stackoom
  简体   繁体   中英

How do I digitally sign an HTTPS request in .net?

 原文  2011-01-14 04:44:39       .net/ ssl/ https/ digital-signature

Question

Is there a built in procedure to digitally sign an HTTPS request with client's SSL private key in .net? Also, is there a built in procedure to verify the digital signature against an SSL certificate? Or do I have to roll my own? Or is there a third party library?

The data that I want to sign is normal HTTP form request. For example I'm providing this address to deduct balance of a card: 

https://myserver/deduction

The client will post an HTTP form to that address with data like card=1234567890123456, currency=1, amount=1000, etc. This data is the one I want my client to sign.

I need the request to be digitally signed because the client manipulates money, so I want to be sure that the request really comes from the client and that nobody tampers with the content of the request.

I'm also considering using SSL client certificate, but it can only provide confidentiality and authentication, but not data integrity.

1 answers

solution1
 1 ACCPTED  2011-01-14 06:53:49

There seems to be a whole example here with code how to do basic Digital Signature Implementation in C# http://tutorial.visualstudioteamsystem.com/details.aspx?item=134 

var MySigner = new DSACryptoServiceProvider();
string publicKey;

using (var file = new FileStream(args[0], FileMode.Open, FileAccess.Read))
{
    using (var reader = new BinaryReader(file))
    {
        var data = reader.ReadBytes((int)file.Length);

        var signature = MySigner.SignData(data);

        publicKey = MySigner.ToXmlString(false);
        Console.WriteLine("Signature: " + Convert.ToBase64String(signature));
    }
}

var verifier = new DSACryptoServiceProvider();
verifier.FromXmlString(publicKey);

using (var file = new FileStream(args[0], FileMode.Open, FileAccess.Read))
{
    using (var reader = new BinaryReader(file)) 
    { 
        byte[] data = reader.ReadBytes((int)file .Length);

        if (verifier.VerifyData(data, signature))
            Console.WriteLine("Signature");
        else
            Console.WriteLine("Signature is not verified");
    }
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How can I digitally sign an email in .NET? How to digitally sign PDF files with smartcards in .NET? How can I programmatically obtain the company info used to digitally sign an assembly in .NET? How to digitally sign Open Office XML document in client-server paradigm with ASP .NET webservices? Whats the best way digitally sign a zip file for download using .Net How to digitally sign an assembly in Visual Studion 2010 and above? How do I add a timestamp when digitally signing a file in C#? How do i sign variables? .Net how to sign a certificate request (.csr) from a CA server How do I Create an HTTP Request Manually in .Net?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM