問題描述
簡而言之,這是我的問題:
In a nutshell, this is my problem:
<代碼>私人字符串publicKeyString = MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVGUzbydMZS + fnkGTsUkDKEyFOGwghR234d5GjPnMIC0RFtXtw2tdcNM8I9Qk + h6fnPHiA7r27iHBfdxTP3oegQJWpbY2RMwSmOs02eQqpKx4QtIjWqkKk2Gmck5cll9GCoI8AUAA5e0D02T0ZgINDmo5yGPhGAAmqYrm8YiupwQIDAQAB";/* 需要一些轉換,使用 publicKeyString 來啟動一個新的 RSACryptoServiceProvider 對象*///目前:RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();字節[] selfComputedHash = 新字節[];//示例中省略字節[]簽名=新字節[];bool 結果 = rsa.VerifyHash(selfComputedHash, CryptoConfig.MapNameToOID("SHA1"), 簽名);
如您所見,問題在于使用給定的 Base64 編碼公鑰字符串啟動新的 RSACryptoServiceProvider.我已經能夠使用對象 RSAParameters 進行實例化,該對象使用 OpenSSL shell 命令從該公鑰字符串派生的模數和指數加載了字節 [].但是由于這個公鑰將來可能會發生變化,我希望能夠將其以原始形式存儲在數據庫中.必須有更直接的方法來處理這個問題.
As you can see, the problem is initiating a new RSACryptoServiceProvider with the given Base64 encoded public key string. I've been able to do the instantiation using an object RSAParameters, loaded with the byte[]'s for Modulus and Exponent derived from this public key string using an OpenSSL shell command. But since this public key may change in the future I want to be able to store it in its original form in a database. There must be a more straightforward way of dealing with this.
到目前為止,我讀過的許多示例都通過將生成的私鑰和公鑰導出到密鑰容器對象或從密鑰容器對象導入生成的私鑰和公鑰并在同一段代碼中使用它而不是轉移"來避免這個問題某些字符串形式的鍵內存不足.有些人在 StackOverflow 和其他網站上都表達了同樣的問題,但我還沒有找到令人滿意的答案.
A lot of the examples I've read so far avoid this problem by exporting and importing the generated private and public keys to and from a key-container object and use it in the same piece of code and thus not 'transferring' the key in some string form out of memory. Some people have expressed the same problem, both here on StackOverflow and on other sites, but I have not been able to find a satisfying answer yet.
歡迎提出任何想法.
背景信息:我的通信伙伴從一個可變長度的輸入字符串計算一個 20 字節的 SHA1 哈希,該字符串由包含在 ASCII 編碼消息的多個字段中的信息組成.然后用我的合作伙伴的私鑰對這個哈希進行 RSA 簽名,并與 ASCII 消息一起發送給我.到達后,我自己計算 SHA1 哈希,使用 ASCII 消息中的相同字段,然后嘗試通過調用 VerifyHash 來驗證這些字段是否未更改.
Background info: My communication partner computes a 20-byte SHA1-hash from an input string of variable length, composed of the information contained in several fields of an ASCII encoded message. This hash is then RSA-signed with my partner's private key and sent along with the ASCII message to me. Upon arrival, I compute the SHA1 hash myself, using the same fields from the ASCII message and then try to verify if these fields were not altered by calling VerifyHash.
密鑰以 2 種形式提供:常規和非NL".上面的代碼中包含了noNL版本,普通版本是這樣的:
The key is provided in 2 forms: regular and 'noNL'. The noNL version is included in the code above, the regular version is this:
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVGUzbydMZS+fnkGTsUkDKEyFO
GwghR234d5GjPnMIC0RFtXtw2tdcNM8I9Qk+h6fnPHiA7r27iHBfdxTP3oegQJWp
bY2RMwSmOs02eQqpKx4QtIjWqkKk2Gmck5cll9GCoI8AUAA5e0D02T0ZgINDmo5y
GPhGAAmqYrm8YiupwQIDAQAB
-----END PUBLIC KEY-----
推薦答案
你的字符串是 SubjectPublicKeyInfo.您可以使用 Bouncycastle.net 像這樣解碼它:
Your string is the base64 encoding of a SubjectPublicKeyInfo. You can use Bouncycastle.net to decode it like this:
byte[] publicKeyBytes = Convert.FromBase64String(publicKeyString);
AsymmetricKeyParameter asymmetricKeyParameter = PublicKeyFactory.CreateKey(publicKeyBytes);
RsaKeyParameters rsaKeyParameters = (RsaKeyParameters) asymmetricKeyParameter;
RSAParameters rsaParameters = new RSAParameters();
rsaParameters.Modulus = rsaKeyParameters.Modulus.ToByteArrayUnsigned();
rsaParameters.Exponent = rsaKeyParameters.Exponent.ToByteArrayUnsigned();
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.ImportParameters(rsaParameters);
這篇關于使用 Base64 編碼的公鑰驗證 RSA 簽名的文章就介紹到這了,希望我們推薦的答案對大家有所幫助,也希望大家多多支持html5模板網!