[英]phpseclib sign and verify in C#
I need to sign the string with private Key using RSA phpseclib and then verify it in C# . 我需要使用RSA phpseclib使用私钥对字符串签名 ,然后在C#中进行验证。 I have seen many examples of how to encrypt in C# and decrypt in php, but none of how to sign string in php and verify in .NET.
我见过很多关于如何在C#中进行加密和在php中进行解密的示例,但是没有一个如何在php中对字符串进行签名并在.NET中进行验证的示例。
here is php code: 这是PHP代码:
include('Crypt/RSA.php');
$info = "Something";
$PrivateKey= "<RSAKeyValue><Modulus>3C5QWo4H+............"; //long string
$unsignedString = base64_encode($info);
$signedString = HashAndSignBytes($info, $PrivateKey);
file_put_contents('file.txt', $unsignedString."\n".$signedString);
function HashAndSignBytes($stringToSign, $Key) {
$rsa = new Crypt_RSA();
$rsa->loadKey($Key); // private key
$rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
$signature = $rsa->sign($stringToSign);
return base64_encode($signature);
}
and here is my attempt to read the file and verify it in C#: 这是我尝试读取文件并在C#中进行验证:
const string publicKey = @"<RSAKeyValue><Modulus>3C5QWo4H.....";
TextReader reader = new StreamReader(path, Encoding.ASCII);
var unsignedString = reader.ReadLine();
var signedString = reader.ReadLine();
reader.Close();
if (VerifySignedHash(unsignedString,signedString, publicKey)) {
//some code
}
private bool VerifySignedHash(string stringToVerify, string signedString, string publicKey)
{
var byteConverter = new ASCIIEncoding();
var dataToVerify = Convert.FromBase64String(stringToVerify);
var signedData = Convert.FromBase64String(signedString);
try
{
// Create a new instance of RSACryptoServiceProvider using the
// key from RSAParameters.
var rsaAlg = new RSACryptoServiceProvider();
rsaAlg.FromXmlString(publicKey);
// Verify the data using the signature. Pass a new instance of SHA1CryptoServiceProvider
// to specify the use of SHA1 for hashing.
return rsaAlg.VerifyData(dataToVerify, new SHA1CryptoServiceProvider(), signedData);
}
catch (CryptographicException e)
{
Console.WriteLine(e.Message);
return false;
}
}
verfication fails... 验证失败...
In your "signing" code, you base64encode the original string, then write that string to the output file. 在“签名”代码中,对原始字符串进行base64编码,然后将该字符串写入输出文件。 However, on the C# side, you read that value into unsignedString, but never reverse the base64 encoding.
但是,在C#端,您将该值读入unsignedString,但从不反转base64编码。
The end result is that you're trying to verify the bytes of the base64Encoded string, not the data itself, so the VerifyData step fails. 最终结果是您尝试验证base64Encoded字符串的字节,而不是数据本身,因此VerifyData步骤失败。
Think that's your problem. 认为那是你的问题。
Modifying the following line might solve the problem: 修改以下行可能会解决问题:
var dataToVerify = Convert.FromBase64String(stringToVerify);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.