internal bool VerifySignature(DSA dsa)
{
if (signatureOID != "1.2.840.10040.4.3")
{
throw new CryptographicException("Unsupported hash algorithm: " + signatureOID);
}
DSASignatureDeformatter v = new DSASignatureDeformatter(dsa);
// only SHA-1 is supported
v.SetHashAlgorithm("SHA1");
ASN1 sign = new ASN1(signature);
if ((sign == null) || (sign.Count != 2))
{
return(false);
}
// parts may be less than 20 bytes (i.e. first bytes were 0x00)
byte[] part1 = sign [0].Value;
byte[] part2 = sign [1].Value;
byte[] sig = new byte [40];
// parts may be less than 20 bytes (i.e. first bytes were 0x00)
// parts may be more than 20 bytes (i.e. first byte > 0x80, negative)
int s1 = System.Math.Max(0, part1.Length - 20);
int e1 = System.Math.Max(0, 20 - part1.Length);
Buffer.BlockCopy(part1, s1, sig, e1, part1.Length - s1);
int s2 = System.Math.Max(0, part2.Length - 20);
int e2 = System.Math.Max(20, 40 - part2.Length);
Buffer.BlockCopy(part2, s2, sig, e2, part2.Length - s2);
return(v.VerifySignature(Hash, sig));
}
internal bool VerifySignature(System.Security.Cryptography.DSA dsa)
{
DSASignatureDeformatter deformatter = new DSASignatureDeformatter(dsa);
deformatter.SetHashAlgorithm("SHA1");
return(deformatter.VerifySignature(this.Hash, this.Signature));
}
internal bool VerifySignature(DSA dsa)
{
DSASignatureDeformatter dsasignatureDeformatter = new DSASignatureDeformatter(dsa);
dsasignatureDeformatter.SetHashAlgorithm("SHA1");
return(dsasignatureDeformatter.VerifySignature(this.Hash, this.Signature));
}
public static bool Verify(byte[] hash, byte[] signedHash, string hashAlgo, AsymmetricEncryptionAlgorithm cryptoAlgo, string publicKey)
{
switch (cryptoAlgo)
{
case AsymmetricEncryptionAlgorithm.RSA:
using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider())
{
RSA.FromXmlString(publicKey);
return(RSA.VerifyHash(hash, CryptoConfig.MapNameToOID(hashAlgo), signedHash));
}
case AsymmetricEncryptionAlgorithm.DSA:
using (DSACryptoServiceProvider DSA = new DSACryptoServiceProvider())
{
DSA.FromXmlString(publicKey);
DSASignatureDeformatter DSADeformatter = new DSASignatureDeformatter(DSA);
DSADeformatter.SetHashAlgorithm(hashAlgo);
return(DSADeformatter.VerifySignature(hash, signedHash));
}
default:
throw new NotImplementedException("Feature not implemented for specified algorithm.");
}
}
public static bool ValidatePathWithEncodedDSASignatureAndPublicDSAKey(string path, string base64Signature, string publicKey)
{
try {
byte[] signature = Convert.FromBase64String(base64Signature);
byte[] data = File.ReadAllBytes(path);
SHA1CryptoServiceProvider cryptoTransformSHA1 = new SHA1CryptoServiceProvider();
byte[] sha1Hash = cryptoTransformSHA1.ComputeHash(data);
string cleanKey = "";
string[] lines = publicKey.Split(new char[] { '\n', '\r' });
foreach (string line in lines)
{
cleanKey += line.Trim();
}
byte[] publicKeyData = Convert.FromBase64String(cleanKey);
DSACryptoServiceProvider provider = new DSACryptoServiceProvider();
provider.ImportCspBlob(publicKeyData);
DSASignatureDeformatter formatter = new DSASignatureDeformatter(provider);
formatter.SetHashAlgorithm("SHA1");
return(formatter.VerifySignature(sha1Hash, signature));
} catch (Exception ex) {
Console.WriteLine(ex.Message);
return(false);
}
}
internal bool VerifySignature(DSA dsa)
{
if (signatureOID != "1.2.840.10040.4.3")
{
throw new CryptographicException("Unsupported hash algorithm: " + signatureOID);
}
DSASignatureDeformatter dSASignatureDeformatter = new DSASignatureDeformatter(dsa);
dSASignatureDeformatter.SetHashAlgorithm("SHA1");
ASN1 aSN = new ASN1(signature);
if (aSN == null || aSN.Count != 2)
{
return(false);
}
byte[] value = aSN[0].Value;
byte[] value2 = aSN[1].Value;
byte[] array = new byte[40];
int num = System.Math.Max(0, value.Length - 20);
int dstOffset = System.Math.Max(0, 20 - value.Length);
Buffer.BlockCopy(value, num, array, dstOffset, value.Length - num);
int num2 = System.Math.Max(0, value2.Length - 20);
int dstOffset2 = System.Math.Max(20, 40 - value2.Length);
Buffer.BlockCopy(value2, num2, array, dstOffset2, value2.Length - num2);
return(dSASignatureDeformatter.VerifySignature(Hash, array));
}
/// <summary>
/// 验证签名方法实现
/// </summary>
/// <param name="valueToSign">被签名的原始数据</param>
/// <param name="signedHashValue">签名值</param>
/// <param name="dsaKeyInfo">私钥信息</param>
/// <param name="hashAlg">Hash算法名称</param>
/// <returns></returns>
public static bool DsaVerifyHash(byte[] valueToSign, byte[] signedHashValue, DSAParameters dsaKeyInfo, string hashAlg)
{
if (string.IsNullOrEmpty(hashAlg))
{
throw new ArgumentNullException(hashAlg);
}
bool verified;
try
{
using (DSACryptoServiceProvider dsa = new DSACryptoServiceProvider())
{
dsa.ImportParameters(dsaKeyInfo);
DSASignatureDeformatter dsaFormatter = new DSASignatureDeformatter(dsa);
dsaFormatter.SetHashAlgorithm(hashAlg);
verified = dsaFormatter.VerifySignature(valueToSign, signedHashValue);
}
}
catch (CryptographicException e)
{
throw new CryptographicException(e.Message);
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
return(verified);
}
private void buttonVerify_Click(object sender, EventArgs e)
{
//为简化起见,此处假定接收方已经接收到发
//送方发送的hashValue、signedHashValue以及公钥
//同时保证接收方和签名方使用相同的哈希算法(均为“SHA1”)
try
{
DSACryptoServiceProvider dsa = new DSACryptoServiceProvider();
dsa.ImportParameters(dsaKeyInfo);
DSASignatureDeformatter DSADeformatter = new DSASignatureDeformatter(dsa);
DSADeformatter.SetHashAlgorithm("SHA1");
if (DSADeformatter.VerifySignature(hashValue, signedHashValue))
{
textBoxVerifyResult.Text = "验证成功";
}
else
{
textBoxVerifyResult.Text = "验证失败";
}
}
catch (CryptographicException err)
{
MessageBox.Show(err.Message);
}
}
public static bool DSAVerifyHash(byte[] HashValue, byte[] SignedHashValue,
DSAParameters DSAKeyInfo, string HashAlg)
{
bool verified = false;
try
{
// Create a new instance of DSACryptoServiceProvider.
using (DSACryptoServiceProvider DSA = new DSACryptoServiceProvider()) // BAD
{
// Import the key information.
DSA.ImportParameters(DSAKeyInfo);
// Create an DSASignatureDeformatter object and pass it the
// DSACryptoServiceProvider to transfer the private key.
DSASignatureDeformatter DSADeformatter = new DSASignatureDeformatter(DSA);
// Set the hash algorithm to the passed value.
DSADeformatter.SetHashAlgorithm(HashAlg);
// Verify signature and return the result.
verified = DSADeformatter.VerifySignature(HashValue, SignedHashValue);
}
}
catch (CryptographicException e)
{
Console.WriteLine(e.Message);
}
return(verified);
}
internal bool VerifySignature(DSA dsa)
{
if (this.signatureOID != "1.2.840.10040.4.3")
{
throw new CryptographicException("Unsupported hash algorithm: " + this.signatureOID);
}
DSASignatureDeformatter deformatter = new DSASignatureDeformatter(dsa);
deformatter.SetHashAlgorithm("SHA1");
ASN1 asn = new ASN1(this.signature);
if ((asn == null) || (asn.Count != 2))
{
return(false);
}
byte[] src = asn[0].Value;
byte[] buffer2 = asn[1].Value;
byte[] dst = new byte[40];
int srcOffset = Math.Max(0, src.Length - 20);
int dstOffset = Math.Max(0, 20 - src.Length);
Buffer.BlockCopy(src, srcOffset, dst, dstOffset, src.Length - srcOffset);
int num3 = Math.Max(0, buffer2.Length - 20);
int num4 = Math.Max(20, 40 - buffer2.Length);
Buffer.BlockCopy(buffer2, num3, dst, num4, buffer2.Length - num3);
return(deformatter.VerifySignature(this.Hash, dst));
}
public static bool CheckSign(byte[] data, string xmlStringPubKey)
{
bool checkResult;
DSACryptoServiceProvider dsa = new DSACryptoServiceProvider();
dsa.FromXmlString(xmlStringPubKey);
DSASignatureDeformatter dSADeformatter = new DSASignatureDeformatter(dsa);
dSADeformatter.SetHashAlgorithm("SHA1");
using (MemoryStream ms = new MemoryStream(data))
{
byte[] signedHashLength = new byte[4];
ms.Seek(0, SeekOrigin.Begin);
ms.Read(signedHashLength, 0, 3);
byte[] signedHash = new byte[BitConverter.ToInt32(signedHashLength, 0)];
ms.Seek(4, SeekOrigin.Begin);
ms.Read(signedHash, 0, signedHash.Length);
byte[] dat = ReturnDataWithoutHash(data);
byte[] hash = GetSha1Hash(dat);
checkResult = dSADeformatter.VerifySignature(hash, signedHash);
}
return(checkResult);
}
public static string Hash(string text)
{
try
{
byte[] Hash = Sha1Hash(text);
DSACryptoServiceProvider dsa = new DSACryptoServiceProvider();
DSASignatureFormatter dSASignatureFormatter = new DSASignatureFormatter(dsa);
dSASignatureFormatter.SetHashAlgorithm("SHA1");
byte[] SignedHash = dSASignatureFormatter.CreateSignature(Hash);
string sign = Convert.ToBase64String(SignedHash);
DSASignatureDeformatter dSASignatureDeformatter = new DSASignatureDeformatter(dsa);
if (dSASignatureDeformatter.VerifySignature(Hash, SignedHash))
{
return(sign);
}
else
{
return(null);
}
}
catch (Exception ex)
{
throw new Exception("Error! During DSA Hash siganture generation.");
}
}
internal bool VerifySignature (DSA dsa)
{
// signatureOID is check by both this.Hash and this.Signature
DSASignatureDeformatter v = new DSASignatureDeformatter (dsa);
// only SHA-1 is supported
v.SetHashAlgorithm ("SHA1");
return v.VerifySignature (this.Hash, this.Signature);
}
public bool Verify(string message, byte[] signature)
{
DSASignatureDeformatter dsdfm = new DSASignatureDeformatter(_alg);
dsdfm.SetHashAlgorithm(_hashfn);
Byte[] messagebyte = new UnicodeEncoding().GetBytes(message);
Byte[] hash = HashAlgorithm.Create(_hashfn).ComputeHash(messagebyte);
return(dsdfm.VerifySignature(hash, signature));
}
public static bool VerifySign(string msg, string msgSign, string publicSignKey)
{
using (var provider = new DSACryptoServiceProvider())
{
var signature = Convert.FromBase64String(msgSign);
provider.ImportCspBlob(Convert.FromBase64String(publicSignKey));
var deformatter = new DSASignatureDeformatter(provider);
deformatter.SetHashAlgorithm("SHA1");
return(deformatter.VerifySignature(UserSHA1.ComputeHashSHA1(msg), signature));
}
}
/// <summary>
/// Validates the signature that follows the Licence data
/// </summary>
/// <param name="hashValue">Hash value</param>
/// <param name="signedHashValue">Signed hash value</param>
/// <param name="xmlKeyInfo">Public Key</param>
/// <param name="hashAlg">Hash Algorithm</param>
/// <returns>True if signature is valid</returns>
private static bool DSAVerifyHash(byte[] hashValue, byte[] signedHashValue, string xmlKeyInfo, string hashAlg)
{
DSACryptoServiceProvider.UseMachineKeyStore = false;
using (DSACryptoServiceProvider DSA = new DSACryptoServiceProvider())
{
DSA.FromXmlString(xmlKeyInfo);
DSASignatureDeformatter DSAFormatter = new DSASignatureDeformatter(DSA);
DSAFormatter.SetHashAlgorithm(hashAlg);
return(DSAFormatter.VerifySignature(hashValue, signedHashValue));
}
}
public static void VerifySignature_SHA1()
{
using (DSA dsa = DSAFactory.Create())
{
var formatter = new DSASignatureFormatter(dsa);
var deformatter = new DSASignatureDeformatter(dsa);
using (SHA1 alg = SHA1.Create())
{
VerifySignature(formatter, deformatter, alg, "SHA1");
VerifySignature(formatter, deformatter, alg, "sha1");
}
}
}
public static void VerifySignature_SHA1()
{
using (DSA dsa = DSAFactory.Create())
{
var formatter = new DSASignatureFormatter(dsa);
var deformatter = new DSASignatureDeformatter(dsa);
using (SHA1 alg = SHA1.Create())
{
VerifySignature(formatter, deformatter, alg, "SHA1");
VerifySignature(formatter, deformatter, alg, "sha1");
}
}
}
//--METHOD UNTUK VERIVIKASI SIGNATURE
static bool VerifySignature(byte[] dataSign, byte[] SignData, string publicKey)
{
//--CREATE OBJEK DSACryptoServiceProvider
using (DSACryptoServiceProvider dsa = new DSACryptoServiceProvider())
{
//--SET PUBLIC KEY
dsa.FromXmlString(publicKey);
//--CREATE DEFORMATTER UNTUK MENTRANSFER KEY
DSASignatureDeformatter deformatter = new DSASignatureDeformatter(dsa);
//--SETTING HASH ALGORITHM UNTUK SHA1
deformatter.SetHashAlgorithm("SHA1");
//--VERIFY SIGNATURE
return(deformatter.VerifySignature(dataSign, SignData));
}
}
public static void VerifySignature_SHA1()
{
using (DSA dsa = DSAFactory.Create())
{
dsa.ImportParameters(DSATestData.GetDSA1024Params());
var formatter = new DSASignatureFormatter(dsa);
var deformatter = new DSASignatureDeformatter(dsa);
using (SHA1 alg = SHA1.Create())
{
VerifySignature(formatter, deformatter, alg, "SHA1");
VerifySignature(formatter, deformatter, alg, "sha1");
}
}
}
public bool Verify(byte[] hash, byte[] signedHash, string hashAlgo)
{
switch (_cryptoAlgo)
{
case AsymmetricEncryptionAlgorithm.RSA:
return((_asymAlgo as RSACryptoServiceProvider).VerifyHash(hash, CryptoConfig.MapNameToOID(hashAlgo), signedHash));
case AsymmetricEncryptionAlgorithm.DSA:
DSASignatureDeformatter DSADeformatter = new DSASignatureDeformatter(_asymAlgo);
DSADeformatter.SetHashAlgorithm(hashAlgo);
return(DSADeformatter.VerifySignature(hash, signedHash));
default:
throw new NotImplementedException("Feature not implemented for specified algorithm.");
}
}
/// <summary>
/// DSA验证
/// </summary>
/// <param name="CypherText">签名后的Base64字符串</param>
/// <param name="xmlString">密钥(至少含公钥)</param>
/// <param name="signString">签名串</param>
public static bool VerifyString(string CypherText, string xmlString, string signString)
{
DSACryptoServiceProvider dsa = new DSACryptoServiceProvider();
dsa.FromXmlString(xmlString);
if (!string.IsNullOrEmpty(CypherText))
{
byte[] bEnc = System.Convert.FromBase64String(CypherText);
byte[] bText = System.Text.Encoding.UTF8.GetBytes(signString.ToCharArray());
DSASignatureDeformatter DSADeformatter = new DSASignatureDeformatter(dsa);
DSADeformatter.SetHashAlgorithm("SHA1");
return(DSADeformatter.VerifySignature(bEnc, bText));
}
return(false);
}
/// <summary>
/// 验证签名数据。
/// </summary>
/// <param name="hashValue">哈希数据。</param>
/// <param name="signedData">已签名的哈希数据。</param>
/// <param name="hashAlg">哈希算法名称。</param>
/// <param name="publicKeyXmlString">公钥数据。</param>
/// <returns>验证通过返回True,否则返回False。</returns>
private static bool DsaVerifyHash(byte[] hashValue, byte[] signedData, string hashAlg, string publicKeyXmlString)
{
try
{
var dsa = new DSACryptoServiceProvider();
dsa.FromXmlString(publicKeyXmlString);
var signatureDeformatter = new DSASignatureDeformatter(dsa);
signatureDeformatter.SetHashAlgorithm(hashAlg);
return(signatureDeformatter.VerifySignature(hashValue, signedData));
}
catch (CryptographicException)
{
return(false);
}
}
public static bool verifySignature(byte[] hashValue, byte[] signature)
{
if (JAM_dotnet_verification_use_machine_keys() == 0)
{
DSACryptoServiceProvider.UseMachineKeyStore = true;
}
else
{
DSACryptoServiceProvider.UseMachineKeyStore = false;
}
DSACryptoServiceProvider key = new DSACryptoServiceProvider();
key.ImportParameters(dsaParms);
DSASignatureDeformatter deformatter = new DSASignatureDeformatter(key);
deformatter.SetHashAlgorithm("SHA1");
return(deformatter.VerifySignature(hashValue, signature));
}
/// <summary>
/// 校验签名是否正确
/// </summary>
/// <param name="decryptString"></param>
/// <param name="key"></param>
/// <returns></returns>
public static bool VerifySignature(string decryptString, string key = strKeys)
{
bool ret = false;
byte[] hashValue = { 22, 45, 78, 53, 1, 2, 205, 98, 75, 123, 45, 76, 143, 189, 205, 65, 12, 193, 211, 255 };
DSACryptoServiceProvider signer = new DSACryptoServiceProvider();
DSASignatureFormatter formatter = new DSASignatureFormatter(signer);
formatter.SetHashAlgorithm("SHA1");
byte[] signedHashValue = formatter.CreateSignature(hashValue);
DSASignatureDeformatter deformatter = new DSASignatureDeformatter(signer);
deformatter.SetHashAlgorithm("SHA1");
ret = deformatter.VerifySignature(hashValue, signedHashValue);
signer.Clear();
return(ret);
}
public bool VerifySignature(Stream stream, string signature)
{
try
{
using (var dsaCryptoProvider = new DSACryptoServiceProvider())
{
byte[] hash = (new SHA1Managed()).ComputeHash(stream);//for file or text
dsaCryptoProvider.ImportParameters(PublicKey);
var dsaDeformatter = new DSASignatureDeformatter(dsaCryptoProvider);
dsaDeformatter.SetHashAlgorithm("SHA1");
return(dsaDeformatter.VerifySignature(hash, StringToByteArray(signature)));
}
}
catch (CryptographicException e)
{
return(false);
}
}
/// <summary>
/// Verify a file using a signature file and a public key.
/// </summary>
/// <param name="filePath">The file whose contents will be hashed.</param>
/// <param name="signatureFilePath">The path of the signature file.</param>
/// <param name="publicBlob">The public key.</param>
/// <returns> True if the file is verified, otherwise false.</returns>
public static bool VerifyFile(string filePath, string signatureFilePath, byte[] publicBlob)
{
if (publicBlob.Length == 0)
{
return(false);
}
bool verified = false;
byte[] hash = null;
try
{
// Compute a hash of the installer
using (Stream fileStream = File.Open(filePath, FileMode.Open))
{
SHA1 sha1 = new SHA1CryptoServiceProvider();
hash = sha1.ComputeHash(fileStream);
}
// Import the public key
var dsa = new DSACryptoServiceProvider();
dsa.ImportCspBlob(publicBlob);
var dsaDeformatter = new DSASignatureDeformatter(dsa);
dsaDeformatter.SetHashAlgorithm("SHA1");
// Read the signature file
byte[] signature = File.ReadAllBytes(signatureFilePath);
// Verify the signature against the hash of the installer
verified = dsaDeformatter.VerifySignature(hash, signature);
Console.WriteLine("File verified: {0}", verified);
}
catch (Exception e)
{
Debug.WriteLine(e);
return(false);
}
return(verified);
}
public static void InvalidHashAlgorithm()
{
using (DSA dsa = DSAFactory.Create())
{
var formatter = new DSASignatureFormatter(dsa);
var deformatter = new DSASignatureDeformatter(dsa);
// Unlike RSA, DSA will throw during SetHashAlgorithm
Assert.Throws<CryptographicUnexpectedOperationException>(() =>
formatter.SetHashAlgorithm("INVALIDVALUE"));
Assert.Throws<CryptographicUnexpectedOperationException>(() =>
deformatter.SetHashAlgorithm("INVALIDVALUE"));
// Currently anything other than SHA1 fails
Assert.Throws<CryptographicUnexpectedOperationException>(() =>
formatter.SetHashAlgorithm("SHA256"));
Assert.Throws<CryptographicUnexpectedOperationException>(() =>
deformatter.SetHashAlgorithm("SHA256"));
}
}
public static void VerifyKnownSignature()
{
using (DSA dsa = DSAFactory.Create())
{
byte[] data;
byte[] signature;
DSAParameters dsaParameters;
DSATestData.GetDSA1024_186_2(out dsaParameters, out signature, out data);
byte[] hash = SHA1.HashData(data);
dsa.ImportParameters(dsaParameters);
var deformatter = new DSASignatureDeformatter(dsa);
deformatter.VerifySignature(hash, signature);
// Negative case
signature[signature.Length - 1] ^= 0xff;
Assert.False(deformatter.VerifySignature(hash, signature));
}
}
public static void InvalidHashAlgorithm()
{
using (DSA dsa = DSAFactory.Create())
{
var formatter = new DSASignatureFormatter(dsa);
var deformatter = new DSASignatureDeformatter(dsa);
// Unlike RSA, DSA will throw during SetHashAlgorithm
Assert.Throws <CryptographicUnexpectedOperationException>(() =>
formatter.SetHashAlgorithm("INVALIDVALUE"));
Assert.Throws <CryptographicUnexpectedOperationException>(() =>
deformatter.SetHashAlgorithm("INVALIDVALUE"));
// Currently anything other than SHA1 fails
Assert.Throws <CryptographicUnexpectedOperationException>(() =>
formatter.SetHashAlgorithm("SHA256"));
Assert.Throws <CryptographicUnexpectedOperationException>(() =>
deformatter.SetHashAlgorithm("SHA256"));
}
}
private bool DsaVerifyHash(byte[] hashValue, byte[] signedHashValue, DSAParameters dsaKey, string hashAlg)
{
var verified = false;
try
{
using (var dsa = new DSACryptoServiceProvider())
{
dsa.ImportParameters(dsaKey);
var dsaDeformatter = new DSASignatureDeformatter(dsa);
dsaDeformatter.SetHashAlgorithm(hashAlg);
verified = dsaDeformatter.VerifySignature(hashValue, signedHashValue);
}
}
catch (CryptographicException e)
{
MessageBox.Show(e.Message);
}
return(verified);
}
private void BtnVerify_Click(object sender, EventArgs e)
{
DSASignatureDeformatter DSADeformatter = new DSASignatureDeformatter(DSAC);
DSADeformatter.SetHashAlgorithm("SHA1");
SHA1Managed SHhash = new SHA1Managed();
if (DSADeformatter.VerifySignature(SHhash.ComputeHash(new UnicodeEncoding().GetBytes(textboxplaintext.Text)),
Convert.FromBase64String(textboxsigned.Text))
)
{
MessageBox.Show("The signature is valid.");
/// The signature is valid.
}
else
{
MessageBox.Show("The signature is not valid.");
/// The signature is not valid.
}
}
public static void VerifyKnownSignature()
{
using (DSA dsa = DSAFactory.Create())
{
byte[] data;
byte[] signature;
DSAParameters dsaParameters;
DSATestData.GetDSA1024_186_2(out dsaParameters, out signature, out data);
byte[] hash;
using (SHA1 alg = SHA1.Create())
{
hash = alg.ComputeHash(data);
}
dsa.ImportParameters(dsaParameters);
var deformatter = new DSASignatureDeformatter(dsa);
deformatter.VerifySignature(hash, signature);
// Negative case
signature[signature.Length - 1] ^= 0xff;
Assert.False(deformatter.VerifySignature(hash, signature));
}
}
