在C#中使用sha256获取私钥文件
[英]Get private key file with sha256 in C #
问题描述
Currently I perform this operation through openssl, and I have had no problem with the generated file 
目前,我通过openssl执行此操作,并且生成的文件没有问题
openssl dgst -sha256 -sign privateKey.key -out file.txt.signature file.txt
Now, we want to automate the generation of the file using C #, but I have not been able to get the same result. 现在,我们想使用C#自动生成文件,但是我无法获得相同的结果。
public class Program
{
static void Main(string[] args)
{
Console.WriteLine(CreateToken("key...", "text"));
Console.ReadLine();
}
public static string CreateToken(string key, string message)
{
System.Text.ASCIIEncoding encoding = new System.Text.ASCIIEncoding();
byte[] keyByte = encoding.GetBytes(key);
HMACSHA256 hmacsha256 = new HMACSHA256(keyByte);
byte[] messageBytes = encoding.GetBytes(message);
byte[] hashmessage = hmacsha256.ComputeHash(messageBytes);
return System.Text.Encoding.UTF8.GetString(hashmessage);
}
}
I'm new to working with this, what would be the right way? 我是新手,什么是正确的方法?
Am I not retrieving the information properly ?, Should I get the content directly from the file? 我是否无法正确检索信息?,是否应该直接从文件中获取内容?
Thank you very much. 非常感谢你。
1 个解决方案
解决方案1
0 2016-12-01 21:46:22
Signature generation is not the same thing as HMAC message authentication and it uses a different key. 签名生成与HMAC消息身份验证不同,它使用不同的密钥。 As HMAC can use a key of any size, it will probably take the private key, but that's not how it is supposed to work. 由于HMAC可以使用任何大小的密钥,因此可能会使用私钥,但这不是应该的方式。 RSA is an asymmetric algorithm that uses private and public keys, MAC uses symmetric, secret keys. RSA是使用私钥和公钥的非对称算法,MAC使用对称的秘密密钥。 The dgst -sign instead uses RSA PKCS#1 v1.5 padding to sign the file. 而是使用dgst -sign使用RSA PKCS#1 v1.5填充对文件进行签名。
From the OpenSSL Wiki on dgst : 从dgst上的OpenSSL Wiki :
When signing a file, dgst will automatically determine the algorithm (RSA, ECC, etc) to use for signing based on the private key's ASN.1 info.
HMAC is not the same thing as SHA-256 either. HMAC与SHA-256也不相同。 RSA signature generation uses a hash, not a HMAC. RSA签名生成使用哈希而不是HMAC。 You should use the SHA256 class to create a hash. 您应该使用SHA256类创建哈希。 HMAC is a message authentication code build using the SHA-256 hash. HMAC是使用 SHA-256哈希的消息身份验证代码构建 。 However, the SHA class is not needed as signature generation usually includes the hash generation (you sign a message, not a hash value). 但是,不需要SHA类,因为签名生成通常包括哈希生成(您对消息签名,而不是哈希值)。
So to create a signature, take a look at the RSAPKCS1SignatureFormatter class, it includes an example at the bottom. 因此,要创建签名,请查看RSAPKCS1SignatureFormatter类,该类在底部包括一个示例。 Try again using this example. 使用此示例再试一次。
Make sure your message only contains ASCII (both in the text file as in your string) or your result may fail as well. 确保您的消息仅包含ASCII(文本文件中和字符串中都包含),否则结果也可能失败。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.