如何使用 BouncyCastle (C#) 导入 ASN.1 格式的 DSA 签名

发布于 2024-08-08 22:45:37 字数 1198 浏览 3 评论 0原文

OpenSSL 以及大多数其他 DSA 实现都以 ASN.1 格式输出签名。因此，由于 ASN.1 结构标头，40 字节签名（两个 20 字节整数）变为 46 字节。（有关详细信息，请参阅此论坛帖子。）

我的问题是，如何在 C# 中处理这种格式？（或其他地方，就此而言）

我花了一段时间尝试使用 .NET System.Security.Crypto 包来处理它，但给出了对此（真的令人沮丧，因为它显然有内部代码来解析 ASN.1，因为它可以读取 DER 格式，但你无法使用它 - 但我离题了......）

然后，我开始使用 BouncyCastle C# 库。我可以将它放入 Asn1Object 中，如果我在调试时展开它，我会看到它包含一个带有两个整数的 DerSequence ，但是我如何将它们拉出来（最好是到 BigIntegers 中，以便我可以将它们提供给 DSA.VerifySignature ？）

代码示例：

Byte[] msgText = ReadFile("test_msg.txt");
Byte[] msgSigRaw = ReadFile("test_sig_1.bin");  // reads binary ASN.1 sig using FileStream
Asn1Object sigASN = Asn1Object.FromByteArray(msgSigRaw);  // parses into Asn1Object
...
X509Certificate implCert = ReadCertificate("pubcert_dsa.cer");  // cert in DER format
DsaSigner DSA = new DsaSigner();
DSA.Init(false, implCert.GetPublicKey());
...
BigInteger sigIntR, sigIntS;
... //TODO: how to get signature from sigASN into sigIntR, sigIntS?
Boolean validSig = DSA.VerifySignature(msgText, sigIntR, sigIntS);  // my goal

原文

OpenSSL, as well as most other DSA implementations, outputs signatures in ASN.1 format. Thus, the 40-byte signature (two 20-byte integers) becomes 46 bytes due to the ASN.1 structure headers. (See this forum post for details.)

My question is, how does one handle this format in C#? (or elsewhere, for that matter)

I spent a while trying to deal with it using the .NET System.Security.Crypto packages, but gave up on that (really frustrating, because it clearly has internal code to parse ASN.1 since it can read DER format, but there's no way for you to use it -- but I digress...)

Then, I started working with the BouncyCastle C# library. I can get it into an Asn1Object, and if I expand it while debugging I see that it contains a DerSequence with the two integers, but how do I pull them out (preferably into BigIntegers so I can feed them to DSA.VerifySignature?)

Code sample:

Byte[] msgText = ReadFile("test_msg.txt");
Byte[] msgSigRaw = ReadFile("test_sig_1.bin");  // reads binary ASN.1 sig using FileStream
Asn1Object sigASN = Asn1Object.FromByteArray(msgSigRaw);  // parses into Asn1Object
...
X509Certificate implCert = ReadCertificate("pubcert_dsa.cer");  // cert in DER format
DsaSigner DSA = new DsaSigner();
DSA.Init(false, implCert.GetPublicKey());
...
BigInteger sigIntR, sigIntS;
... //TODO: how to get signature from sigASN into sigIntR, sigIntS?
Boolean validSig = DSA.VerifySignature(msgText, sigIntR, sigIntS);  // my goal

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

此岸叶落 2024-08-15 22:45:37

看看这篇 CodeProject 文章： http://www.codeproject.com/KB/ security/CryptoInteropSign.aspx

它包含将 DSA 签名转换为 C# 中所需的 P1363 格式的代码。

回复收藏 0 原文

不疑不惑不回忆 2024-08-15 22:45:37

有关如何在 BouncyCastle C# 中验证 DSA 签名的一些示例代码：

ISigner sig = SignerUtilities.GetSigner("SHA1withDSA");
sig.Init(false, implCert.GetPublicKey());
sig.BlockUpdate(msgText, 0, msgText.Length);
bool valid = sig.VerifySignature(msgSigRaw);

请注意，此签名者将为您处理 ASN.1 和消息摘要的计算（我假设此处使用了 SHA-1）。

如果您确实想知道 {r,s} 值与 ASN.1 之间的转换是如何发生的，请查看 DsaDigestSigner 的源代码。它在内部执行适当的 ASN.1 编码/解码，然后使用 DsaSigner 类进行低级 sig 操作。

Some example code of how to verify a DSA signature in BouncyCastle C#:

ISigner sig = SignerUtilities.GetSigner("SHA1withDSA");
sig.Init(false, implCert.GetPublicKey());
sig.BlockUpdate(msgText, 0, msgText.Length);
bool valid = sig.VerifySignature(msgSigRaw);

Note that this signer will deal with the ASN.1 and the calculation of the message digest (I've assumed SHA-1 was used here) for you.

If you still really want to know how the conversions of the {r,s} values to/from ASN.1 happen, then have a look in the source for DsaDigestSigner. Internally it does the appropriate ASN.1 encoding/decoding and then uses DsaSigner class for the low-level sig operation.

回复收藏 0 原文

~没有更多了~