RSA_sign 和 RSACryptoProvider.VerifySignature
我正在尝试快速了解如何获取一些使用 OpenSSL 进行加密的代码,以便与我用 C# 编写的另一个程序(使用 .NET 中提供的 Microsoft 加密提供程序)很好地配合。
更重要的是,我试图让 C# 程序验证 OpenSSL 代码生成的 RSA 消息签名。生成签名的代码看起来像这样:
// Code in C, using the OpenSSL RSA implementation
char msgToSign[] = "Hello World"; // the message to be signed
char signature[RSA_size(rsa)]; // buffer that will hold signature
int slen = 0; // will contain signature size
// rsa is an OpenSSL RSA context, that's loaded with the public/private key pair
memset(signature, 0, sizeof(signature));
RSA_sign(NID_sha1
, (unsigned char*)msgToSign
, strlen(msgToSign)
, signature
, &slen
, rsa);
// now signature contains the message signature
// and can be verified using the RSA_verify counterpart
// .. I would like to verify the signature in C#
在 C# 中,我将执行以下操作:
- 将对方的公钥导入到
RSACryptoServiceProvider对象中 - 接收消息及其签名
- 尝试验证签名
我'前两部分已经工作(我已经验证公钥是否正确加载,因为我设法将 RSA 加密文本从 C# 代码发送到 C 中的 OpenSSL 代码并成功解密)
为了验证签名在 C# 中,我尝试使用 RSACryptoServiceProvider 的VerifySignature 方法,但这不起作用。在互联网上挖掘,我只能找到一些模糊的信息,指出 .NET 使用与 OpenSSL 不同的方法来生成签名。那么,有人知道如何实现这一目标吗?
编辑
既然有请求,这里是 C# 方面的事情..
byte[] receivedSignature;
// ....
// receivedSignature is set to the byte array generated by the OpenSSL side
// I've verified this much is working correctly
// I use my utility to parse a PEM file and extract the other side's public key
// also, verified to be working correctly - the public key is good.
RSACryptoServiceProvider rsa = MyPEMLoader.LoadFromFile("publicKey.pem");
string msgToVerify = "Hello World";
byte[] msgBytes = Encoding.ASCII.GetBytes(msg); // other side uses ASCII, so do the same
bool verified = rsa.VerifyHash(msgBytes, "SHA1", receivedSignature);
// verfied is false.. verfification failed!
I'm trying to get up to speed on how to get some code that uses OpenSSL for cryptography, to play nice with another program that I'm writing in C#, using the Microsoft cryptography providers available in .NET.
More to the point, I'm trying to have the C# program verify an RSA message signature generated by the OpenSSL code. The code that generates the signature looks something like this:
// Code in C, using the OpenSSL RSA implementation
char msgToSign[] = "Hello World"; // the message to be signed
char signature[RSA_size(rsa)]; // buffer that will hold signature
int slen = 0; // will contain signature size
// rsa is an OpenSSL RSA context, that's loaded with the public/private key pair
memset(signature, 0, sizeof(signature));
RSA_sign(NID_sha1
, (unsigned char*)msgToSign
, strlen(msgToSign)
, signature
, &slen
, rsa);
// now signature contains the message signature
// and can be verified using the RSA_verify counterpart
// .. I would like to verify the signature in C#
In C#, I would do the following:
- import the other side's public key into an
RSACryptoServiceProviderobject - receive the message and it's signature
- try to verify the signature
I've got the first two parts working (I've verified that the public key is loading properly because I managed to send an RSA encrypted text from the C# code to the OpenSSL code in C and successfully have it decrypted)
In order to verify the signature in C#, I've tried using the: VerifySignature method of the RSACryptoServiceProvider but that didn't work. And digging around the internet I was only able to find some vague information pointing out that .NET uses a different method for generating the signature than OpenSSL does. So, does anybody know how to accomplish this?
EDIT
Since there was a request, here's the C# side of things..
byte[] receivedSignature;
// ....
// receivedSignature is set to the byte array generated by the OpenSSL side
// I've verified this much is working correctly
// I use my utility to parse a PEM file and extract the other side's public key
// also, verified to be working correctly - the public key is good.
RSACryptoServiceProvider rsa = MyPEMLoader.LoadFromFile("publicKey.pem");
string msgToVerify = "Hello World";
byte[] msgBytes = Encoding.ASCII.GetBytes(msg); // other side uses ASCII, so do the same
bool verified = rsa.VerifyHash(msgBytes, "SHA1", receivedSignature);
// verfied is false.. verfification failed!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
如果您展示 C# 代码可能会有所帮助。我认为它应该是这样的:
当然我只是猜测 UTF-8 部分。也可能是 ASCII。
编辑:这是 MSDN 页面。该示例似乎有所不同,首先对 localData 进行哈希处理。
It might help if you showed your C# code. I think it should be something like:
And of course I'm just guessing the UTF-8 part. Might be ASCII as well.
Edit: Here is the MSDN page. The example seems to do it different, localData is hashed first.
您应该删除您的 pem 实用程序,这不是必需的并使用
如果这没有帮助,您可以发布 pem 文件阅读器代码。
You should remove your pem utility, this is not required and use
If this does not help can you post pem file reader code.