前言

结合消息摘要、非对称加密、数字签名三篇,进行代码实操。

代码完整,可复制运行。

正文

代码如下:

public class SignatureHelper

{

	/// <summary>

	/// RSA签名

	/// </summary>

	/// <param name="content">数据</param>

	/// <param name="privateKey">RSA密钥</param>

	/// <returns></returns>

	public static string rsaSign(string content, string privateKey)

	{

		if (string.IsNullOrEmpty(content))

		{

			throw new ArgumentNullException(nameof(content));

		}

		var rsaParameters = privateKeyToRSAParameters(privateKey);

		using (var rsa = RSA.Create())

		{

			rsa.ImportParameters(rsaParameters);

			return Base64.ToBase64String(rsa.SignData(Encoding.UTF8.GetBytes(content), HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1));

		}

	}

	private static RSAParameters privateKeyToRSAParameters(string key)

	{

		var rsaParameters = new RSAParameters();

		using (BinaryReader binr = new BinaryReader(new MemoryStream(Convert.FromBase64String(key))))

		{

			byte bt = 0;

			ushort twobytes = 0;

			twobytes = binr.ReadUInt16();

			if (twobytes == 0x8130)

				binr.ReadByte();

			else if (twobytes == 0x8230)

				binr.ReadInt16();

			else

				throw new Exception("Unexpected value read binr.ReadUInt16()");

			twobytes = binr.ReadUInt16();

			if (twobytes != 0x0102)

				throw new Exception("Unexpected version");

			bt = binr.ReadByte();

			if (bt != 0x00)

				throw new Exception("Unexpected value read binr.ReadByte()");

			rsaParameters.Modulus = binr.ReadBytes(GetIntegerSize(binr));

			rsaParameters.Exponent = binr.ReadBytes(GetIntegerSize(binr));

			rsaParameters.D = binr.ReadBytes(GetIntegerSize(binr));

			rsaParameters.P = binr.ReadBytes(GetIntegerSize(binr));

			rsaParameters.Q = binr.ReadBytes(GetIntegerSize(binr));

			rsaParameters.DP = binr.ReadBytes(GetIntegerSize(binr));

			rsaParameters.DQ = binr.ReadBytes(GetIntegerSize(binr));

			rsaParameters.InverseQ = binr.ReadBytes(GetIntegerSize(binr));

		}

		return rsaParameters;

	}

	private static bool CompareBytearrays(byte[] a, byte[] b)

	{

		if (a.Length != b.Length)

			return false;

		int i = 0;

		foreach (byte c in a)

		{

			if (c != b[i])

				return false;

			i++;

		}

		return true;

	}

	private static RSAParameters publicKeyToRSAParameters(string publicKeyString)

	{

		// encoded OID sequence for  PKCS #1 rsaEncryption szOID_RSA_RSA = "1.2.840.113549.1.1.1"

		byte[] seqOid = { 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00 };

		byte[] seq = new byte[15];

		var x509Key = Convert.FromBase64String(publicKeyString);

		// ---------  Set up stream to read the asn.1 encoded SubjectPublicKeyInfo blob  ------

		using (MemoryStream mem = new MemoryStream(x509Key))

		{

			using (BinaryReader binr = new BinaryReader(mem))  //wrap Memory Stream with BinaryReader for easy reading

			{

				byte bt = 0;

				ushort twobytes = 0;

				twobytes = binr.ReadUInt16();

				if (twobytes == 0x8130) //data read as little endian order (actual data order for Sequence is 30 81)

					binr.ReadByte();    //advance 1 byte

				else if (twobytes == 0x8230)

					binr.ReadInt16();   //advance 2 bytes

				else

				   throw new Exception("Unexpected value read binr.ReadUInt16()");

				seq = binr.ReadBytes(15);       //read the Sequence OID

				if (!CompareBytearrays(seq, seqOid))    //make sure Sequence for OID is correct

					throw new Exception("Unexpected value read binr.ReadUInt16()");

				twobytes = binr.ReadUInt16();

				if (twobytes == 0x8103) //data read as little endian order (actual data order for Bit String is 03 81)

					binr.ReadByte();    //advance 1 byte

				else if (twobytes == 0x8203)

					binr.ReadInt16();   //advance 2 bytes

				else

					throw new Exception("Unexpected value read binr.ReadUInt16()");

				bt = binr.ReadByte();

				if (bt != 0x00)     //expect null byte next

					throw new Exception("Unexpected value read binr.ReadUInt16()");

				twobytes = binr.ReadUInt16();

				if (twobytes == 0x8130) //data read as little endian order (actual data order for Sequence is 30 81)

					binr.ReadByte();    //advance 1 byte

				else if (twobytes == 0x8230)

					binr.ReadInt16();   //advance 2 bytes

				else

					throw new Exception("Unexpected value read binr.ReadUInt16()");

				twobytes = binr.ReadUInt16();

				byte lowbyte = 0x00;

				byte highbyte = 0x00;

				if (twobytes == 0x8102) //data read as little endian order (actual data order for Integer is 02 81)

					lowbyte = binr.ReadByte();  // read next bytes which is bytes in modulus

				else if (twobytes == 0x8202)

				{

					highbyte = binr.ReadByte(); //advance 2 bytes

					lowbyte = binr.ReadByte();

				}

				else

					throw new Exception("Unexpected value read binr.ReadUInt16()");

				byte[] modint = { lowbyte, highbyte, 0x00, 0x00 };   //reverse byte order since asn.1 key uses big endian order

				int modsize = BitConverter.ToInt32(modint, 0);

				int firstbyte = binr.PeekChar();

				if (firstbyte == 0x00)

				{   //if first byte (highest order) of modulus is zero, don't include it

					binr.ReadByte();    //skip this null byte

					modsize -= 1;   //reduce modulus buffer size by 1

				}

				byte[] modulus = binr.ReadBytes(modsize);   //read the modulus bytes

				if (binr.ReadByte() != 0x02)            //expect an Integer for the exponent data

					throw new Exception("Unexpected value read binr.ReadUInt16()");

				int expbytes = (int)binr.ReadByte();        // should only need one byte for actual exponent data (for all useful values)

				byte[] exponent = binr.ReadBytes(expbytes);

				// ------- create RSACryptoServiceProvider instance and initialize with public key -----

				var rsa = RSA.Create();

				RSAParameters rsaKeyInfo = new RSAParameters

				{

					Modulus = modulus,

					Exponent = exponent

				};

				return rsaKeyInfo;

			}

		}

	}

	private static int GetIntegerSize(BinaryReader binr)

	{

		byte bt = 0;

		int count = 0;

		bt = binr.ReadByte();

		if (bt != 0x02)

			return 0;

		bt = binr.ReadByte();

		if (bt == 0x81)

			count = binr.ReadByte();

		else

		if (bt == 0x82)

		{

			var highbyte = binr.ReadByte();

			var lowbyte = binr.ReadByte();

			byte[] modint = { lowbyte, highbyte, 0x00, 0x00 };

			count = BitConverter.ToInt32(modint, 0);

		}

		else

		{

			count = bt;

		}

		while (binr.ReadByte() == 0x00)

		{

			count -= 1;

		}

		binr.BaseStream.Seek(-1, SeekOrigin.Current);

		return count;

	}

	/// <summary>

	/// 验证数字签名

	/// </summary>

	/// <param name="plaintext">明文</param>

	/// <param name="signedData">数字签名</param>

	/// <param name="publicKey">公钥</param>

	/// <returns></returns>

	public static bool verifySigned(string plaintext, string signedData, string publicKey)

	{

		if (string.IsNullOrEmpty(plaintext))

		{

			throw new ArgumentNullException(nameof(plaintext));

		}

		if (string.IsNullOrEmpty(signedData))

		{

			throw new ArgumentNullException(nameof(signedData));

		}

		using (var rsa = RSA.Create())

		{

			var rsaParameters = publicKeyToRSAParameters(publicKey);

			rsa.ImportParameters(rsaParameters);

			return rsa.VerifyData(Encoding.UTF8.GetBytes(plaintext), Convert.FromBase64String(signedData), HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);

		}

	}

}

测试:

static void Main(string[] args)

{

	RSAKeyParameter rsa1=Pkcs1(1024);

	Console.WriteLine("公钥为:"+rsa1.PublicKey+"私钥为:"+rsa1.PrivateKey);

	string input = "奥氏的家园";

	Console.WriteLine("内容:" + input);

	var signData=SignatureHelper.rsaSign(input,rsa1.PrivateKey);

	Console.WriteLine("数字签名为:" + signData);

	var isSuccess=SignatureHelper.verifySigned(input, signData,rsa1.PublicKey);

	Console.WriteLine("验证是否成功:" + isSuccess);

	Console.ReadKey();

}

/// <summary>

/// pkcs1 rsa 加密

/// </summary>

/// <param name="size">秘钥长度,一般为1024的倍数</param>

/// <param name="pemFormat">是否转换成大小</param>

/// <returns></returns>

public static RSAKeyParameter Pkcs1(int size, bool pemFormat = false)

{

	var keyGenerator = GeneratorUtilities.GetKeyPairGenerator("RSA");

	keyGenerator.Init(new KeyGenerationParameters(new SecureRandom(), size));

	var keyPair = keyGenerator.GenerateKeyPair();

	var subjectPublicKeyInfo=SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keyPair.Public);

	var privateKeyInfo= PrivateKeyInfoFactory.CreatePrivateKeyInfo(keyPair.Private);

	if (!pemFormat)

	{

		return new RSAKeyParameter

		{

			PrivateKey = Base64.ToBase64String(privateKeyInfo.ParsePrivateKey().GetEncoded()),

			PublicKey = Base64.ToBase64String(subjectPublicKeyInfo.GetEncoded())

		};

	}

	var rsaKey = new RSAKeyParameter();

	using (var sw=new StringWriter())

	{

		var pWrt = new PemWriter(sw);

		pWrt.WriteObject(keyPair.Private);

		pWrt.Writer.Close();

		rsaKey.PrivateKey = sw.ToString();

	}

	using (var sw = new StringWriter())

	{

		var pWrt = new PemWriter(sw);

		pWrt.WriteObject(keyPair.Public);

		pWrt.Writer.Close();

		rsaKey.PublicKey = sw.ToString();

	}

	return rsaKey;

}

密码学系列——数字签名(c# 代码实操)的更多相关文章

  1. 网络编程:多进程实现TCP服务端并发、互斥锁代码实操、线程理论、创建线程的两种方式、线程的诸多特性、GIL全局解释器锁、验证GIL的存在

    目录 多进程实现TCP服务端并发 互斥锁代码实操 线程理论 创建线程的两种方式 线程的诸多特性 GIL全局解释器锁 验证GIL的存在 GIL与普通互斥锁 python多线程是否有用 死锁现象 多进程实 ...

  2. 密码学系列——常见的加密方式(c#代码实操)

    前言 说起加密方式,其实密码学的角度ASCII编码其实本身就是一种加密解密. 由于其公开,现在用于数字与字符的转换. 查看ASCII表可以去官网查查. 转换代码如下: static void Main ...

  3. 密码学系列——消息摘要(c#代码实操)

    前言 简介: 消息摘要(Message Digest)又称为数字摘要(Digital Digest) 它是一个唯一对应一个消息或文本的固定长度的值,它由一个单向Hash加密函数对消息进行作用而产生 使 ...

  4. mPaaS 小程序架构解析 | 实操演示小程序如何实现多端开发

    对于 mPaaS 小程序开发框架,想必读者们并不陌生.它源自于支付宝小程序框架,继承了易开发性.跨平台性及 Native 性能,不仅帮助开发者实现面向自有 App 投放小程序,还可快速构建打包,覆盖支 ...

  5. ABP入门系列(1)——学习Abp框架之实操演练

    作为.Net工地搬砖长工一名,一直致力于挖坑(Bug)填坑(Debug),但技术却不见长进.也曾热情于新技术的学习,憧憬过成为技术大拿.从前端到后端,从bootstrap到javascript,从py ...

  6. .net基础学java系列(四)Console实操

    上一篇文章 .net基础学java系列(三)徘徊反思 本章节没啥营养,请绕路! 看视频,不实操,对于上了年龄的人来说,是记不住的!我已经看了几遍IDEA的教学视频: https://edu.51cto ...

  7. Istio的流量管理(实操二)(istio 系列四)

    Istio的流量管理(实操二)(istio 系列四) 涵盖官方文档Traffic Management章节中的inrgess部分. 目录 Istio的流量管理(实操二)(istio 系列四) Ingr ...

  8. Istio的流量管理(实操一)(istio 系列三)

    Istio的流量管理(实操一)(istio 系列三) 使用官方的Bookinfo应用进行测试.涵盖官方文档Traffic Management章节中的请求路由,故障注入,流量迁移,TCP流量迁移,请求 ...

  9. 动手实操:如何用 Python 实现人脸识别,证明这个杨幂是那个杨幂?

    当前,人脸识别应用于许多领域,如支付宝的用户认证,许多的能识别人心情的 AI,也就是人的面部表情,还有能分析人的年龄等等,而这里面有着许多的难度,在这里我想要分享的是一个利用七牛 SDK 简单的实现人 ...

  10. 72 个网络应用安全实操要点,全方位保护 Web 应用的安全

    原文地址:Web Application Security Checklist 原文作者:Teo Selenius(已授权) 译者 & 校正:HelloGitHub-小熊熊 & 卤蛋 ...

随机推荐

  1. matlab修改读取mat文件后的变量名

    代码如下: %% str1=load('CH1.mat'); val_names = fieldnames(str1); % 获取结构体后那个未知的变量名 data1 = getfield(str1, ...

  2. Proxmark3入门指南

    Proxmark3笔记 --Proxmark3完全入门指南 写在前面 这里所有针对扇区.区块的计数都是从0开始算 一些需要知道的知识 为了能看懂笔记,需要能回答以下问题 ID卡和IC卡主要的区别是什么 ...

  3. 记录--Threejs-着色器实现一个水波纹

    这里给大家分享我在网上总结出来的一些知识,希望对大家有所帮助 hree.js 是一个基于 WebGL 的 JavaScript 3D 库,用于创建和渲染 3D 图形场景. 一. 图像渲染过程 1.we ...

  4. Jmeter的Throughput有误差与分布式测试时的坑

    我是两台压力机,分布式启动jmeter压测180秒,结果throughput显示3075,我用总请求数/总耗时,64万左右/180秒,得到的TPS是3500左右.误差17% 网上说jmeter的thr ...

  5. Java 中文、unicode编码互转 ;汉字、二进制字符串互转

    //中文转unicode编码 public static String gbEncoding(final String gbString) { char[] utfBytes = gbString.t ...

  6. KingbaseES 串行化隔离级别引起的阻塞分析

    前言 这是实际生产环境中遇到的一个问题,前端业务有如下报错: could not serialize access due to read/write dependencies among trans ...

  7. KingbaseESV8R6全局临时表不能进行reindex操作

    背景 我们经常遇到两种情况下会重建索引,reindex 1.索引崩溃,由于软件或硬件问题导致索引内数据失效而不可用. 2.索引膨胀,当索引膨胀会占用过多磁盘空间,reindex可以解决此问题. 对于临 ...

  8. KingbaseES 咨询锁

    传统的事务性锁,读/写会自动加锁,读/写完成后会自动解锁(加解锁机制在细节上复杂),这是一种隐式的锁机制.对于加锁后的并发控制,也就是默认的写不阻塞读,是通过MVCC机制解决的.这种锁完全不需要人为干 ...

  9. Linux电脑如何下载QGIS?

      本文介绍在Linux操作系统Ubuntu版本中,通过命令行的方式,配置QGIS软件的方法.   在Ubuntu等Linux系统中,可以对空间信息加以可视化的遥感.GIS软件很少,比如ArcGIS下 ...

  10. 实现基于TCP的服务端/客户端

    服务端套接字创建过程 第一步:调用socket函数创建套接字 //成功时返回文件表述符,失败时返回-1 int socket(int __domain, int __type, int __proto ...