作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
我有一个 UWA(通用 Windows 应用程序)使用 KeyCredential.RequestSignAsync 对一些数据进行签名方法。
签名是用:
并且可以在同一个 UWA 中使用以下代码进行验证:
public static bool VerifySignature(
IBuffer buffPublicKey,
IBuffer buffMessageData,
IBuffer buffSignature)
{
bool b = false;
// Open the algorithm provider
var algProv = AsymmetricKeyAlgorithmProvider.OpenAlgorithm(AsymmetricAlgorithmNames.RsaSignPkcs1Sha256);
// Import the public key
var ckey = algProv.ImportPublicKey(buffPublicKey);
// Verify
b = CryptographicEngine.VerifySignature(ckey, buffMessageData, buffSignature);
return b;
}
我需要在常规 C# 应用程序(而非 UWA)中验证该签名。公钥、消息和签名在传输之前使用 CryptographicBuffer.EncodeToBase64String 编码为 base 64。
所以根据 System.Security.Cryptography 命名空间我试过:
public static bool VerifySignature(string base64PublicKey, string base64Data, string base64Signature)
{
bool b = false;
byte[] publicKey = Convert.FromBase64String(base64PublicKey);
byte[] data = Convert.FromBase64String(base64Data);
byte[] signature = Convert.FromBase64String(base64Signature);
using (var rsa = new RSACryptoServiceProvider(2048))
{
// Import public key
rsa.ImportCspBlob(publicKey);
// Create signature verifier with the rsa key
var signatureDeformatter = new RSAPKCS1SignatureDeformatter(rsa);
// Set the hash algorithm to SHA256.
signatureDeformatter.SetHashAlgorithm("SHA256");
b = signatureDeformatter.VerifySignature(data, siganture);
}
return b;
}
但是得到一个 System.Security.Cryptography.CryptographicException 和 Additional information: Bad Version of provider. in:
rsa.ImportCspBlob(publicKey);
¿如何使用该公钥验证签名的正确方法?
编辑:示例值(base64 编码)
最佳答案
鉴于公钥是 ASN.1 以 X509SubjectPublicKeyInfo 格式编码并且 rsa.ImportCspBlob(publicKey) 需要一个兼容的 blob使用非托管 Microsoft Cryptographic API (CAPI),我创建了一个基于 this solution 的辅助方法提取公钥参数。
通过以下代码,签名验证成功:
using System;
using System.IO;
using System.Security.Cryptography;
namespace ConsoleApplication2
{
class Program
{
static void Main(string[] args)
{
var verified = false;
byte[] data = Convert.FromBase64String("dGF0b0Bmcm9td2luMzIuY29t");
byte[] signature = Convert.FromBase64String("lWKRRgWBA2lBAfUvBS+54s9kmHTH3nJwcvYYmjCg5QpWQ9joY7Rzpq0zZjOhyxASXoAN4Vz8+mqSqPWi/4DFH7947ZWZSbopPfxiI7jjDRMAVymG0B+dRVjiMow48ZvhgP/FGSZqeLAei77Z0aAmwN2TBxkClqBpt9uy+nkI7V/TJGAbbLcWfiPWNVOGsU0smoFDQLlJjkocahNSOqjj+9PPFVqbc/VVHQWsSoq1ZxtCPILFwPCCtUCDITXrU/riGMFJ282p/3rfhDJKYis9/izR98/zgBLRoCew8zu8Za4UNWaHaR3HP/6voQI2NiVSKtss1VjvwjwXYIOh56yeSw==");
byte[] publicKey = Convert.FromBase64String("MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6HzbSgZPkJPfZJWydFAKdzUWlQcGHCTZhghg8HwHOfRZp3QZ/iiDORVzdIlW6XYPz76aAn8Nxm/v4NbsQsFPbwIcc7CPOJe21VT+7f6ocZ4kef0dqxUOGuK1FynrqzsAeYoaeTW+w/HElXODOEzZs3CfyE3d4hy3TTM/mVyQGV1FO/hHWB/zXq7ryQ8hXP/ueJimmJvitB7UweemRxvEYfVx52VVAgzg1RqVWeRj8L/obfm0lwQtIAHdDOnIi/cwpsyKQNikjMsf4dFgt14fcOgFdSG06jB840GnOsRZM04CWZQ9ttwAvoNGK/zjriRYGySQ4Ey0K0l5G3UVr56mQIDAQAB");
byte[] modulus;
byte[] exponent;
ExtractPublicKeyParameters(publicKey, out modulus, out exponent);
using (var rsa = new RSACryptoServiceProvider())
{
// Create parameters
var rsaParam = new RSAParameters()
{
Modulus = modulus,
Exponent = exponent
};
// Import public key
rsa.ImportParameters(rsaParam);
// Create signature verifier with the rsa key
var signatureDeformatter = new RSAPKCS1SignatureDeformatter(rsa);
// Set the hash algorithm to SHA256.
signatureDeformatter.SetHashAlgorithm("SHA256");
// Compute hash
byte[] hash;
using (SHA256 sha256 = SHA256.Create())
{
hash = sha256.ComputeHash(data);
}
verified = signatureDeformatter.VerifySignature(hash, signature);
}
}
// encoded OID sequence for PKCS #1 rsaEncryption szOID_RSA_RSA = "1.2.840.113549.1.1.1"
static readonly byte[] SeqOid = { 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00 };
public static void ExtractPublicKeyParameters(byte[] publicKey, out byte[] modulus, out byte[] exponent)
{
modulus = new byte[0];
exponent = new byte[0];
byte[] seq = new byte[15];
// --------- Set up stream to read the asn.1 encoded SubjectPublicKeyInfo blob ------
MemoryStream mem = new MemoryStream(publicKey);
BinaryReader binr = new BinaryReader(mem); //wrap Memory Stream with BinaryReader for easy reading
byte bt = 0;
ushort twobytes = 0;
try
{
twobytes = binr.ReadUInt16();
if (twobytes == 0x8130) //data read as little endian order (actual data order for Sequence is 30 81)
binr.ReadByte(); //advance 1 byte
else if (twobytes == 0x8230)
binr.ReadInt16(); //advance 2 bytes
else
return;
seq = binr.ReadBytes(15); //read the Sequence OID
if (!CompareBytearrays(seq, SeqOid)) //make sure Sequence for OID is correct
return;
twobytes = binr.ReadUInt16();
if (twobytes == 0x8103) //data read as little endian order (actual data order for Bit String is 03 81)
binr.ReadByte(); //advance 1 byte
else if (twobytes == 0x8203)
binr.ReadInt16(); //advance 2 bytes
else
return;
bt = binr.ReadByte();
if (bt != 0x00) //expect null byte next
return;
twobytes = binr.ReadUInt16();
if (twobytes == 0x8130) //data read as little endian order (actual data order for Sequence is 30 81)
binr.ReadByte(); //advance 1 byte
else if (twobytes == 0x8230)
binr.ReadInt16(); //advance 2 bytes
else
return;
twobytes = binr.ReadUInt16();
byte lowbyte = 0x00;
byte highbyte = 0x00;
if (twobytes == 0x8102) //data read as little endian order (actual data order for Integer is 02 81)
lowbyte = binr.ReadByte(); // read next bytes which is bytes in modulus
else if (twobytes == 0x8202)
{
highbyte = binr.ReadByte(); //advance 2 bytes
lowbyte = binr.ReadByte();
}
else
return;
byte[] modint = { lowbyte, highbyte, 0x00, 0x00 }; //reverse byte order since asn.1 key uses big endian order
int modsize = BitConverter.ToInt32(modint, 0);
int firstbyte = binr.PeekChar();
if (firstbyte == 0x00)
{ //if first byte (highest order) of modulus is zero, don't include it
binr.ReadByte(); //skip this null byte
modsize -= 1; //reduce modulus buffer size by 1
}
modulus = binr.ReadBytes(modsize); //read the modulus bytes
if (binr.ReadByte() != 0x02) //expect an Integer for the exponent data
return;
int expbytes = (int)binr.ReadByte(); // should only need one byte for actual exponent data (for all useful values)
exponent = binr.ReadBytes(expbytes);
}
finally
{
binr.Close();
}
}
private static bool CompareBytearrays(byte[] a, byte[] b)
{
if (a.Length != b.Length)
return false;
int i = 0;
foreach (byte c in a)
{
if (c != b[i])
return false;
i++;
}
return true;
}
}
}
关于c# - 验证使用 RSA 2048 位 key 、SHA256 算法和 PKCSv1.5 填充生成的签名,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/32504866/
我是一名优秀的程序员,十分优秀!