Sent to you by Hudong via Google Reader:
via MSDN Blogs by NicolD on Sep 03, 2007
The first step is to create a pair of key(pulic/private):
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();Private key is required to sign the string. Public key is required to verify if the sign is valid or not.
string publicKey = RSA.ToXmlString(false);
string privateKey = RSA.ToXmlString(true);
Sequence required to create a sign is:
- select a private key
- select an HASH algorithm to create one starting from the string to sign (you'll sign the hash, not the string)
- create a sign starting from the hash
As shown bellow:
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();Sequence of operations needed to verify a signature is instead:
RSA.FromXmlString(privateKey);
RSAPKCS1SignatureFormatter RSAFormatter = new RSAPKCS1SignatureFormatter(RSA);
RSAFormatter.SetHashAlgorithm("SHA1");
SHA1Managed SHhash = new SHA1Managed();
byte[] SignedHashValue = RSAFormatter.CreateSignature( SHhash.ComputeHash(new UnicodeEncoding().GetBytes(stringToBeSigned)));
string signature = System.Convert.ToBase64String(SignedHashValue);
- select the proper public key
- select the HASH algorithm to create one starting from the string to be verified
- veirfy the sign
as shown below:
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();
RSA.FromXmlString(publicKey);
RSAPKCS1SignatureDeformatter RSADeformatter = new RSAPKCS1SignatureDeformatter(RSA);
RSADeformatter.SetHashAlgorithm("SHA1");
SHA1Managed SHhash = new SHA1Managed();
if (RSADeformatter.VerifySignature(
SHhash.ComputeHash(new UnicodeEncoding().GetBytes(stringToBeVerified)),
System.Convert.FromBase64String(signature))
)
{
/// The signature is valid.
}
else
{
/// The signature is not valid.
}
Things you can do from here:
- on MSDN Blogs
- Subscribe to MSDN Blogs using Google Reader
- Get started using Google Reader to easily keep up with all your favorite sites
没有评论:
发表评论