的RSACryptoServiceProvider（.NET的RSA）可用于加密（不签名）SHA256，而不是SHA1？ [英] Can RSACryptoServiceProvider (.NET's RSA) use SHA256 for encryption (not signing) instead of SHA1?

问题描述

当加密，可以的RSACryptoServiceProvider（或任何其他的RSA加密购自.NET）使用SHA256代替SHA1

SHA1似乎没有办法被硬编码更改。例如，RSACryptoServiceProvider.SignatureAlgorithm是硬编码返回http://www.w3.org/2000/09/xmldsig#rsa-sha1。

如果有是没有办法让的RSACryptoServiceProvider使用SHA256，有什么办法？

---

更新

下面的代码工作完美，但我想给OAEPWithSHA1AndMGF1Padding改为OAEPWithSHA256AndMGF1Padding。什么是需要在C＃方能够使用SHA256，而不是SHA1加密

加密是在C＃中使用完成的：

  VAR参数=新RSAParameters（）; 
 parameters.Exponent =新的字节[] {0×01，0×00，0×01}; 
 parameters.Modulus =新的字节[] {0x9d，0xc1，含有0xCC，...}; 
 rsa.ImportParameters（参数）; 
 
变种密文= rsa.Encrypt（新字节[] {0，1，2，3}，真）; 
  

解密是用在Java中完成的：

 密码加密= Cipher.getInstance（RSA / NONE / OAEPWithSHA1AndMGF1Padding，BC）; 
 cipher.init（Cipher.DECRYPT_MODE，keyPair.getPrivate（））; 
的byte []密文= ...; 
字节[] =明文cipher.doFinal（密文）; 
  

解决方案

的RSACryptoServiceProvider并与基于SHA2-签字的工作，但你有一些努力投入到它。

当您使用证书，让您的RSACryptoServiceProvider它真正的问题有什么根本CryptoAPI提供程序。默认情况下，当你创建一个makecert证书，它的RSA-FULL，它仅支持SHA1哈希签字。你需要新的RSA-AES一个支持SHA2

所以，你可以用一个额外的选项创建证书：-SPMicrosoft增强RSA和AES加密供应商（或等效-sy 24），然后你的代码看起来像（在.NET 4.0中）：

  VAR RSA = signerCertificate.PrivateKey为的RSACryptoServiceProvider; 
 // 
字节[] =签名rsa.SignData（数据，CryptoConfig.CreateFromName（SHA256））; 
  

如果你无法改变你的证书颁发的路上，有一个半ligitimate变通方法，是基于默认的RSACryptoServiceProvider是与SHA2支持创建的事实。所以，下面的代码也将工作，但它是一个有点难看：（这是什么代码所做的就是创建一个新的RSACryptoServiceProvider和我们从证书得到了一个导入键）

  VAR RSA = signerCertificate.PrivateKey为的RSACryptoServiceProvider; 
 //创建一个新的RSACryptoServiceProvider 
的RSACryptoServiceProvider rsaClear =新的RSACryptoServiceProvider（）; 
 //由RSA导出RSA参数，并将其导入rsaClear'
 rsaClear.ImportParameters（rsa.ExportParameters（真））; 
字节[] =签名rsaClear.SignData（数据，CryptoConfig.CreateFromName（SHA256））; 
  

When encrypting, can RSACryptoServiceProvider (or any other RSA encryptor available from .NET) use SHA256 instead of SHA1?

SHA1 appears to be hard coded with no way to change it. For example, RSACryptoServiceProvider.SignatureAlgorithm is hard coded to return "http://www.w3.org/2000/09/xmldsig#rsa-sha1".

If there is no way to make RSACryptoServiceProvider use SHA256, what are the alternatives?

---

Update

The following code works perfectly, but I'd like to change the OAEPWithSHA1AndMGF1Padding to OAEPWithSHA256AndMGF1Padding. What is required on the C# side to be able to encrypt using SHA256 rather than SHA1?

The encryption is done in C# using:

var parameters = new RSAParameters();
parameters.Exponent = new byte[] {0x01, 0x00, 0x01};
parameters.Modulus = new byte[] {0x9d, 0xc1, 0xcc, ...};
rsa.ImportParameters(parameters);

var cipherText = rsa.Encrypt(new byte[] { 0, 1, 2, 3 }, true);

The decryption is done in Java using:

Cipher cipher = Cipher.getInstance("RSA/NONE/OAEPWithSHA1AndMGF1Padding", "BC");
cipher.init(Cipher.DECRYPT_MODE, keyPair.getPrivate());
byte[] cipherText = ...;
byte[] plainText = cipher.doFinal(cipherText);

解决方案

RSACryptoServiceProvider does work with SHA2-based signatures, but you have to invest some effort into it.

When you use a certificate to get your RSACryptoServiceProvider it really matters what's the underlying CryptoAPI provider. By default, when you create a certificate with 'makecert', it's "RSA-FULL" which only supports SHA1 hashes for signature. You need the new "RSA-AES" one that supports SHA2.

So, you can create your certificate with an additional option: -sp "Microsoft Enhanced RSA and AES Cryptographic Provider" (or an equivalent -sy 24) and then your code would look like (in .NET 4.0):

var rsa = signerCertificate.PrivateKey as RSACryptoServiceProvider;
//
byte[] signature = rsa.SignData(data, CryptoConfig.CreateFromName("SHA256"));

If you are unable to change the way your certificate is issued, there is a semi-ligitimate workaround that is based on the fact that by default RSACryptoServiceProvider is created with support for SHA2. So, the following code would also work, but it is a bit uglier: (what this code does is it creates a new RSACryptoServiceProvider and imports the keys from the one we got from the certificate)

var rsa = signerCertificate.PrivateKey as RSACryptoServiceProvider;
// Create a new RSACryptoServiceProvider
RSACryptoServiceProvider rsaClear = new RSACryptoServiceProvider();
// Export RSA parameters from 'rsa' and import them into 'rsaClear'
rsaClear.ImportParameters(rsa.ExportParameters(true));
byte[] signature = rsaClear.SignData(data, CryptoConfig.CreateFromName("SHA256"));

这篇关于的RSACryptoServiceProvider（.NET的RSA）可用于加密（不签名）SHA256，而不是SHA1？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！