.NET 和 Java 产生不同的签名

发布于 2024-11-28 22:45:49 字数 966 浏览 1 评论 0原文

我有一个 java 示例代码,我正在尝试将其转换为 .NET c# 平台。此代码加密一个字符串并为其添加签名。使用 BouncyCastle 提供程序的 Java 代码和添加签名的代码如下。

 InputStream in = new FileInputStream(derkeyfilename);
 byte[] privKeyBytes = new byte[in.available()]; 
 in.read(privKeyBytes);
 KeyFactory rsaKeyFac = KeyFactory.getInstance("RSA");
 PKCS8EncodedKeySpec encodedKeySpec = new PKCS8EncodedKeySpec(privKeyBytes);
 private RSAPrivateKey myPrivateKey = (RSAPrivateKey) rsaKeyFac.generatePrivate(encodedKeySpec);

 MessageDigest md = MessageDigest.getInstance("MD5", "BC");
 byte[] digest = md.digest(msg);
 Signature sig = Signature.getInstance("MD5withRSA", "BC");
 sig.initSign(myPrivateKey);
 sig.update(digest);
 byte[] signature = sig.sign();
 byte[] base64 = Base64.encodeBase64(signature);
 String signature = new String(base64);

任何人都可以帮我将其转换为 c# 吗?我尝试了几个示例(C# 的 BouncyCastle、openssl 等),所有示例都返回相同的签名,这与 java 生成的签名不同。我发现的另一件事是 java 使用 .der 私钥,C# 不支持该私钥(据我所知)。我对同一个证书使用 .pem 密钥。

I have a sample code in java which I am trying to convert to .NET c# platform. This code encrypts a string and add signature to it. Java code using BouncyCastle provider and the code for adding signature follows.

 InputStream in = new FileInputStream(derkeyfilename);
 byte[] privKeyBytes = new byte[in.available()]; 
 in.read(privKeyBytes);
 KeyFactory rsaKeyFac = KeyFactory.getInstance("RSA");
 PKCS8EncodedKeySpec encodedKeySpec = new PKCS8EncodedKeySpec(privKeyBytes);
 private RSAPrivateKey myPrivateKey = (RSAPrivateKey) rsaKeyFac.generatePrivate(encodedKeySpec);

 MessageDigest md = MessageDigest.getInstance("MD5", "BC");
 byte[] digest = md.digest(msg);
 Signature sig = Signature.getInstance("MD5withRSA", "BC");
 sig.initSign(myPrivateKey);
 sig.update(digest);
 byte[] signature = sig.sign();
 byte[] base64 = Base64.encodeBase64(signature);
 String signature = new String(base64);

Can anyone help me converting this to c#. I tried few samples (BouncyCastle for C#, openssl etc) and all are returning same signature which is different from what java produces. One more thing I found is java uses .der private key which is not supported in C# (as far as I know). I am using .pem key for the same certificate.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

我不会写诗 2024-12-05 22:45:49

由于您没有显示您的 C# 点,我只能猜测您的问题是什么:

在 Java 中,您正在执行双 MD5 哈希。一次显式地出现在您的代码中,一次隐式地出现在您的 Signature 对象中(定义为 MD5WithRSA,如您所见)。因此,

signatureJava = RSA(MD5(MD5(msg)))

如果您没有在 C# 端显式执行第一个 MD5,那么您会看到:

signatureC# = RSA(MD5(msg))

显然,这些是不一样的,除非您的消息达到了 MD5 的固定点(非常不可能)。

除此之外,您确定 C# 签名始终相同吗?据我了解,RSA签名(在通常使用的模式中)不是确定性的,因为它包含一些随机填充数据。

As you don't show your C# point, I can only guess what your problem is:

In Java, you are doing a double MD5 hash. Once explicitly in your code, and once implicitly in your Signature object (which is defined as MD5WithRSA, as you can see). Thus you have here

signatureJava = RSA(MD5(MD5(msg)))

If you don't do this first MD5 explicitly on the C# side, you there have:

signatureC# = RSA(MD5(msg))

Obviously these are not the same, unless you have hit a fixpoint of MD5 with your message (very unlikely).

Other than this, are you sure that the C# signature is always the same? As I understand, an RSA signature is (in the modes normally used) not deterministic, since it incorporates some random padding data.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文