[英]How to decrypt data signed by RSACryptoServiceProvider
I am starting to use encryption and decryption in my web service. 我开始在Web服务中使用加密和解密。 I am using the RSACryptoServiceProvider and when using the Encrypt & Decrypt methods, I have no problem.
我正在使用RSACryptoServiceProvider,并且在使用“ 加密和解密”方法时,我没有问题。
However, as soon as I try to use the SignData method with new SHA1CryptoServiceProvider() as encryption method, I am unable to recover the original data. 但是,一旦我尝试将SignData方法与新的SHA1CryptoServiceProvider()作为加密方法一起使用,我将无法恢复原始数据。 I am only able to verify them.
我只能验证它们。 Is it really not possible to retrieve the signed data?
真的不可能检索签名的数据吗? If so, what is the purpose of the whole signing process?
如果是这样,整个签名过程的目的是什么? And is there another possibility how to encrypt data by a certain algorithm?
还有另一种可能性如何通过某种算法加密数据?
EDIT: I am posting the code, which is just an altered example from MSDN 编辑:我发布代码,这只是从MSDN的更改的示例
static void Main()
{
try
{
//Create a UnicodeEncoder to convert between byte array and string.
ASCIIEncoding ByteConverter = new ASCIIEncoding();
string dataString = "Data to Encrypt";
//Create byte arrays to hold original, encrypted, and decrypted data.
byte[] dataToEncrypt = ByteConverter.GetBytes(dataString);
byte[] encryptedData;
byte[] signedData;
byte[] decryptedData;
byte[] unsignedData;
var fileName = ConfigurationManager.AppSettings["certificate"];
var password = ConfigurationManager.AppSettings["password"];
var certificate = new X509Certificate2(fileName, password);
//Create a new instance of the RSACryptoServiceProvider class
// and automatically create a new key-pair.
RSACryptoServiceProvider RSAalg = (RSACryptoServiceProvider)certificate.PrivateKey;
//RSAPKCS1SignatureDeformatter def = (RSAPKCS1SignatureDeformatter)certificate.PrivateKey;
//Display the origianl data to the console.
Console.WriteLine("Original Data: {0}", dataString);
//Encrypt the byte array and specify no OAEP padding.
//OAEP padding is only available on Microsoft Windows XP or
//later.
encryptedData = RSAalg.Encrypt(dataToEncrypt, false);
signedData = RSAalg.SignData(dataToEncrypt, new SHA1CryptoServiceProvider());
//Display the encrypted data to the console.
Console.WriteLine("Encrypted Data: {0}", ByteConverter.GetString(encryptedData));
Console.WriteLine("Signed Data: {0}", ByteConverter.GetString(signedData));
//Pass the data to ENCRYPT and boolean flag specifying
//no OAEP padding.
decryptedData = RSAalg.Decrypt(encryptedData, false);
//In the next line I get the error of wrong data
unsignedData = RSAalg.Decrypt(signedData, false);
//Display the decrypted plaintext to the console.
Console.WriteLine("Decrypted plaintext: {0}", ByteConverter.GetString(decryptedData));
Console.WriteLine("Unsigned plaintext: {0}", ByteConverter.GetString(unsignedData));
}
catch (CryptographicException e)
{
//Catch this exception in case the encryption did
//not succeed.
Console.WriteLine(e.Message);
}
Console.Read();
}
SHA1 is a hash function, so you cant compute a message that has a given hash. SHA1是一个哈希函数,因此您无法计算具有给定哈希值的消息。 In other words, you cant sign/unsign the message, you only can sign and verify it.
换句话说,您不能签名/取消签名,只能签名和验证。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.