使用SHA256WithRSA来签名和验签(.NET/C#)
RSACryptoServiceProvider does work with SHA2-based signatures, but you have to invest some effort into it.
When you use a certificate to get your RSACryptoServiceProvider it really matters what's the underlying CryptoAPI provider. By default, when you create a certificate with 'makecert', it's "RSA-FULL" which only supports SHA1 hashes for signature. You need the new "RSA-AES" one that supports SHA2.
So, you can create your certificate with an additional option: -sp "Microsoft Enhanced RSA and AES Cryptographic Provider" (or an equivalent -sy 24) and then your code would look like (in .NET 4.0):
var rsa = signerCertificate.PrivateKey as RSACryptoServiceProvider;
byte[] signature = rsa.SignData(data, CryptoConfig.CreateFromName("SHA256"));
If you are unable to change the way your certificate is issued, there is a semi-ligitimate workaround that is based on the fact that by default RSACryptoServiceProvider is created with support for SHA2. So, the following code would also work, but it is a bit uglier: (what this code does is it creates a new RSACryptoServiceProvider and imports the keys from the one we got from the certificate)
public string Sign(string contentForSign,string priKeyFile, string keyPwd)
{
var rsa = GetPrivateKey(priKeyFile,keyPwd);
// Create a new RSACryptoServiceProvider
var rsaClear = new RSACryptoServiceProvider();
// Export RSA parameters from 'rsa' and import them into 'rsaClear'
var paras = rsa.ExportParameters(true);
rsaClear.ImportParameters(paras);
using (var sha256 = new SHA256CryptoServiceProvider())
{
var signData = rsa.SignData(Encoding.UTF8.GetBytes(contentForSign), sha256);
return BytesToHex(signData);
}
} public bool VerifySign(string contentForSign, string signedData,pubKeyFile)
{
var rsa = GetPublicKey(pubKeyFile); using (var sha256 = new SHA256CryptoServiceProvider())
{
return rsa.VerifyData(Encoding.UTF8.GetBytes(contentForSign), sha256, HexToBytes(signedData));
}
} /// <summary>
/// 获取签名证书私钥
/// </summary>
/// <param name="priKeyFile"></param>
/// <param name="keyPwd"></param>
/// <returns></returns>
private static RSACryptoServiceProvider GetPrivateKey(string priKeyFile, string keyPwd)
{
var pc = new X509Certificate2(priKeyFile, keyPwd, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet);
return (RSACryptoServiceProvider) pc.PrivateKey;
} /// <summary>
/// 获取验签证书
/// </summary>
/// <param name="pubKeyFile"></param>
/// <returns></returns>
private static RSACryptoServiceProvider GetPublicKey(string pubKeyFile)
{
var pc = new X509Certificate2(pubKeyFile);
return (RSACryptoServiceProvider) pc.PublicKey.Key;
}
public static byte[] HexToBytes(string text)
{
if (text.Length % != )
throw new ArgumentException("text 长度为奇数。"); List<byte> lstRet = new List<byte>();
for (int i = ; i < text.Length; i = i + )
{
lstRet.Add(Convert.ToByte(text.Substring(i, ), ));
}
return lstRet.ToArray();
} /// <summary>
/// bytes转换hex
/// </summary>
/// <param name="data">bytes</param>
/// <returns>转换后的hex字符串</returns>
public static string BytesToHex(byte[] data)
{
StringBuilder sbRet = new StringBuilder(data.Length * );
for (int i = ; i < data.Length; i++)
{
sbRet.Append(Convert.ToString(data[i], ).PadLeft(, ''));
}
return sbRet.ToString();
}
https://stackoverflow.com/questions/10673146/signature-with-sha256
使用SHA256WithRSA来签名和验签(.NET/C#)的更多相关文章
- Delphi支付宝支付【支持SHA1WithRSA(RSA)和SHA256WithRSA(RSA2)签名与验签】
作者QQ:(648437169) 点击下载➨Delphi支付宝支付 支付宝支付api文档 [Delphi支付宝支付]支持条码支付.扫码支付.交易查询.交易退款.退款查询.交易撤 ...
- Delphi RSA签名与验签【支持SHA1WithRSA(RSA1)、SHA256WithRSA(RSA2)和MD5WithRSA签名与验签】
作者QQ:(648437169) 点击下载➨ RSA签名与验签 [delphi RSA签名与验签]支持3种方式签名与验签(SHA1WithRSA(RSA1).SHA256WithRSA(RSA2)和M ...
- RSA/RSA2 进行签名和验签
package com.byttersoft.hibernate.erp.szmy.util; import java.io.ByteArrayInputStream; import java.io. ...
- .NET RSA解密、签名、验签
using System; using System.Collections.Generic; using System.Text; using System.IO; using System.Sec ...
- PHP SHA1withRSA加密生成签名及验签
最近公司对接XX第三方支付平台的代付业务,由于对方公司只有JAVA的demo,所以只能根据文档自己整合PHP的签名加密,网上找过几个方法,踩到各种各样的坑,还好最后算是搞定了,话不多说,代码分享出来. ...
- 中行P1签名及验签
分享中国银行快捷.NET P1签名和验签方法代码中ReturnValue为自定义类型请无视 #region 验证签名 /// <summary> /// 验证签名 /// </sum ...
- 几个例子理解对称加密与非对称加密、公钥与私钥、签名与验签、数字证书、HTTPS加密方式
# 原创,转载请留言联系 为什么会出现这么多加密啊,公钥私钥啊,签名啊这些东西呢?说到底还是保证双方通信的安全性与完整性.例如小明发一封表白邮件给小红,他总不希望给别人看见吧.而各种各样的技术就是为了 ...
- erlang的RSA签名与验签
1.RSA介绍 RSA是目前最有影响力的公钥加密算法,该算法基于一个十分简单的数论事实:将两个大素数相乘十分容易,但那时想要对 其乘积进行因式分解却极其困难,因此可以将乘积公开作为加密密钥,即公钥,而 ...
- Delphi微信支付【支持MD5和HMAC-SHA256签名与验签】
作者QQ:(648437169) 点击下载➨微信支付 微信支付api文档 [Delphi 微信支付]支持付款码支付.二维码支付.订单查询.申请退款.退款查询.撤销订单.关闭订单. ...
随机推荐
- [Android] Implementation vs API dependency
原文链接: https://jeroenmols.com/blog/2017/06/14/androidstudio3/ https://blog.csdn.net/lonewolf521125/ar ...
- [Nginx] Nginx 配置location总结
cp from : https://www.cnblogs.com/coder-yoyo/p/6346595.html location匹配顺序 "="前缀指令匹配,如果匹配成功, ...
- android R.layout 中找不到已存在的布局文件
在R.layout.test文件时,总是找不到您想要的文件,可是它明明就在layout文件下面,而且在R.Java中也已经生成了,那么找不到的原因就是你导入了Android.R的包,这样你永远找不到你 ...
- 如何在windows2003(IIS6)下配置IIS,使其支持cshtml
在开发环境机器上,安装WEB PAGES 后,会在 C:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages 的下产生DLL 其中 Micr ...
- 洛谷 P1082 同余方程
题目描述 求关于 x 的同余方程 ax ≡ 1 (mod b)的最小正整数解. 输入输出格式 输入格式: 输入只有一行,包含两个正整数 a, b,用一个空格隔开. 输出格式: 输出只有一行,包含一个正 ...
- NVelocity语法常用指令
对变量的引用:$ [ ! ][ { ][ a..z, A..Z ][ a..z, A..Z, 0..9, -, _ ][ } ]. 在NVelocity中,对变量的引用都是以$开头加上变量名称.当使用 ...
- Apache URL重写的配置 及其 apache500错误
1:如果apache报500错误时 ----->原因:可能是你的ReWrite模块没有打开(有时在apache重装时会忘记打开该模块) 将apache--->httpd.conf文件中Lo ...
- 样条之拉格朗日Lagrange(一元全区间)插值函数
这是使用拉格朗日插值函数生成的样条曲线.在数值分析中,拉格朗日插值法是以法国十八世纪数学家约瑟夫·拉格朗日命名的一种多项式插值方法.许多实际问题中都用函数来表示某种内在联系或规律,而不少函数都只能通过 ...
- [leetcode]Scramble String @ Python
原题地址:https://oj.leetcode.com/problems/scramble-string/ 题意: Given a string s1, we may represent it as ...
- Dll 导出函数那些破事
经常使用VC6的Dependency查看DLL导出函数的名字,会发现有DLL导出函数的名字有时大不相同,导致不同的原因大多是和编译DLL时候指定DLL导出函数的界定符有关系. VC++支持两种语言:即 ...