验证数字签名 [英] verify digital signature
问题描述
我要验证我的签名。我使用这个代码
I want to verify my signature. I use this code
var encoder = new UTF8Encoding();
byte[] bytesToVerify = encoder.GetBytes(LoginChallenge);
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
RSAKeyInfo.Modulus = publickey1;
rsa.ImportParameters(RSAKeyInfo);
bool suc = rsa.VerifyData(bytesToVerify, CryptoConfig.MapNameToOID("SHA1"), signedBytes);
我有字节数组格式的公钥。它在我的db。像这样
I have public key in byte array format. It is in my db. like this
always suc = false。我确信bytetoverify与方法符号中的输入值具有相同的值。
always suc=false. I'm sure bytetoverify has same value with input value in method sign.
我的签名方法:
Signature signature=Signature.getInstance(Signature.ALG_RSA_SHA_PKCS1,false);
signature.init(thePrivateKey,Signature.MODE_SIGN);
signLength=signature.sign(buffer,(short)(ISO7816.OFFSET_CDATA & 0xFF), inputlength, buffer, (short)(0));
apdu.setOutgoingAndSend((short)0,signLength);
我不知道我的生成公钥是这样的问题或迹象有问题。在签名方法中我使用sh1和pkcs1,但在验证我只找到sh1。
I dont know my generate public key in this way is problem or sign has problem. in sign method I use sh1 and pkcs1 but in verify i only find sh1.
每个身体可以帮助我吗?
can every body help me?
推荐答案
你保存到数据库中了什么?只是模量值?
What did you save into the database? Just the Modulus value?
RSA公钥有两个字段,Modulus和指数。
An RSA public key has two fields, Modulus and Exponent. They are both required to do a successful key import and operation.
在99.999993%的RSA密钥中创建的Exponent值为 new byte [ ] {0x01,0x00,0x01} ;因此您可以几乎总是避开只存储Modulus值,并假设指数是
In 99.999993% of the RSA keys ever created the Exponent value is new byte[] { 0x01, 0x00, 0x01 }; so you can almost always get away with storing just the Modulus value, and assuming what Exponent is.
为了最好的结果,不要假设。或者,至少如果它们的指数值不是 0x010001 ,则拒绝登记上的键。
For best results, don't assume. Or, at the very least, reject keys on registration if their Exponent value isn't 0x010001.
这归结为:
- 您需要设置Exponent(正确的值)
- 需要确保您的导入逻辑与您的导出逻辑匹配,以确保您将相同的内容加载/保存到相同的位置。
这篇关于验证数字签名的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
![输入图片说明](\"https://i.stack.imgur.com/7A1l4.png\"){kind=link}