問題描述

加密時，RSACryptoServiceProvider(或 .NET 提供的任何其他 RSA 加密器)是否可以使用 SHA256 而不是 SHA1?

When encrypting, can RSACryptoServiceProvider (or any other RSA encryptor available from .NET) use SHA256 instead of SHA1?

SHA1 似乎是硬編碼的，無法更改.例如，RSACryptoServiceProvider.SignatureAlgorithm 被硬編碼為返回http://www.w3.org/2000/09/xmldsig#rsa-sha1".

SHA1 appears to be hard coded with no way to change it. For example, RSACryptoServiceProvider.SignatureAlgorithm is hard coded to return "http://www.w3.org/2000/09/xmldsig#rsa-sha1".

如果沒有辦法讓 RSACryptoServiceProvider 使用 SHA256，有哪些替代方案?

If there is no way to make RSACryptoServiceProvider use SHA256, what are the alternatives?

更新

以下代碼完美運行，但我想將 OAEPWithSHA1AndMGF1Padding 更改為 OAEPWithSHA256AndMGF1Padding.C# 端需要什么才能使用 SHA256 而不是 SHA1 進行加密?

The following code works perfectly, but I'd like to change the OAEPWithSHA1AndMGF1Padding to OAEPWithSHA256AndMGF1Padding. What is required on the C# side to be able to encrypt using SHA256 rather than SHA1?

加密在 C# 中使用:

The encryption is done in C# using:

var parameters = new RSAParameters();
parameters.Exponent = new byte[] {0x01, 0x00, 0x01};
parameters.Modulus = new byte[] {0x9d, 0xc1, 0xcc, ...};
rsa.ImportParameters(parameters);

var cipherText = rsa.Encrypt(new byte[] { 0, 1, 2, 3 }, true);

解密是在 Java 中使用:

The decryption is done in Java using:

Cipher cipher = Cipher.getInstance("RSA/NONE/OAEPWithSHA1AndMGF1Padding", "BC");
cipher.init(Cipher.DECRYPT_MODE, keyPair.getPrivate());
byte[] cipherText = ...;
byte[] plainText = cipher.doFinal(cipherText);

推薦答案

RSACryptoServiceProvider 確實可以使用基于 SHA2 的簽名，但您必須投入一些精力.

RSACryptoServiceProvider does work with SHA2-based signatures, but you have to invest some effort into it.

當您使用證書獲取 RSACryptoServiceProvider 時，底層 CryptoAPI 提供程序是什么真的很重要.默認情況下，當您使用makecert"創建證書時，它是RSA-FULL"，它僅支持 SHA1 哈希進行簽名.您需要支持 SHA2 的新RSA-AES".

When you use a certificate to get your RSACryptoServiceProvider it really matters what's the underlying CryptoAPI provider. By default, when you create a certificate with 'makecert', it's "RSA-FULL" which only supports SHA1 hashes for signature. You need the new "RSA-AES" one that supports SHA2.

因此，您可以使用附加選項創建證書:-sp "Microsoft Enhanced RSA and AES Cryptographic Provider"(或等效的 -sy 24)，然后您的代碼將如下所示(在 .NET 4.0 中):

So, you can create your certificate with an additional option: -sp "Microsoft Enhanced RSA and AES Cryptographic Provider" (or an equivalent -sy 24) and then your code would look like (in .NET 4.0):

var rsa = signerCertificate.PrivateKey as RSACryptoServiceProvider;
//
byte[] signature = rsa.SignData(data, CryptoConfig.CreateFromName("SHA256"));

如果您無法更改頒發證書的方式，則有一個半合法的解決方法，該解決方法基于默認情況下創建 RSACryptoServiceProvider 并支持 SHA2.因此，下面的代碼也可以工作，但它有點丑:(這段代碼的作用是創建一個新的 RSACryptoServiceProvider 并從我們從證書中獲得的密鑰中導入密鑰)

If you are unable to change the way your certificate is issued, there is a semi-ligitimate workaround that is based on the fact that by default RSACryptoServiceProvider is created with support for SHA2. So, the following code would also work, but it is a bit uglier: (what this code does is it creates a new RSACryptoServiceProvider and imports the keys from the one we got from the certificate)

var rsa = signerCertificate.PrivateKey as RSACryptoServiceProvider;
// Create a new RSACryptoServiceProvider
RSACryptoServiceProvider rsaClear = new RSACryptoServiceProvider();
// Export RSA parameters from 'rsa' and import them into 'rsaClear'
rsaClear.ImportParameters(rsa.ExportParameters(true));
byte[] signature = rsaClear.SignData(data, CryptoConfig.CreateFromName("SHA256"));

這篇關于RSACryptoServiceProvider(.NET 的 RSA)可以使用 SHA256 進行加密(不是簽名)而不是 SHA1 嗎?的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！