如何在 .net 中对 HTTPS 请求进行数字签名？

发布于 2024-10-11 23:21:06 字数 396 浏览 2 评论 0原文

.net 中是否有内置程序可以使用客户端的 SSL 私钥对 HTTPS 请求进行数字签名？另外，是否有内置程序来验证 SSL 证书的数字签名？还是我必须自己动手？或者有第三方库吗？

我想要签名的数据是普通的 HTTP 表单请求。例如，我提供此地址来扣除卡的余额：

https://myserver/deduction

客户端将向该地址发布一个 HTTP 表单，其中包含卡=1234567890123456、货币=1、金额=1000 等数据。该数据是我想要的数据客户签字。

我需要对请求进行数字签名，因为客户端操纵金钱，所以我想确保请求确实来自客户端，并且没有人篡改请求的内容。

我也在考虑使用SSL客户端证书，但它只能提供机密性和身份验证，而不能提供数据完整性。

原文

Is there a built in procedure to digitally sign an HTTPS request with client's SSL private key in .net? Also, is there a built in procedure to verify the digital signature against an SSL certificate? Or do I have to roll my own? Or is there a third party library?

The data that I want to sign is normal HTTP form request. For example I'm providing this address to deduct balance of a card:

https://myserver/deduction

The client will post an HTTP form to that address with data like card=1234567890123456, currency=1, amount=1000, etc. This data is the one I want my client to sign.

I need the request to be digitally signed because the client manipulates money, so I want to be sure that the request really comes from the client and that nobody tampers with the content of the request.

I'm also considering using SSL client certificate, but it can only provide confidentiality and authentication, but not data integrity.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

我的鱼塘能养鲲 2024-10-18 23:21:06

这里似乎有一个完整的示例，其中包含如何在 C# 中进行基本数字签名实现的代码 http: //tutorial.visualstudioteamsystem.com/details.aspx?item=134

var MySigner = new DSACryptoServiceProvider();
string publicKey;

using (var file = new FileStream(args[0], FileMode.Open, FileAccess.Read))
{
    using (var reader = new BinaryReader(file))
    {
        var data = reader.ReadBytes((int)file.Length);

        var signature = MySigner.SignData(data);

        publicKey = MySigner.ToXmlString(false);
        Console.WriteLine("Signature: " + Convert.ToBase64String(signature));
    }
}

var verifier = new DSACryptoServiceProvider();
verifier.FromXmlString(publicKey);

using (var file = new FileStream(args[0], FileMode.Open, FileAccess.Read))
{
    using (var reader = new BinaryReader(file)) 
    { 
        byte[] data = reader.ReadBytes((int)file .Length);

        if (verifier.VerifyData(data, signature))
            Console.WriteLine("Signature");
        else
            Console.WriteLine("Signature is not verified");
    }
}

There seems to be a whole example here with code how to do basic Digital Signature Implementation in C# http://tutorial.visualstudioteamsystem.com/details.aspx?item=134

var MySigner = new DSACryptoServiceProvider();
string publicKey;

using (var file = new FileStream(args[0], FileMode.Open, FileAccess.Read))
{
    using (var reader = new BinaryReader(file))
    {
        var data = reader.ReadBytes((int)file.Length);

        var signature = MySigner.SignData(data);

        publicKey = MySigner.ToXmlString(false);
        Console.WriteLine("Signature: " + Convert.ToBase64String(signature));
    }
}

var verifier = new DSACryptoServiceProvider();
verifier.FromXmlString(publicKey);

using (var file = new FileStream(args[0], FileMode.Open, FileAccess.Read))
{
    using (var reader = new BinaryReader(file)) 
    { 
        byte[] data = reader.ReadBytes((int)file .Length);

        if (verifier.VerifyData(data, signature))
            Console.WriteLine("Signature");
        else
            Console.WriteLine("Signature is not verified");
    }
}

回复收藏 0 原文

~没有更多了~