.Net C# RSA签名和验签
帮助类
using System;
using System.Text;
using System.IO;
using System.Security.Cryptography; namespace Com.AppCode.RSA
{
public class Client
{
#region 生成签名 // <summary>
/// 签名
/// </summary>
/// <param name="content">需要签名的内容</param>
/// <param name="privateKey">私钥</param>
/// <param name="inputCharset">编码格式</param>
/// <returns>返回签名字符串</returns>
public static string Sign(string content, string privateKey, string inputCharset)
{
try
{
Encoding code = Encoding.GetEncoding(inputCharset);
byte[] data = code.GetBytes(content);
RSACryptoServiceProvider rsa = DecodePemPrivateKey(privateKey);
SHA1 sh = new SHA1CryptoServiceProvider(); byte[] signData = rsa.SignData(data, sh);
return Convert.ToBase64String(signData);
}
catch
{
return "";
}
} #region 生成签名内部方法
/// <summary>
/// 把PKCS8格式的私钥转成PEK格式私钥,然后再填充RSACryptoServiceProvider对象
/// </summary>
/// <param name="pkcs8"></param>
/// <returns></returns>
internal static RSACryptoServiceProvider DecodePrivateKeyInfo(byte[] pkcs8)
{
byte[] seqOID = { 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00 };
byte[] seq = new byte[]; MemoryStream mem = new MemoryStream(pkcs8);
RSACryptoServiceProvider rsacsp = null; int lenStream = (int)mem.Length;
BinaryReader binReader = new BinaryReader(mem);
byte bt = ;
ushort twoBytes = ; try
{
twoBytes = binReader.ReadUInt16();
if (twoBytes == 0x8130) //data read as little endian order (actual data order for Sequence is 30 81)
binReader.ReadByte(); //advance 1 byte
else if (twoBytes == 0x8230)
binReader.ReadInt16(); //advance 2 bytes
else
return null; bt = binReader.ReadByte();
if (bt != 0x02)
return null; twoBytes = binReader.ReadUInt16(); if (twoBytes != 0x0001)
return null; seq = binReader.ReadBytes(); //read the Sequence OID
if (!CompareBytearrays(seq, seqOID)) //make sure Sequence for OID is correct
return null; bt = binReader.ReadByte();
if (bt != 0x04) //expect an Octet string
return null; bt = binReader.ReadByte(); //read next byte, or next 2 bytes is 0x81 or 0x82; otherwise bt is the byte count
if (bt == 0x81)
binReader.ReadByte();
else
if (bt == 0x82)
binReader.ReadUInt16(); // at this stage, the remaining sequence should be the RSA private key
byte[] rsaprivkey = binReader.ReadBytes((int)(lenStream - mem.Position));
rsacsp = DecodeRSAPrivateKey(rsaprivkey); return rsacsp;
}
catch
{
return null;
}
finally
{
binReader.Close();
}
} private static bool CompareBytearrays(byte[] a, byte[] b)
{
if (a.Length != b.Length)
return false;
int i = ;
foreach (byte c in a)
{
if (c != b[i])
return false;
i++;
}
return true;
} /// <summary>
/// PEM格式私钥转RSACryptoServiceProvider对象
/// </summary>
/// <param name="privkey"></param>
/// <returns></returns>
internal static RSACryptoServiceProvider DecodeRSAPrivateKey(byte[] privkey)
{
byte[] modulus, e, d, p, q, dp, dq, iq; // Set up stream to decode the asn.1 encoded RSA private key
MemoryStream mem = new MemoryStream(privkey); // wrap Memory Stream with BinaryReader for easy reading
BinaryReader binReader = new BinaryReader(mem);
byte bt = ;
ushort twoBytes = ;
int elems = ;
try
{
twoBytes = binReader.ReadUInt16();
if (twoBytes == 0x8130) //data read as little endian order (actual data order for Sequence is 30 81)
{
binReader.ReadByte(); // advance 1 byte
}
else if (twoBytes == 0x8230)
{
binReader.ReadInt16(); // advance 2 byte
}
else
{
return null;
} twoBytes = binReader.ReadUInt16();
if (twoBytes != 0x0102) // version number
return null;
bt = binReader.ReadByte();
if (bt != 0x00)
return null; // all private key components are Integer sequences
elems = GetIntegerSize(binReader);
modulus = binReader.ReadBytes(elems); elems = GetIntegerSize(binReader);
e = binReader.ReadBytes(elems); elems = GetIntegerSize(binReader);
d = binReader.ReadBytes(elems); elems = GetIntegerSize(binReader);
p = binReader.ReadBytes(elems); elems = GetIntegerSize(binReader);
q = binReader.ReadBytes(elems); elems = GetIntegerSize(binReader);
dp = binReader.ReadBytes(elems); elems = GetIntegerSize(binReader);
dq = binReader.ReadBytes(elems); elems = GetIntegerSize(binReader);
iq = binReader.ReadBytes(elems); // ------- create RSACryptoServiceProvider instance and initialize with public key -----
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
RSAParameters rsaParams = new RSAParameters();
rsaParams.Modulus = modulus;
rsaParams.Exponent = e;
rsaParams.D = d;
rsaParams.P = p;
rsaParams.Q = q;
rsaParams.DP = dp;
rsaParams.DQ = dq;
rsaParams.InverseQ = iq;
rsa.ImportParameters(rsaParams);
return rsa;
}
catch (Exception)
{
return null;
}
finally
{
binReader.Close();
}
} internal static int GetIntegerSize(BinaryReader binReader)
{
byte bt = ;
byte lowByte = 0x00;
byte highByte = 0x00;
int count = ;
bt = binReader.ReadByte();
if (bt != 0x02) //expect integer
return ;
bt = binReader.ReadByte(); if (bt == 0x81)
{
count = binReader.ReadByte(); // data size in next byte
}
else
{
if (bt == 0x82)
{
highByte = binReader.ReadByte(); // data size in next 2 bytes
lowByte = binReader.ReadByte();
byte[] modint = { lowByte, highByte, 0x00, 0x00 };
count = BitConverter.ToInt32(modint, );
}
else
{
count = bt; // we already have the data size
}
} while (binReader.ReadByte() == 0x00)
{ //remove high order zeros in data
count -= ;
}
binReader.BaseStream.Seek(-, SeekOrigin.Current); //last ReadByte wasn't a removed zero, so back up a byte
return count;
} #endregion /// <summary>
/// 解析PKCS8格式的pem私钥
/// </summary>
/// <param name="pemstr"></param>
/// <returns></returns>
internal static RSACryptoServiceProvider DecodePemPrivateKey(string pemstr)
{
RSACryptoServiceProvider rsa = null;
byte[] pkcs8PrivteKey = Convert.FromBase64String(pemstr);
if (pkcs8PrivteKey != null)
{
rsa = DecodePrivateKeyInfo(pkcs8PrivteKey);
}
return rsa;
} #endregion #region 验签函数 /// <summary>
/// 验签函数
/// </summary>
/// <param name="content"></param>
/// <param name="signedString"></param>
/// <param name="publicKey"></param>
/// <param name="inputCharset"></param>
/// <returns></returns>
public static bool Verify(string content, string signedString, string publicKey, string inputCharset)
{
bool result = false; Encoding code = Encoding.GetEncoding(inputCharset);
byte[] data = code.GetBytes(content);
byte[] soureData = Convert.FromBase64String(signedString);
RSAParameters paraPub = ConvertFromPublicKey(publicKey);
RSACryptoServiceProvider rsaPub = new RSACryptoServiceProvider();
rsaPub.ImportParameters(paraPub);
SHA1 sh = new SHA1CryptoServiceProvider();
result = rsaPub.VerifyData(data, sh, soureData);
return result;
} /// <summary>
///
/// </summary>
/// <param name="pemFileConent"></param>
/// <returns></returns>
internal static RSAParameters ConvertFromPublicKey(string pempublicKey)
{
byte[] keyData = Convert.FromBase64String(pempublicKey);
if (keyData.Length < )
{
throw new ArgumentException("pem file content is incorrect.");
}
byte[] pemModulus = new byte[];
byte[] pemPublicExponent = new byte[];
Array.Copy(keyData, , pemModulus, , );
Array.Copy(keyData, , pemPublicExponent, , );
RSAParameters para = new RSAParameters();
para.Modulus = pemModulus;
para.Exponent = pemPublicExponent;
return para;
} public static string DecodeBase64(string code_type, string code)
{
string decode = "";
byte[] bytes = Convert.FromBase64String(code); //将2进制编码转换为8位无符号整数数组.
try
{
decode = Encoding.GetEncoding(code_type).GetString(bytes); //将指定字节数组中的一个字节序列解码为一个字符串。
}
catch
{
decode = code;
}
return decode;
} #endregion
}
}
单元测试
[TestClass]
public class RSATest
{
private string pubkey = ""; private string prikye = ""; private string content = ""; [TestMethod]
public void TestMethod1()
{
var a = string.Format("待签名字符串:{0}", content); string res = Client.Sign(content, prikye, "UTF-8"); var b = string.Format("签名结果:{0}", res); bool ss = Client.Verify(content, res, pubkey, "UTF-8"); var c = string.Format("验签结果:{0}", ss);
}
}
.Net C# RSA签名和验签的更多相关文章
- Delphi RSA签名与验签【支持SHA1WithRSA(RSA1)、SHA256WithRSA(RSA2)和MD5WithRSA签名与验签】
作者QQ:(648437169) 点击下载➨ RSA签名与验签 [delphi RSA签名与验签]支持3种方式签名与验签(SHA1WithRSA(RSA1).SHA256WithRSA(RSA2)和M ...
- erlang的RSA签名与验签
1.RSA介绍 RSA是目前最有影响力的公钥加密算法,该算法基于一个十分简单的数论事实:将两个大素数相乘十分容易,但那时想要对 其乘积进行因式分解却极其困难,因此可以将乘积公开作为加密密钥,即公钥,而 ...
- java/php/c#版rsa签名以及验签实现
本文为转载,请转载请注明地址: 原文地址为 http://xw-z1985.iteye.com/blog/1837376 在开放平台领域,需要给isv提供sdk,签名是Sdk中需要提供的 ...
- .NET Core RSA 签名和验签(密钥为 16 进制编码)
使用 OpenSSL 生成公私钥对,命令: $ openssl genrsa -out rsa_1024_priv.pem $ openssl pkcs8 -topk8 -inform PEM -in ...
- .Net C# RSA签名和验签重写
namespace com._80community.unittest.CUP { /// <summary> /// CUP Client /// </summary> pu ...
- RSA签名、验签、加密、解密
最近在做一个项目,与一个支付渠道进行连接进行充值,为了安全,每个接口访问时,都要先登陆(调用登陆接口),拿到一个sessionKey,后续业务接口内容用它来进行3DES加密处理.而登陆需要用到RSA进 ...
- RSA签名和验签Util
目录 1.DigitalSign类 2.CryptException异常类 3.加签示例 1.DigitalSign类 import org.apache.commons.codec.binary.B ...
- .NET RSA解密、签名、验签
using System; using System.Collections.Generic; using System.Text; using System.IO; using System.Sec ...
- Delphi支付宝支付【支持SHA1WithRSA(RSA)和SHA256WithRSA(RSA2)签名与验签】
作者QQ:(648437169) 点击下载➨Delphi支付宝支付 支付宝支付api文档 [Delphi支付宝支付]支持条码支付.扫码支付.交易查询.交易退款.退款查询.交易撤 ...
随机推荐
- Apache Flink - 命令
$flink命令位置 命令 选项 jar包位置 \ --input 输入文件位置 --out 输出文件位置 ./bin/flink run ./examples/batch/WordCount.jar ...
- 【Robot Framework 项目实战 02】使用脚本生成统一格式的RF关键字
背景 在微服务化的调用环境下,测试数据及接口依赖的维护是一个问题,因为依赖的接口和数据可能不在同一个服务下,而这相关的多个服务往往是不同人员来测试的. 因此为了节省沟通成本,避免关键字的重复冗余.所以 ...
- Leetcode题目283.移动零(简单)
题目描述: 给定一个数组 nums,编写一个函数将所有 0 移动到数组的末尾,同时保持非零元素的相对顺序. 示例: 输入: [0,1,0,3,12] 输出: [1,3,12,0,0] 说明: 必须在原 ...
- ubuntu hadoop安装
参考: https://wangchangchung.github.io/2017/09/28/Ubuntu-16-04%E4%B8%8A%E5%AE%89%E8%A3%85Hadoop%E5%B9% ...
- Ajax简单异步上传图片并回显
前台代码 上传图片按钮 <a href="javascript:void(0)" onclick="uploadPhoto()">选择图片</ ...
- Xshell登录Vagrant方式
Xshell登录Vagrant方式 我上一篇文章 介绍了vagrant 如何创建虚拟机集群,在上篇文章的基础上,用xshell 登录 虚拟机发现 默认是无法使用账号密码登录root账号,只能使用vag ...
- cocos2dx图片加密解密(npk方式)
话不多说,直接开始: 准备的工具: 链接:https://pan.baidu.com/s/1Om4kBNWcG2jL_RTsHqqzpQ 提取码:bv7i npkCreate.exe是加密图片的工具, ...
- JDK1.8新特性之Optional
概念 Optional 是JDK1.8中出现的一个容器类,代表一个值存在或者不存在.原来使用null表示一个值不存在,现在Optional可以更好的表达这个概念.并且可以避免空指针异常. 场景分析 需 ...
- sql注入01
1.SLQ:操作数据 数据库结构 create/drop database create/alter/drop table 数据库内容 insert values语句 insert into tabl ...
- 【VS开发】winsock 错误多 windows.h和winsock2.h的顺序
Windows平台下用C++做网络开发很多时候都会同时包含这两个头文件,如若顺序不当(windows.h先于winsock2.h)就会出现很多莫名其妙的错误.诸如: c:\program files ...