.NET 和 Java 产生不同的签名
我有一个 java 示例代码,我正在尝试将其转换为 .NET c# 平台。此代码加密一个字符串并为其添加签名。使用 BouncyCastle 提供程序的 Java 代码和添加签名的代码如下。
InputStream in = new FileInputStream(derkeyfilename);
byte[] privKeyBytes = new byte[in.available()];
in.read(privKeyBytes);
KeyFactory rsaKeyFac = KeyFactory.getInstance("RSA");
PKCS8EncodedKeySpec encodedKeySpec = new PKCS8EncodedKeySpec(privKeyBytes);
private RSAPrivateKey myPrivateKey = (RSAPrivateKey) rsaKeyFac.generatePrivate(encodedKeySpec);
MessageDigest md = MessageDigest.getInstance("MD5", "BC");
byte[] digest = md.digest(msg);
Signature sig = Signature.getInstance("MD5withRSA", "BC");
sig.initSign(myPrivateKey);
sig.update(digest);
byte[] signature = sig.sign();
byte[] base64 = Base64.encodeBase64(signature);
String signature = new String(base64);
任何人都可以帮我将其转换为 c# 吗?我尝试了几个示例(C# 的 BouncyCastle、openssl 等),所有示例都返回相同的签名,这与 java 生成的签名不同。我发现的另一件事是 java 使用 .der 私钥,C# 不支持该私钥(据我所知)。我对同一个证书使用 .pem 密钥。
I have a sample code in java which I am trying to convert to .NET c# platform. This code encrypts a string and add signature to it. Java code using BouncyCastle provider and the code for adding signature follows.
InputStream in = new FileInputStream(derkeyfilename);
byte[] privKeyBytes = new byte[in.available()];
in.read(privKeyBytes);
KeyFactory rsaKeyFac = KeyFactory.getInstance("RSA");
PKCS8EncodedKeySpec encodedKeySpec = new PKCS8EncodedKeySpec(privKeyBytes);
private RSAPrivateKey myPrivateKey = (RSAPrivateKey) rsaKeyFac.generatePrivate(encodedKeySpec);
MessageDigest md = MessageDigest.getInstance("MD5", "BC");
byte[] digest = md.digest(msg);
Signature sig = Signature.getInstance("MD5withRSA", "BC");
sig.initSign(myPrivateKey);
sig.update(digest);
byte[] signature = sig.sign();
byte[] base64 = Base64.encodeBase64(signature);
String signature = new String(base64);
Can anyone help me converting this to c#. I tried few samples (BouncyCastle for C#, openssl etc) and all are returning same signature which is different from what java produces. One more thing I found is java uses .der private key which is not supported in C# (as far as I know). I am using .pem key for the same certificate.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
![扫码二维码加入Web技术交流群](/public/img/jiaqun_03.jpg)
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
由于您没有显示您的 C# 点,我只能猜测您的问题是什么:
在 Java 中,您正在执行双 MD5 哈希。一次显式地出现在您的代码中,一次隐式地出现在您的
Signature
对象中(定义为MD5WithRSA
,如您所见)。因此,如果您没有在 C# 端显式执行第一个 MD5,那么您会看到:
显然,这些是不一样的,除非您的消息达到了 MD5 的固定点(非常不可能)。
除此之外,您确定 C# 签名始终相同吗?据我了解,RSA签名(在通常使用的模式中)不是确定性的,因为它包含一些随机填充数据。
As you don't show your C# point, I can only guess what your problem is:
In Java, you are doing a double MD5 hash. Once explicitly in your code, and once implicitly in your
Signature
object (which is defined asMD5WithRSA
, as you can see). Thus you have hereIf you don't do this first MD5 explicitly on the C# side, you there have:
Obviously these are not the same, unless you have hit a fixpoint of MD5 with your message (very unlikely).
Other than this, are you sure that the C# signature is always the same? As I understand, an RSA signature is (in the modes normally used) not deterministic, since it incorporates some random padding data.