C# 中签名程序集的公钥结构是什么? [英] What is the structure of the public key of a signed assembly in C#?

问题描述

使用此代码检索公钥字节...

Using this code to retrieve the public key bytes...

var pubKey = 
    AppDomain.CurrentDomain.DomainManager.EntryAssembly
        .GetName().GetPublicKey();

密钥开头(前 32 个字节)的通用结构是什么?它不是 ASN.1，它可能不是可变的.我可以用谷歌搜索并得到重复.

What is this common structure at the start (first 32 bytes) of the key? It's not ASN.1 and it might not be variable. I can google it and get repeats.

// 00 24 00 00 04 80 00 00 94 00 00 00 06 02 00 00 00 24 00 00 52 53 41 31

是全部颠倒了还是只是其中的一部分(例如最后的模数)?52 53 41 31 是一串RSA1.我的密钥的模数是 1024 位，所以我正在寻找描述长度的东西.0x0400 (00 04 B.E.) 将是 1024(位)，0x80 将是 128(字节，1024/8).

Is it all reversed or just part of it (e.g. the modulus at the end)? 52 53 41 31 is a string of RSA1. My key's modulus is 1024 bit, so I was looking for something that described the length. 0x0400 (00 04 B.E.) would be 1024 (bits), 0x80 would be 128 (bytes, 1024/8).

// 00 04 00 00 01 00 01 00

这些最后的 4 到 6 是公共指数吗?大端还是小端?最后一个空值是终止符还是间隔符?

Are these last 4 to 6 the public exponent? Big or little endian? Is the last null a terminator or spacer?

对 RSAPKCS1SignatureFormatter 和 RSAPKCS1SignatureDeformatter 的实现(.NET 和 Mono)的调查并不容易.

Investigations into implementations (.NET and Mono) of RSAPKCS1SignatureFormatter and RSAPKCS1SignatureDeformatter are not easy going.

删除编辑，回答自己的问题……除非有人想出更好的答案或添加详细信息，包括原因.

推荐答案

我无法停止咬指甲试图从 CALG_RSA_SIGN = 0x00002400 向后工作，并偶然发现了 RSAPUBKEY，然后是 PUBLICKEYSTRUC，最后是 PublicKeyBlob.那么现在我可以正式解析它了.想知道 .NET 框架中是否已经有任何结构可以处理这个问题?

I couldn't stop biting my nails trying to work backwards from CALG_RSA_SIGN = 0x00002400, and stumbled upon RSAPUBKEY, then PUBLICKEYSTRUC and finally PublicKeyBlob. Well now I can parse it formally. Wonder if there is any struct already in the .NET framework for handling this?

https://msdn.microsoft.com/en-us/library/ee442238.aspx

哦，嘿，这些神奇的数字看起来很熟悉.它们是什么意思...

Oh hey, these magical numbers look familiar. What do they mean...

是 https://msdn.microsoft.com/en-us/图书馆/ms232463.aspx ?

// 00 24 00 00 // 0x00002400 LE // PublicKeyBlob  SigAlgId ALG_ID = CALG_RSA_SIGN 
// 04 80 00 00 // 0x00008004 LE // PublicKeyBlob  HashAlgId ALG_ID = CALG_SHA1
// 94 00 00 00 // 0x00000094 LE // PublicKeyBlob  cbPublicKey dword = 148
// sizeof(PUBLICKEYSTRUC) is 8 + sizeof(RSAPUBKEY) is 12 + sizeof(modulus) is 128 = 148
// 06          // 0x06          // PUBLICKEYSTRUC bType byte = PUBLICKEYBLOB
// 02          // 0x02          // PUBLICKEYSTRUC bVersion byte = CUR_BLOB_VERSION
// 00 00       // 0x0000 LE     // PUBLICKEYSTRUC reserved word = 0
// 00 24 00 00 // 0x00002400 LE // PUBLICKEYSTRUC aiKeyAlg ALG_ID = CALG_RSA_SIGN 
// 52 53 41 31 // 'RSA1'        // RSAPUBKEY magic dword
// 00 04 00 00 // 0x00000400 LE // RSAPUBKEY bitlen dword
// 01 00 01 00 // 0x00010001 LE // RSAPUBKEY pubexp dword
// public modulus reversed follows in (bitlen/8) bytes

因此使用此信息(无法使 rsaCsp.ImportParameters 正常工作)...

So using this information (couldn't get rsaCsp.ImportParameters to work right)...

var rsaCsp = new RSACryptoServiceProvider(BitLength);
rsaCsp.FromXmlString(string.Format(
    "<RSAKeyValue><Modulus>{1}</Modulus><Exponent>{0}</Exponent></RSAKeyValue>",
    Convert.ToBase64String(PubExp), Convert.ToBase64String(PubMod)));

现在您有一个有效的 rsaCsp 用于来自程序集的 SN PK 的签名认证.

Now you have a valid rsaCsp for signature authentication from your assembly's SN PK.

这篇关于C# 中签名程序集的公钥结构是什么?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！