在C＃中使用私钥签名数据 [英] Signing data with private key in c#

问题描述

我需要使用算法SHA1RSA和Rsa密钥长度2048以及64种基本编码对一个私有密钥进行签名。我的代码是这样的

I need to sign some data with one private key using Algorithm SHA1RSA ,Rsa Key length 2048 with 64 base encoding.My code is like this

       string sPayload = "";
        HttpWebRequest httpWebRequest = (HttpWebRequest)WebRequest.Create("URI");
        httpWebRequest.ContentType = "application/json; charset=utf-8";
        httpWebRequest.Method = WebRequestMethods.Http.Post;

        using (StreamWriter streamWriter = new StreamWriter(httpWebRequest.GetRequestStream()))
        {
            sPayload = "{\"id\":\"14123213213\"," +
                         "\"uid\":\"teller\"," +
                         "\"pwd\":\"abc123\"," +
                         "\"apiKey\":\"2343243\"," +

                          "\"agentRefNo\":\"234324324\"}";

          httpWebRequest.Headers.Add("SIGNATURE", Convert.ToBase64String(new System.Security.Cryptography.SHA1CryptoServiceProvider().ComputeHash(Encoding.ASCII.GetBytes(sPayload))));

            streamWriter.Write(sPayload);
            streamWriter.Flush();
            streamWriter.Close();
        }
        System.Net.ServicePointManager.Expect100Continue = false;

        HttpWebResponse httpResponse = (HttpWebResponse)httpWebRequest.GetResponse();

        using (StreamReader streamReader = new StreamReader(httpResponse.GetResponseStream()))
        {
            string result = streamReader.ReadToEnd();
        }

在标头名称Signature中，我需要使用私钥。但是使用上面的代码，错误会被第三方识别为无效签名，我不确定加密部分是否正确。

In the Header name Signature i need to pass the signed data(sPayload) using the private key.But using above code an error is getting as "invalid signature" from third party and i'am not sure whether the Encryption part is correct or not.

httpWebRequest.Headers.Add("SIGNATURE", Convert.ToBase64String(new System.Security.Cryptography.SHA1CryptoServiceProvider().ComputeHash(Encoding.ASCII.GetBytes(sPayload))));

第三方提供了一个证书（cert，sha1）和密钥。 ？

Third party had provide one certificate(cert,sha1) and key.should i refer that to the code?

推荐答案

您已经计算了 sPayload 的SHA-1哈希，

You have computed the SHA-1 hash of sPayload, not the RSA-SHA1 signature.

如果您有X509Certificate2：

If you have an X509Certificate2:

using (RSA rsa = cert.GetRSAPrivateKey())
{
    return rsa.SignData(sPayload, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
}

如果您已经有一个原始的RSA密钥，那么就不要使用using语句。

If you already have a raw RSA key then just leave off the using statement.

如果由于其他原因必须计算 sPayload 的哈希，您可以这样做

If you have to compute the hash of sPayload for some other reason you can do it like

byte[] hash;
byte[] signature;

using (HashAlgorithm hasher = SHA1.Create())
using (RSA rsa = cert.GetRSAPrivateKey())
{
    hash = hasher.ComputeHash(sPayload);
    signature = rsa.SignHash(hash, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
}

SignHash仍需要HashAlgorithmName值，因为算法标识符嵌入在签名中。

SignHash still requires the HashAlgorithmName value because the algorithm identifier is embedded within the signature.

这篇关于在C＃中使用私钥签名数据的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！