堆栈内存溢出
  简体   繁体   English

无法在C#中签名/验证签名

[英]Fail to Sign/Verify signature in C#

 原文  2019-01-04 19:13:37       c#/ cryptography/ signature/ public-key

问题描述

I am trying to use the .Net RSA functions to sign a Hash, but when i try to Sign the hash and then verify the Signed string it turns out false. 我正在尝试使用.Net RSA函数对哈希进行签名,但是当我尝试对哈希进行签名然后验证Signed字符串时,结果为false。 This can be reproduced by running the DoTest() Function. 可以通过运行DoTest()函数来重现该DoTest()

Any help would be appreciated. 任何帮助,将不胜感激。 

using System;
using System.Text;

using System.Security.Cryptography;

namespace Crypto
{
    public static class Signing
    {
        public static string Sign(string Hash)
        {
            RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();
            RSA.FromXmlString("<RSAKeyValue><Modulus>pnjojEb82qGpB4/AkI3ydcF1L9cy33u1bT2dFoU5FlVQWUOYunl11M3cjsYSm/cpM6qjh0oQcaqdRUrUGK4NLiBypPCYlxRym+ZYh2TSeEWZSMxxmdxcWVQo2fZji7sq38XB2inB4WoogYwX4a+4Jenj1lzcrs+08uqSgExRIQOEi2DldQLGo5P9IocptlYCDRN5qR0ARVlpxvFMmC/rcoKS2g1RZLz+rbLOaIFFQY4PE3TL4CLe2dmc/WmD0w6CsjY4Q9EiCwn+FUqPzm9Vo539l3n7y25Db18E4kxHOlGq0iFv5MeXEqWn51Fst9aZnq9AvDJqh/hDIShJ2HqnwxpN4a2LZp5mGbauyX5KtHa5G87I0ExZf4cX08Nn44KeQ8l3ouAnes+BhsuXt12ijQPycxgCMt9Mn6MjOnSa1oATouiefz131Rj3OBmVQku6p8q4pAy9ALmxn+28m7A1KJrRNGDXNJAOFeyueukhg+VJiRAGSeAoanm5ykmaDOE0clBQxTYcrTpKI/6xrlNglJi1v1Z9ZitxzmaAN7ZJBJ/elm1hr8KEGRMxtt8xCpzE1+2rMiHlD9qMn42H2N72YQam81UtGarLMzkY/egS6ds7rx3ccB+HFpPVJan/+pIvCbRpuaNcWIX8wjhaWS0IKSTP6Y7vzNebZVdr0+TQ18U=</Modulus><Exponent>AQAB</Exponent><P>wJjH5cYFiOYIz/9IENUiZ/F6TkE0jq2l8JpXk2dGKvzqlOO93i6pJ2rRUdugLRiqzSOt+yE2Jpxued6gumzqvsy0q5HLTqY1n0eLVOfkn4x8tRvMAVbW185duBkgHLuLAzkJqnAd8CXpkca4M7mvWi4EDpiPoSJjeZt0kSkaRzjOSEp4Q5WZUhN5gRM7mn2VQSawFIJtNxAJLuneEc03D8O41+9KVQ8sS7AIVZdu6ortvBveU8e7HA/CNIutyFcdtgoCu4XUQSlAQQD75qlfSJvPT7rvxUsc53FKAIcQNz28g4Zy8/2K8B7T6SChsalUNcbiDuQcBtzAEBDkDlO8Fw==</P><Q>3UZ35kUnAbj/IY/kSsOsMwWjw0djKnY+Yt22vcN4FImhMyMTKKnpCbX+XFQpK6Gh8Gv4lVjgeDi+fb6AbzDFff2fEGwmVyI4EkRa50KdTQKwCZrxwpljngl3M06vTXzjV1L9IcBXQt3so7HA4YJ4kY8woadgz/41+dij6Nlz4bAn+VA8QIbjR0x9rOR/FxM0cCsTqNYsDUxmyqwPlqWdA73KoAFyjGg12fij3BKZdT3AnGeOZUp4Ukb/Xapaj8E8jIAtl1/p9uVEj6gZqcSkBhj1IE+zJ54iS7u8Ijd8SBcLbfsJ+12FXCT/zFsTJ+UUro+dQYKzUe05WMN5Eowogw==</Q><DP>A1LfqER5lfo6TrSeHsQ+2sJdFPqlGI1Ant1bA401tco1lioz/aCahLagNCRxKDYTxISIHRxend33Ph0scussReysdYWHl6zgogYPDoEN/f7jrBB1vdQs0v6ZuXKdjkFiTcTvOMTEj39n/38JcMMUlp7SrRnO6L36L4ASS+sErBP74119o9TyF2uEnkihr7HZII21XjU+A0RAlFGu5mm/OINtLjTP+JXRcuDv0+JQJLYPEj784D9DKGHRPSzn69wtBBY6I9hUaGd412ZX8owbu9oMgti8CJCaSBg5abbq/bkQBskMNM+8VRaDG7PXdoRwkpkDD7S6Exg+LEjOVrz1Mw==</DP><DQ>2mYMP6Zvep7KiqjIThbVpsJhQYP7V9S/fLuS+7erlLHG/n8XEOKrVV9hAGY9AIiXGoKnJ1lCrMZtFhVqFNURiGpEjmQAb64ho7397xXrxi/p6oEZL9ZP4ZM8KNL36cZjaTRLDf4W4rPCNktisfIh6KFpAZT/1Cr3wXNXTKMcYlyJB+Vuos3AFAZmYLhizDazYibST6mcbz/CkTXEaQ9ra17vWIA1PGo7BLoJmVRuTK63pmf7vvQC0EqtEBjtK8gxaAe3eBo+BeeChTwIoGyq7C3D+7FOhcLp3NAeP7N+InVEXbgSwRwsXadTJrOZs53CjQzIzPkg3rMDEB5XKLxX2w==</DQ><InverseQ>srv0aCRx+dycT8mBMxGemXBal88+lPDd4l1okp1CY0Lv7lL2AojYQvQT3Ks8AuSzLyWuZ8sQl2JD/QsluZSbvWLb/RMW/h64DbM3ei108krbu5EHPWyGDdJSTtDR0XtNouQBCS4D1rc8M2psexexpIr/8uQG93I2h3hAddQ4SSspQs3oV4PMSVwFQLsxTaxVMi+F+Enu2W5a98+MPCQGoZcwatu3gow+2lFFAe2lTcSiEZdJEUbyxWG6sgh1iBv0gypN3Bny06peK1gZLd+IAyjpYyl9JCPZqWXxvcaJUtduR/JGA8NypCs+QBNwse2d4ipJVxhn756EOavOR/GYHg==</InverseQ><D>dRWpCbCL+wGkrurOV11e4K+WSnWjFEggDJs/Ny2wPyL2BjJi4xS2aVv4+noZcJTf57TmmyrecfO79ZZxooIYRw8PUy7dQ7Vf/oJ+VYv19B2PeAJDDCJO2Y01xkdjME4OE6E1fMnN0Usm/iaYTWWXsSLV2lkp5dG0xP1y2MXUcdHVkWovOKMhLr/RVE2YauQHQUcnVGhPXndKzF++rXNWuA1aV/7x9lZvEaAnSJ1TJo5R0C9fjV85OiOyJRHnY7Ra/BjibeBTf0wh5ruwdVMc+p0OVVG4ZRZCW7yK5NcdackyyeQ2nMQ8XyMf+rPsMUjAdzlv4G3dO5DDNjjt51ItVwq7jSPbWf27D6aDW7OhR7fOszY+SwxOscAXaXm1w9VygzqQLSgYNcfe4ivOgzv0VfCrYIsakjRNTtuQz41Mi3LbxtHugmfjOGkmtEd046SMIlkJpPwi+neSYRRcq+e1nxHBFhPtS76WjMXBOHveX1ge+OD70r8i0kMFFdCaDsh0XubB6vAm7gzfZ3HOt6phSaaBTd4iYfNNtkIIbtlYgoDWnZT/QfRDSw26S0ZNJKfb+ysq88+MLvf00xIGMxIIat3YFNgvdAQ47LoLq3CpTHYeFkT2wMoO9gLHfJVW0aJ027fIO5mnJTNj/G0TRqRnh25RdwZQt2pQxQbkhOW/PGk=</D></RSAKeyValue>");
            byte[] SignedHashValue = RSA.SignHash(HashBytes(Hash),"SHA512");
            return (Convert.ToBase64String(SignedHashValue));
        }

        public static bool Verify(string signature, string Hash)
        {
            RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();
            RSA.FromXmlString("<RSAKeyValue><Modulus>pnjojEb82qGpB4/AkI3ydcF1L9cy33u1bT2dFoU5FlVQWUOYunl11M3cjsYSm/cpM6qjh0oQcaqdRUrUGK4NLiBypPCYlxRym+ZYh2TSeEWZSMxxmdxcWVQo2fZji7sq38XB2inB4WoogYwX4a+4Jenj1lzcrs+08uqSgExRIQOEi2DldQLGo5P9IocptlYCDRN5qR0ARVlpxvFMmC/rcoKS2g1RZLz+rbLOaIFFQY4PE3TL4CLe2dmc/WmD0w6CsjY4Q9EiCwn+FUqPzm9Vo539l3n7y25Db18E4kxHOlGq0iFv5MeXEqWn51Fst9aZnq9AvDJqh/hDIShJ2HqnwxpN4a2LZp5mGbauyX5KtHa5G87I0ExZf4cX08Nn44KeQ8l3ouAnes+BhsuXt12ijQPycxgCMt9Mn6MjOnSa1oATouiefz131Rj3OBmVQku6p8q4pAy9ALmxn+28m7A1KJrRNGDXNJAOFeyueukhg+VJiRAGSeAoanm5ykmaDOE0clBQxTYcrTpKI/6xrlNglJi1v1Z9ZitxzmaAN7ZJBJ/elm1hr8KEGRMxtt8xCpzE1+2rMiHlD9qMn42H2N72YQam81UtGarLMzkY/egS6ds7rx3ccB+HFpPVJan/+pIvCbRpuaNcWIX8wjhaWS0IKSTP6Y7vzNebZVdr0+TQ18U=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>");
            bool verified = RSA.VerifyData(HashBytes(Hash),"SHA512", Convert.FromBase64String(signature));
            return verified;
        }

        public static byte[] HashBytes(String hex)
        {
            int NumberChars = hex.Length;
            byte[] bytes = new byte[NumberChars / 2];
            for (int i = 0; i < NumberChars; i += 2)
            {
                bytes[i / 2] = Convert.ToByte(hex.Substring(i, 2), 16);
            }
            return bytes;
        }

        public static void DoTest()
        {
            string hash = "878AE65A92E86CAC011A570D4C30A7EAEC442B85CE8ECA0C2952B5E3CC0628C2E79D889AD4D5C7C626986D452DD86374B6FFAA7CD8B67665BEF2289A5C70B0A1";
            string signed = Sign(hash);
            bool Verified = Verify(signed, hash);
            Console.WriteLine(Verified);
        }
    }
}

1 个解决方案

解决方案1
 0 已采纳  2019-01-04 22:35:58

You shouldn't use the RSAPKCS1SignatureFormatter class, when you try to verify a hash with the RSACryptoServiceProvider.VerifyData() method. 当您尝试使用RSACryptoServiceProvider.VerifyData()方法验证哈希时,不应使用RSAPKCS1SignatureFormatter类。 The signature must come from the RSACryptoServiceProvider.SignData() method, as stated in the documentation of RSACryptoServiceProvider.VerifyData() : 签名必须来自RSACryptoServiceProvider.SignData()方法,如RSACryptoServiceProvider.VerifyData()文档中所述:

Remarks 备注

This method verifies the RSA digital signature produced by the SignData method. 此方法验证由SignData方法生成的RSA数字签名。 [...] [...]

Use the SignData() method to sign the data and use the VerifyData() method to check the signature. 使用SignData()方法对数据签名,并使用VerifyData()方法检查签名。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在 C# 中使用 SHA256 签名对 ECDSA 进行签名和验证 - How to sign and verify an ECDSA with SHA256 signature in C# 用PHP签名,用C#验证 - Sign with PHP, verify with C# phpseclib在C#中签名并验证 - phpseclib sign and verify in C# 登录 phpseclib 并在 C# 中验证 - Sign in phpseclib and Verify in C# 无法验证在C#中创建的签名 - Unable to verify signature created in C# 以编程方式验证 C# 中 .exe 的数字签名 - Programmatically verify digital signature of .exe in C# 仅使用公钥验证签名 (C#) - Verify signature with public key only (C#) C#如何验证JWT令牌上的签名? - C# How to verify signature on JWT token? 无法在C#中验证PyOpenSSL签名 - Can't verify PyOpenSSL signature in C# 验证 JWT 令牌 c# 的签名 - verify signature of JWT Token c#
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM