问题描述
我需要使用算法 SHA1RSA 用一个私钥对一些数据进行签名,Rsa 密钥长度为 2048,基本编码为 64.我的代码是这样的
I need to sign some data with one private key using Algorithm SHA1RSA ,Rsa Key length 2048 with 64 base encoding.My code is like this
string sPayload = "";
HttpWebRequest httpWebRequest = (HttpWebRequest)WebRequest.Create("URI");
httpWebRequest.ContentType = "application/json; charset=utf-8";
httpWebRequest.Method = WebRequestMethods.Http.Post;
using (StreamWriter streamWriter = new StreamWriter(httpWebRequest.GetRequestStream()))
{
sPayload = "{"id":"14123213213"," +
""uid":"teller"," +
""pwd":"abc123"," +
""apiKey":"2343243"," +
""agentRefNo":"234324324"}";
httpWebRequest.Headers.Add("SIGNATURE", Convert.ToBase64String(new System.Security.Cryptography.SHA1CryptoServiceProvider().ComputeHash(Encoding.ASCII.GetBytes(sPayload))));
streamWriter.Write(sPayload);
streamWriter.Flush();
streamWriter.Close();
}
System.Net.ServicePointManager.Expect100Continue = false;
HttpWebResponse httpResponse = (HttpWebResponse)httpWebRequest.GetResponse();
using (StreamReader streamReader = new StreamReader(httpResponse.GetResponseStream()))
{
string result = streamReader.ReadToEnd();
}
在标头名称签名中,我需要使用私钥传递签名数据(sPayload).但是使用上面的代码会出现无效签名"错误.来自第三方,我不确定加密部分是否正确.
In the Header name Signature i need to pass the signed data(sPayload) using the private key.But using above code an error is getting as "invalid signature" from third party and i'am not sure whether the Encryption part is correct or not.
httpWebRequest.Headers.Add("SIGNATURE", Convert.ToBase64String(new System.Security.Cryptography.SHA1CryptoServiceProvider().ComputeHash(Encoding.ASCII.GetBytes(sPayload))));
第三方提供了一个证书(cert,sha1)和密钥.我应该参考代码吗?
Third party had provide one certificate(cert,sha1) and key.should i refer that to the code?
推荐答案
您计算了 sPayload 的 SHA-1 哈希,而不是 RSA-SHA1 签名.
You have computed the SHA-1 hash of sPayload, not the RSA-SHA1 signature.
如果您有 X509Certificate2:
If you have an X509Certificate2:
using (RSA rsa = cert.GetRSAPrivateKey())
{
return rsa.SignData(sPayload, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
}
如果您已经拥有原始 RSA 密钥,那么请不要使用 using 语句.
If you already have a raw RSA key then just leave off the using statement.
如果你必须计算 sPayload 的哈希值,你可以这样做
If you have to compute the hash of sPayload for some other reason you can do it like
byte[] hash;
byte[] signature;
using (HashAlgorithm hasher = SHA1.Create())
using (RSA rsa = cert.GetRSAPrivateKey())
{
hash = hasher.ComputeHash(sPayload);
signature = rsa.SignHash(hash, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
}
SignHash 仍然需要 HashAlgorithmName 值,因为算法标识符嵌入在签名中.
SignHash still requires the HashAlgorithmName value because the algorithm identifier is embedded within the signature.
这篇关于在 C# 中使用私钥对数据进行签名的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!
大气响应式网络建站服务公司织梦模板
高端大气html5设计公司网站源码
织梦dede网页模板下载素材销售下载站平台(带会员中心带筛选)
财税代理公司注册代理记账网站织梦模板(带手机端)
成人高考自考在职研究生教育机构网站源码(带手机端)
高端HTML5响应式企业集团通用类网站织梦模板(自适应手机端)