1e41f4b71Sopenharmony_ci# Signing and Signature Verification with an RSA Key Pair (PSS Mode) (ArkTS) 2e41f4b71Sopenharmony_ci 3e41f4b71Sopenharmony_ci 4e41f4b71Sopenharmony_ciFor details about the algorithm specifications, see [RSA](crypto-sign-sig-verify-overview.md#rsa). 5e41f4b71Sopenharmony_ci 6e41f4b71Sopenharmony_ci 7e41f4b71Sopenharmony_ci**Signing** 8e41f4b71Sopenharmony_ci 9e41f4b71Sopenharmony_ci 10e41f4b71Sopenharmony_ci1. Use [cryptoFramework.createAsyKeyGeneratorBySpec](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreateasykeygeneratorbyspec10) and [AsyKeyGeneratorBySpec.generateKeyPair](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#generatekeypair-3) to generate an RSA asymmetric key pair (**KeyPair**) based on the specified key parameters. 11e41f4b71Sopenharmony_ci In addition to the example in this topic, [RSA](crypto-asym-key-generation-conversion-spec.md#rsa) and [Generating an Asymmetric Key Pair Based on Key Parameters](crypto-generate-asym-key-pair-from-key-spec.md) may help you better understand how to generate an RSA asymmetric key pair. Note that the input parameters in the reference documents may be different from those in the example below. 12e41f4b71Sopenharmony_ci 13e41f4b71Sopenharmony_ci2. Use [cryptoFramework.createSign](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreatesign) with the string parameter **'RSA|PSS|SHA256|MGF1_SHA256'** to create a **Sign** instance. As indicated by the string parameter, the key type is RSA without length, the padding mode is **PSS**, the MD algorithm is **SHA256**, and the mask algorithm is **MGF1_SHA256**. 14e41f4b71Sopenharmony_ci 15e41f4b71Sopenharmony_ci3. Use [Sign.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-3) to initialize the **Sign** instance with the private key (**PriKey**). 16e41f4b71Sopenharmony_ci 17e41f4b71Sopenharmony_ci4. Use [Sign.setSignSpec](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#setsignspec10) to set parameters for signing. In this example, the salt length (**SignSpecItem.PSS_SALT_LEN_NUM**) is set to 32 bytes. The data will be verified in signature verification. 18e41f4b71Sopenharmony_ci 19e41f4b71Sopenharmony_ci5. Use [Sign.getSignSpec](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#getsignspec10) to obtain other parameters for signing. 20e41f4b71Sopenharmony_ci 21e41f4b71Sopenharmony_ci6. Use [Sign.update](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#update-3) to pass in the data to be signed. 22e41f4b71Sopenharmony_ci Currently, the amount of data to be passed in by a single **update()** is not limited. You can determine how to pass in data based on the data volume. 23e41f4b71Sopenharmony_ci 24e41f4b71Sopenharmony_ci7. Use [Sign.sign](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#sign-2) to generate a signature. 25e41f4b71Sopenharmony_ci 26e41f4b71Sopenharmony_ci 27e41f4b71Sopenharmony_ci**Signature Verification** 28e41f4b71Sopenharmony_ci 29e41f4b71Sopenharmony_ci 30e41f4b71Sopenharmony_ci1. Use [cryptoFramework.createVerify](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreateverify) with the string parameter **'RSA2048|PSS|SHA256|MGF1_SHA256'** to create a **Verify** instance. As indicated by the string parameter, the asymmetric key type is **RSA2048**, the padding mode is **PSS**, the MD algorithm is **SHA256**, and mask algorithm is **MGF1_SHA256**. 31e41f4b71Sopenharmony_ci 32e41f4b71Sopenharmony_ci2. Use [Verify.setVerifySpec](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#setverifyspec10) to set the parameters for signature verification. The parameter value must be the same as that set for signing. 33e41f4b71Sopenharmony_ci 34e41f4b71Sopenharmony_ci3. Use [Verify.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-5) to initialize the **Verify** instance using the public key (**PubKey**). 35e41f4b71Sopenharmony_ci 36e41f4b71Sopenharmony_ci4. Use [Verify.update](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#update-5) to pass in the data to be verified. 37e41f4b71Sopenharmony_ci Currently, the amount of data to be passed in by a single **update()** is not limited. You can determine how to pass in data based on the data volume. 38e41f4b71Sopenharmony_ci 39e41f4b71Sopenharmony_ci5. Use [Verify.verify](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#verify-2) to verify the data signature. 40e41f4b71Sopenharmony_ci 41e41f4b71Sopenharmony_ci- Example (using asynchronous APIs): 42e41f4b71Sopenharmony_ci 43e41f4b71Sopenharmony_ci ```ts 44e41f4b71Sopenharmony_ci import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 45e41f4b71Sopenharmony_ci import { buffer } from '@kit.ArkTS'; 46e41f4b71Sopenharmony_ci // Construct the RSA key pair parameter based on the key pair specifications. 47e41f4b71Sopenharmony_ci function genRsaKeyPairSpec(nIn: bigint, eIn: bigint, dIn: bigint) { 48e41f4b71Sopenharmony_ci let rsaCommSpec: cryptoFramework.RSACommonParamsSpec = { 49e41f4b71Sopenharmony_ci n: nIn, 50e41f4b71Sopenharmony_ci algName: "RSA", 51e41f4b71Sopenharmony_ci specType: cryptoFramework.AsyKeySpecType.COMMON_PARAMS_SPEC 52e41f4b71Sopenharmony_ci }; 53e41f4b71Sopenharmony_ci let rsaKeyPairSpec: cryptoFramework.RSAKeyPairSpec = { 54e41f4b71Sopenharmony_ci params: rsaCommSpec, 55e41f4b71Sopenharmony_ci sk: dIn, 56e41f4b71Sopenharmony_ci pk: eIn, 57e41f4b71Sopenharmony_ci algName: "RSA", 58e41f4b71Sopenharmony_ci specType: cryptoFramework.AsyKeySpecType.KEY_PAIR_SPEC 59e41f4b71Sopenharmony_ci }; 60e41f4b71Sopenharmony_ci return rsaKeyPairSpec; 61e41f4b71Sopenharmony_ci } 62e41f4b71Sopenharmony_ci // Generate the RSA2048 key pair parameter. 63e41f4b71Sopenharmony_ci function genRsa2048KeyPairSpec(): cryptoFramework.RSAKeyPairSpec { 64e41f4b71Sopenharmony_ci let nIn = BigInt("0x9260d0750ae117eee55c3f3deaba74917521a262ee76007cdf8a56755ad73a1598a1408410a01434c3f5bc54a88b57fa19fc4328daea0750a4c44e88cff3b2382621b80f670464433e4336e6d003e8cd65bff211da144b88291c2259a00a72b711c116ef7686e8fee34e4d933c868187bdc26f7be071493c86f7a5941c3510806ad67b0f94d88f5cf5c02a092821d8626e8932b65c5bd8c92049c210932b7afa7ac59c0e886ae5c1edb00d8ce2c57633db26bd6639bff73cee82be9275c402b4cf2a4388da8cf8c64eefe1c5a0f5ab8057c39fa5c0589c3e253f0960332300f94bea44877b588e1edbde97cf2360727a09b775262d7ee552b3319b9266f05a25"); 65e41f4b71Sopenharmony_ci let eIn = BigInt("0x010001"); 66e41f4b71Sopenharmony_ci let dIn = BigInt("0x6a7df2ca63ead4dda191d614b6b385e0d9056a3d6d5cfe07db1daabee022db08212d97613d3328e0267c9dd23d787abde2afcb306aeb7dfce69246cc73f5c87fdf06030179a2114b767db1f083ff841c025d7dc00cd82435b9a90f695369e94df23d2ce458bc3b3283ad8bba2b8fa1ba62e2dce9accff3799aae7c840016f3ba8e0048c0b6cc4339af7161003a5beb864a0164b2c1c9237b64bc87556994351b27506c33d4bcdfce0f9c491a7d6b0628c7c852be4f0a9c3132b2ed3a2c8881e9aab07e20e17deb074691be677776a78b5c502e05d9bdde72126b3738695e2dd1a0a98a14247c65d8a7ee79432a092cb0721a12df798e44f7cfce0c498147a9b1"); 67e41f4b71Sopenharmony_ci return genRsaKeyPairSpec(nIn, eIn, dIn); 68e41f4b71Sopenharmony_ci } 69e41f4b71Sopenharmony_ci 70e41f4b71Sopenharmony_ci async function verifyMessagePSS() { 71e41f4b71Sopenharmony_ci // The plaintext is split into input1 and input2. 72e41f4b71Sopenharmony_ci let plan1 = "This is Sign test plan1"; 73e41f4b71Sopenharmony_ci let plan2 = "This is Sign test plan2"; 74e41f4b71Sopenharmony_ci let input1: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(plan1, 'utf-8').buffer) }; 75e41f4b71Sopenharmony_ci let input2: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(plan2, 'utf-8').buffer) }; 76e41f4b71Sopenharmony_ci // Generate the RSA key pair parameter (Rsa2048KeyPairSpec) object. 77e41f4b71Sopenharmony_ci let rsaKeyPairSpec = genRsa2048KeyPairSpec(); 78e41f4b71Sopenharmony_ci // Create an RSA key pair generator. 79e41f4b71Sopenharmony_ci let rsaGeneratorSpec = cryptoFramework.createAsyKeyGeneratorBySpec(rsaKeyPairSpec); 80e41f4b71Sopenharmony_ci // Both sign() and verify() support the RSA key with or without the length. 81e41f4b71Sopenharmony_ci let signer = cryptoFramework.createSign("RSA|PSS|SHA256|MGF1_SHA256"); 82e41f4b71Sopenharmony_ci let verifyer = cryptoFramework.createVerify("RSA2048|PSS|SHA256|MGF1_SHA256"); 83e41f4b71Sopenharmony_ci let keyPair = await rsaGeneratorSpec.generateKeyPair(); 84e41f4b71Sopenharmony_ci await signer.init(keyPair.priKey); 85e41f4b71Sopenharmony_ci // After the Sign instance is initialized, set and obtain the PSS parameters. 86e41f4b71Sopenharmony_ci let setN = 32; 87e41f4b71Sopenharmony_ci signer.setSignSpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM, setN); 88e41f4b71Sopenharmony_ci let saltLen = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM); 89e41f4b71Sopenharmony_ci console.info("SaltLen == " + saltLen); 90e41f4b71Sopenharmony_ci let tf = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_TRAILER_FIELD_NUM); 91e41f4b71Sopenharmony_ci console.info("trailer field == " + tf); 92e41f4b71Sopenharmony_ci let md = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_MD_NAME_STR); 93e41f4b71Sopenharmony_ci console.info("md == " + md); 94e41f4b71Sopenharmony_ci let mgf = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_MGF_NAME_STR); 95e41f4b71Sopenharmony_ci console.info("mgf == " + mgf); 96e41f4b71Sopenharmony_ci let mgf1Md = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_MGF1_MD_STR); 97e41f4b71Sopenharmony_ci console.info("mgf1Md == " + mgf1Md); 98e41f4b71Sopenharmony_ci await signer.update(input1); 99e41f4b71Sopenharmony_ci let signMessageBlob = await signer.sign(input2); 100e41f4b71Sopenharmony_ci // Before the Verify instance is initialized, set and get PSS parameters. 101e41f4b71Sopenharmony_ci verifyer.setVerifySpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM, setN); 102e41f4b71Sopenharmony_ci saltLen = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM); 103e41f4b71Sopenharmony_ci console.info("SaltLen == " + saltLen); 104e41f4b71Sopenharmony_ci tf = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_TRAILER_FIELD_NUM); 105e41f4b71Sopenharmony_ci console.info("trailer field == " + tf); 106e41f4b71Sopenharmony_ci md = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_MD_NAME_STR); 107e41f4b71Sopenharmony_ci console.info("md == " + md); 108e41f4b71Sopenharmony_ci mgf = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_MGF_NAME_STR); 109e41f4b71Sopenharmony_ci console.info("mgf == " + mgf); 110e41f4b71Sopenharmony_ci mgf1Md = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_MGF1_MD_STR); 111e41f4b71Sopenharmony_ci await verifyer.init(keyPair.pubKey); 112e41f4b71Sopenharmony_ci await verifyer.update(input1); 113e41f4b71Sopenharmony_ci let verifyResult = await verifyer.verify(input2, signMessageBlob); 114e41f4b71Sopenharmony_ci if (verifyResult == true) { 115e41f4b71Sopenharmony_ci console.info('verify success'); 116e41f4b71Sopenharmony_ci } else { 117e41f4b71Sopenharmony_ci console.error('verify failed'); 118e41f4b71Sopenharmony_ci } 119e41f4b71Sopenharmony_ci } 120e41f4b71Sopenharmony_ci ``` 121e41f4b71Sopenharmony_ci 122e41f4b71Sopenharmony_ci 123e41f4b71Sopenharmony_ci- Example (using synchronous APIs): 124e41f4b71Sopenharmony_ci 125e41f4b71Sopenharmony_ci ```ts 126e41f4b71Sopenharmony_ci import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 127e41f4b71Sopenharmony_ci import { buffer } from '@kit.ArkTS'; 128e41f4b71Sopenharmony_ci // Construct the RSA key pair parameter based on the key pair specifications. 129e41f4b71Sopenharmony_ci function genRsaKeyPairSpec(nIn: bigint, eIn: bigint, dIn: bigint) { 130e41f4b71Sopenharmony_ci let rsaCommSpec: cryptoFramework.RSACommonParamsSpec = { 131e41f4b71Sopenharmony_ci n: nIn, 132e41f4b71Sopenharmony_ci algName: "RSA", 133e41f4b71Sopenharmony_ci specType: cryptoFramework.AsyKeySpecType.COMMON_PARAMS_SPEC 134e41f4b71Sopenharmony_ci }; 135e41f4b71Sopenharmony_ci let rsaKeyPairSpec: cryptoFramework.RSAKeyPairSpec = { 136e41f4b71Sopenharmony_ci params: rsaCommSpec, 137e41f4b71Sopenharmony_ci sk: dIn, 138e41f4b71Sopenharmony_ci pk: eIn, 139e41f4b71Sopenharmony_ci algName: "RSA", 140e41f4b71Sopenharmony_ci specType: cryptoFramework.AsyKeySpecType.KEY_PAIR_SPEC 141e41f4b71Sopenharmony_ci }; 142e41f4b71Sopenharmony_ci return rsaKeyPairSpec; 143e41f4b71Sopenharmony_ci } 144e41f4b71Sopenharmony_ci // Generate the RSA2048 key pair parameter. 145e41f4b71Sopenharmony_ci function genRsa2048KeyPairSpec(): cryptoFramework.RSAKeyPairSpec { 146e41f4b71Sopenharmony_ci let nIn = BigInt("0x9260d0750ae117eee55c3f3deaba74917521a262ee76007cdf8a56755ad73a1598a1408410a01434c3f5bc54a88b57fa19fc4328daea0750a4c44e88cff3b2382621b80f670464433e4336e6d003e8cd65bff211da144b88291c2259a00a72b711c116ef7686e8fee34e4d933c868187bdc26f7be071493c86f7a5941c3510806ad67b0f94d88f5cf5c02a092821d8626e8932b65c5bd8c92049c210932b7afa7ac59c0e886ae5c1edb00d8ce2c57633db26bd6639bff73cee82be9275c402b4cf2a4388da8cf8c64eefe1c5a0f5ab8057c39fa5c0589c3e253f0960332300f94bea44877b588e1edbde97cf2360727a09b775262d7ee552b3319b9266f05a25"); 147e41f4b71Sopenharmony_ci let eIn = BigInt("0x010001"); 148e41f4b71Sopenharmony_ci let dIn = BigInt("0x6a7df2ca63ead4dda191d614b6b385e0d9056a3d6d5cfe07db1daabee022db08212d97613d3328e0267c9dd23d787abde2afcb306aeb7dfce69246cc73f5c87fdf06030179a2114b767db1f083ff841c025d7dc00cd82435b9a90f695369e94df23d2ce458bc3b3283ad8bba2b8fa1ba62e2dce9accff3799aae7c840016f3ba8e0048c0b6cc4339af7161003a5beb864a0164b2c1c9237b64bc87556994351b27506c33d4bcdfce0f9c491a7d6b0628c7c852be4f0a9c3132b2ed3a2c8881e9aab07e20e17deb074691be677776a78b5c502e05d9bdde72126b3738695e2dd1a0a98a14247c65d8a7ee79432a092cb0721a12df798e44f7cfce0c498147a9b1"); 149e41f4b71Sopenharmony_ci return genRsaKeyPairSpec(nIn, eIn, dIn); 150e41f4b71Sopenharmony_ci } 151e41f4b71Sopenharmony_ci 152e41f4b71Sopenharmony_ci function verifyMessagePSS() { 153e41f4b71Sopenharmony_ci // The plaintext is split into input1 and input2. 154e41f4b71Sopenharmony_ci let plan1 = "This is Sign test plan1"; 155e41f4b71Sopenharmony_ci let plan2 = "This is Sign test plan2"; 156e41f4b71Sopenharmony_ci let input1: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(plan1, 'utf-8').buffer) }; 157e41f4b71Sopenharmony_ci let input2: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(plan2, 'utf-8').buffer) }; 158e41f4b71Sopenharmony_ci // Generate the RSA key pair parameter (Rsa2048KeyPairSpec) object. 159e41f4b71Sopenharmony_ci let rsaKeyPairSpec = genRsa2048KeyPairSpec(); 160e41f4b71Sopenharmony_ci // Create an RSA key pair generator. 161e41f4b71Sopenharmony_ci let rsaGeneratorSpec = cryptoFramework.createAsyKeyGeneratorBySpec(rsaKeyPairSpec); 162e41f4b71Sopenharmony_ci // Both sign() and verify() support the RSA key with or without the length. 163e41f4b71Sopenharmony_ci let signer = cryptoFramework.createSign("RSA|PSS|SHA256|MGF1_SHA256"); 164e41f4b71Sopenharmony_ci let verifyer = cryptoFramework.createVerify("RSA2048|PSS|SHA256|MGF1_SHA256"); 165e41f4b71Sopenharmony_ci let keyPair = rsaGeneratorSpec.generateKeyPairSync(); 166e41f4b71Sopenharmony_ci signer.initSync(keyPair.priKey); 167e41f4b71Sopenharmony_ci // After the Sign instance is initialized, set and obtain the PSS parameters. 168e41f4b71Sopenharmony_ci let setN = 32; 169e41f4b71Sopenharmony_ci signer.setSignSpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM, setN); 170e41f4b71Sopenharmony_ci let saltLen = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM); 171e41f4b71Sopenharmony_ci console.info("SaltLen == " + saltLen); 172e41f4b71Sopenharmony_ci let tf = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_TRAILER_FIELD_NUM); 173e41f4b71Sopenharmony_ci console.info("trailer field == " + tf); 174e41f4b71Sopenharmony_ci let md = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_MD_NAME_STR); 175e41f4b71Sopenharmony_ci console.info("md == " + md); 176e41f4b71Sopenharmony_ci let mgf = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_MGF_NAME_STR); 177e41f4b71Sopenharmony_ci console.info("mgf == " + mgf); 178e41f4b71Sopenharmony_ci let mgf1Md = signer.getSignSpec(cryptoFramework.SignSpecItem.PSS_MGF1_MD_STR); 179e41f4b71Sopenharmony_ci console.info("mgf1Md == " + mgf1Md); 180e41f4b71Sopenharmony_ci signer.updateSync(input1); 181e41f4b71Sopenharmony_ci let signMessageBlob = signer.signSync(input2); 182e41f4b71Sopenharmony_ci // Before the Verify instance is initialized, set and get PSS parameters. 183e41f4b71Sopenharmony_ci verifyer.setVerifySpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM, setN); 184e41f4b71Sopenharmony_ci saltLen = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_SALT_LEN_NUM); 185e41f4b71Sopenharmony_ci console.info("SaltLen == " + saltLen); 186e41f4b71Sopenharmony_ci tf = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_TRAILER_FIELD_NUM); 187e41f4b71Sopenharmony_ci console.info("trailer field == " + tf); 188e41f4b71Sopenharmony_ci md = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_MD_NAME_STR); 189e41f4b71Sopenharmony_ci console.info("md == " + md); 190e41f4b71Sopenharmony_ci mgf = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_MGF_NAME_STR); 191e41f4b71Sopenharmony_ci console.info("mgf == " + mgf); 192e41f4b71Sopenharmony_ci mgf1Md = verifyer.getVerifySpec(cryptoFramework.SignSpecItem.PSS_MGF1_MD_STR); 193e41f4b71Sopenharmony_ci verifyer.initSync(keyPair.pubKey); 194e41f4b71Sopenharmony_ci verifyer.updateSync(input1); 195e41f4b71Sopenharmony_ci let verifyResult = verifyer.verifySync(input2, signMessageBlob); 196e41f4b71Sopenharmony_ci if (verifyResult == true) { 197e41f4b71Sopenharmony_ci console.info('verify success'); 198e41f4b71Sopenharmony_ci } else { 199e41f4b71Sopenharmony_ci console.error('verify failed'); 200e41f4b71Sopenharmony_ci } 201e41f4b71Sopenharmony_ci } 202e41f4b71Sopenharmony_ci ``` 203