the signature
using the public key. If they match, the signature is verified.
http://www.mobilefish.com/download/bouncycastle/DigitalSignature1Example.java
*/
var plainText = intext.getBytes("UTF8");
var messageDigest =
createObject("java","java.security.MessageDigest").getInstance("MD5");
var keyGen =
createObject("java","java.security.KeyPairGenerator").getInstance("RSA");
var cipher =
createObject("java","javax.crypto.Cipher").getInstance("RSA/ECB/PKCS1Padding");
var key = "";
var md = "";
var newMD = "";
var oldMD = "";
var i = 0;
var results = structNew();
results["log"] = "Provider: " &
messageDigest.getProvider().getInfo();
messageDigest.update( plainText );
md = messageDigest.digest();
results.log = results.log & "<br/>Digest:
<strong>#toString(md)#</strong><br />";
// Generate an RSA keypair
results.log = results.log & "Start generating RSA key...";
keyGen.initialize(1024);
key = keyGen.generateKeyPair();
results.log = results.log & "Finish generating RSA key";
//
// Get an RSA cipher and list the provider
results.log = results.log &
"<br/>#cipher.getProvider().getInfo()#";
//
// Encrypt the message digest with the RSA private key
// to create the signature
results.log = results.log & "<br/>Start encryption";
cipher.init(cipher.ENCRYPT_MODE, key.getPrivate());
cipherText = cipher.doFinal(md);
results.log = results.log & "<br/>Finish encryption";
results.log = results.log & "<br/>Cipher: "&toString(cipherText);
//
// To verify, start by decrypting the signature with the
// RSA private key
results.log = results.log & "<br/>Start decryption";
cipher.init(cipher.DECRYPT_MODE, key.getPublic());
newMD = cipher.doFinal(cipherText);
results.log = results.log & "<br/>Finish decryption:";
results.log = results.log & "<br/>Digest:
<strong>#toString(newMD)#</strong><br />";
//
// Then, recreate the message digest from the plaintext
// to simulate what a recipient must do
results.log = results.log & "<br/>Start signature verification";
messageDigest.reset();
messageDigest.update(plainText);
oldMD = messageDigest.digest();
//
// Verify that the two message digests match
if (len(newMD) > len(oldMD)) {
results.log = results.log & "<br/>Signature failed,
length error";
}
for (i = 1; i < len(newMD); i++) {
if (oldMD[i] != newMD[i]) {
results.log = results.log & "<br/>Signature failed,
element error";
}
}
results.log = results.log & "<br/>Signature verified";
</cfscript>
<cfreturn results />
</cffunction>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Want to reach the ColdFusion community with something they want? Let them know
on the House of Fusion mailing lists
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:327969
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
