在 C# 中验证在 Java 中签名的内容
[英]Verifying in C# what was signed in Java
问题描述
I am trying to port a code from C# to java.
我正在尝试将代码从 C# 移植到 Java。 There is a part which requires a String to be signed using RSA/Sha1.有一部分需要使用 RSA/Sha1 对字符串进行签名。
To make sure that the java code produces the same result as the C# code, I tried to sign a string from java, and use existing c# code to verify the signature.为了确保 java 代码产生与 C# 代码相同的结果,我尝试从 java 对字符串进行签名,并使用现有的 c# 代码来验证签名。 My challenge is I am unable to verify the string which was signed in Java.我的挑战是我无法验证用 Java 签名的字符串。
Here is the code;这是代码;
Java method for Signing:用于签名的 Java 方法:
public static String signPayload(byte[] stringToSign, PrivateKey privateKey){
try {
Signature rsaSignatureProvider = Signature.getInstance("SHA1withRSA");
rsaSignatureProvider.initSign(privateKey);
rsaSignatureProvider.update(stringToSign);
byte[] signature = rsaSignatureProvider.sign();
return new String(Base64.encodeBase64String(signature));
} catch (Exception ex) {
ex.printStackTrace();
}
return null;
}
C# method for signing: C#签名方法:
public String signPayload(String stringToSign, AsymmetricAlgorithm privateKey)
{
var hash = sha1.ComputeHash(Convert.FromBase64String(stringToSign));
RSACryptoServiceProvider cryptoProv = (RSACryptoServiceProvider)privateKey;
return Convert.ToBase64String(cryptoProv.SignHash(hash, CryptoConfig.MapNameToOID("SHA1")));
}
C# method which I am using to verify signed data:我用来验证签名数据的 C# 方法:
public bool verifyHash(String signature, String stringToSign, PublicKey publicKey)
{
bool isVerified = false;
var responseHash = sha1.ComputeHash(Convert.FromBase64String(stringToSign));
RSACryptoServiceProvider publicKeyCrypto = (RSACryptoServiceProvider)publicKey.Key;
isVerified = publicKeyCrypto.VerifyHash(responseHash, CryptoConfig.MapNameToOID("SHA1"), Convert.FromBase64String(signature));
return isVerified;
}
I am unable to see the gap between the two method for signing (Java and C#).我看不到两种签名方法(Java 和 C#)之间的差距。 What is that I am doing wrong in my Java code?我在 Java 代码中做错了什么?
2 个解决方案
解决方案1
2 2016-11-19 00:04:44
I have managed to resolve my problem by changing the way I encode the signature.我通过改变我对签名的编码方式设法解决了我的问题。 Below is the code;下面是代码;
public static String signPayload(byte[] stringToSign, PrivateKey privateKey) {
try {
Signature rsaSignatureProvider = Signature.getInstance("SHA1withRSA");
rsaSignatureProvider.initSign(privateKey);
rsaSignatureProvider.update(stringToSign);
byte[] signature = rsaSignatureProvider.sign();
return java.util.Base64.getEncoder().encodeToString(signature);
} catch (Exception ex) {
ex.printStackTrace();
}
return null;
}
解决方案2
0 2021-03-08 20:20:06
I resolved my problem with encode .我用encode解决了我的问题。
C# using default UTF-16LE C# 使用默认的UTF-16LE
The byte array used to sign or validate has to have the same encoding, in my case using "UTF-16LE" on both sides.用于签名或验证的字节数组必须具有相同的编码,在我的情况下,双方都使用“UTF-16LE”。
String transaction="Hola loco";
byte[] messageToSignOrValidate = transaction.getBytes("UTF-16LE");
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.