* RSA加密解密:私钥解密,公钥加密。
* RSA数字签名-俗称加签验签:私钥加签,公钥验签。
java的公钥私钥是一串字符串,.net 公钥私钥是一串XML格式字符串,两者格式不是一致的,需要转换一下才能使用,具体请参考
JAVA和NET RSA密钥格式相互转换(公钥,私钥)
使用的命名空间:
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
//初始化时生成公钥和私钥
RSACryptoServiceProvider provider = new RSACryptoServiceProvider();
string privateKey = provider.ToXmlString(true);//生成私钥
string publicKey = provider.ToXmlString(false);//生成公钥
加签算法 和 验签算法 必须一致,举栗加签使用的是MD5算法那么验签也必须是MD5算法,不然就会验签失败。栗子中使用的是SHA256算法,对应JAVA的SHA256withRSA算法。
加签:
///
/// 生成签名
///
/// 需签名的数据
/// 私钥
/// 编码格式 默认utf-8
/// 签名后的值
public static string Signature(string str, string privateKey, string encoding)
{
//SHA256withRSA
//根据需要加签时的哈希算法转化成对应的hash字符节
//byte[] bt = Encoding.GetEncoding("utf-8").GetBytes(str);
byte[] bt = Encoding.GetEncoding(encoding).GetBytes(str);
var sha256 = new SHA256CryptoServiceProvider();
byte[] rgbHash = sha256.ComputeHash(bt);
RSACryptoServiceProvider key = new RSACryptoServiceProvider();
key.FromXmlString(privateKey);
RSAPKCS1SignatureFormatter formatter = new RSAPKCS1SignatureFormatter(key);
formatter.SetHashAlgorithm("SHA256");//此处是你需要加签的hash算法,需要和上边你计算的hash值的算法一致,不然会报错。
byte[] inArray = formatter.CreateSignature(rgbHash);
return Convert.ToBase64String(inArray);
}
公钥验签:
///
/// 签名验证
///
/// 待验证的字符串
/// 加签之后的字符串
/// 公钥
/// 编码格式
/// 签名是否符合
public static bool SignCheck(string str, string sign, string publicKey, string encoding)
{
try
{
//byte[] bt = Encoding.GetEncoding("utf-8").GetBytes(str);
byte[] bt = Encoding.GetEncoding(encoding).GetBytes(str);
var sha256 = new SHA256CryptoServiceProvider();
byte[] rgbHash = sha256.ComputeHash(bt);
RSACryptoServiceProvider key = new RSACryptoServiceProvider();
key.FromXmlString(publicKey);
RSAPKCS1SignatureDeformatter deformatter = new RSAPKCS1SignatureDeformatter(key);
deformatter.SetHashAlgorithm("SHA256");
byte[] rgbSignature = Convert.FromBase64String(sign);
if (deformatter.VerifySignature(rgbHash, rgbSignature))
{
return true;
}
return false;
}
catch
{
return false;
}
}
.cer证书信息 Base64编码 字符串验签:
///
/// 验签demo
/// 待验证的字符串
/// 加签之后的字符串
///
///
public static void VerifyDataDemo(string Data,string SignData)
{
//加签原文
//string Data = "2100040001401529c913701003072941546SwitchFeeInquiry{\"vesselCName\":\"正利洛杉矶\",\"vesselEName\":\"APL LOS ANGELES\",\"voyageNo\":\"0KR44E\",\"billNo\":\"AJKQDAS44E0360\",\"shippingAgencyCode\":\"91370220756929610P\",\"companyCode\":\"913701003072941546\",\"companyName\":\"山东汇贸电子口岸有限公司\",\"remark\":null}";
//.cer证书信息 证书导出编码Base64格式 读取证书的Base64编码
string certInfoStr = "MIIC/TCCAeWgAwIBAgIQfV5s1Unl+rdC/+jXcl1GbzANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDEwlTbmxUYW9LQUIwIBcNMTgxMjMxMTYwMDAwWhgPNDAxODEyMzExNjAwMDBaMBQxEjAQBgNVBAMTCVNubFRhb0tBQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALWeiVBDvANYDxNPm9v0HccYA5miib8A/YcF5sUWlHOjipWeEETZYiwgzL64Glzxdkt0IqhpkJ6HjT1hfdCLGgf8MXOGsoJRF/MJdslfDwEXEIcflfsCCbAQ9L1TZN7DAQH2a1a1STmTZI1HABZj2Jz8ZKv+8uByRRvkwkTTFbEY63ssCvgi62RZ2L1IsP8WzQOnydN55BQzaD7FwF1TlCb/SfBV4k4qz8dtWhiXXcuwBZbzcrYDq7uReqSWCO+n3uWGBmGFFR44CDgppI3KJcGLegFJpZihtW7Br3dCJmnH+ayrt9hPCfGr3KI5ysqqThjj7LDMat/7NGLF+siXx7UCAwEAAaNJMEcwRQYDVR0BBD4wPIAQzjjloN6qCKGikaZnXVkiZqEWMBQxEjAQBgNVBAMTCVNubFRhb0tBQoIQfV5s1Unl+rdC/+jXcl1GbzANBgkqhkiG9w0BAQsFAAOCAQEAsvmbM/OpP0qxO9t0ISc/4DGRCwDAoCtvvaDMO6AmFGEbQ3YqepfdDq1Mr1dH+td2QvkypwOG9u0dGKpt8SUPdUAVEzr4ni6EV1UIomBgbkDHKYAIvsxPHrrfGNeuZAtPXr+tY5CjHR2LW+WMcCWc4K9GemXDWTlVPh79DIrGrGn8ZANB2Tf9zLl3iYk+QTrUl2MnVWujWIkAZOunMtNG4DC3aJWizU+OH+UBVgDVsGJFoJYO1qZleWP07FYI+qVqsiiwt/iNuGaR+qYDRhultLz1DaP9UmAXedm1DynbNio18N4A+G8nodVIc4/D5t5VscjBdYE5XpJ/YSPiwQRK+w==";
//签名字符串
//string SignData = "sgvPVzfjBHEpiMFX2vGg2cr/4B7J6FPcLKVKivICSLUAqDvjanbxLKctHlfzYkIfAEEl2OWC/S3ZF2b/ALgeAxsz16MopV2AGXUmakKqUz8wCPSFtZjgjXQzgx49FU2wcXduh4quLD1xhDiW2gMm0ehN2rJ40Ny4zAlEiXCFlGrmfIHlME91AosS/nI9WG3tNIBr7WNHfnjsS2CplXvl5v8Wp3ZZnPtn5cyyXwV4++z5s3k2T9NVx1CJfgkNB03cajPiO7Cc150eSl/YEkN/iZt1ITp1QLuiI5qjKwWaWzOM7G9fmvasoqKc4QqrabmrOucn6sL2QIcj1+ptTltrOA==";
X509Certificate2 X509 = new X509Certificate2(Encoding.UTF8.GetBytes(certInfoStr));
//string publickey = X509.PublicKey.Key.ToXmlString(false);
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)X509.PublicKey.Key;
using (var sha256 = new SHA256CryptoServiceProvider())
{
bool result = rsa.VerifyData(Encoding.UTF8.GetBytes(Data), sha256, Convert.FromBase64String(SignData));
Console.WriteLine("验签结果" + result);
Console.ReadKey();
}
}