/// <summary>
/// 解析java生成的pem文件私钥
/// </summary>
/// <param name="pemstr"></param>
/// <returns></returns>
internal static RSACryptoServiceProvider DecodePemPrivateKey(string pemstr)
{
RSACryptoServiceProvider rsa = null;
byte[] pkcs8PrivteKey = Convert.FromBase64String(pemstr);
if (pkcs8PrivteKey != null)
{
rsa = RSAProviderFactory.DecodePrivateKeyInfo(pkcs8PrivteKey);
}
return(rsa);
}
/// <summary>
/// 签名
/// </summary>
/// <param name="content">需要签名的内容</param>
/// <param name="privateKey">私钥</param>
/// <param name="inputCharset">编码格式</param>
/// <returns>返回签名字符串</returns>
public static string Sign(string content, string privateKey, string inputCharset)
{
Encoding code = Encoding.GetEncoding(inputCharset);
byte[] data = code.GetBytes(content);
RSACryptoServiceProvider rsa = RSAProviderFactory.DecodePemPrivateKey(privateKey);
SHA1 sh = new SHA1CryptoServiceProvider();
byte[] signData = rsa.SignData(data, sh);
return(Convert.ToBase64String(signData));
}
public static string Decrypt(byte[] data, string privateKey, string inputCharset)
{
string result = "";
RSACryptoServiceProvider rsa = RSAProviderFactory.DecodePemPrivateKey(privateKey);
SHA1 sh = new SHA1CryptoServiceProvider();
byte[] source = rsa.Decrypt(data, false);
Encoding code = Encoding.GetEncoding(inputCharset);
char[] asciiChars = new char[code.GetCharCount(source, 0, source.Length)];
code.GetChars(source, 0, source.Length, asciiChars, 0);
result = new string(asciiChars);
return(result);
}
/// <summary>
/// 验证签名
/// </summary>
/// <param name="content">需要验证的内容</param>
/// <param name="signedString">签名结果</param>
/// <param name="publicKey">公钥</param>
/// <param name="inputCharset">编码格式</param>
/// <returns>验签结果</returns>
public static bool Verify(string content, string signedString, string publicKey, string inputCharset)
{
bool result = false;
Encoding code = Encoding.GetEncoding(inputCharset);
byte[] data = code.GetBytes(content);
byte[] soureData = Convert.FromBase64String(signedString);
RSAParameters paraPub = RSAProviderFactory.ConvertFromPublicKey(publicKey);
RSACryptoServiceProvider rsaPub = new RSACryptoServiceProvider();
rsaPub.ImportParameters(paraPub);
SHA1 sh = new SHA1CryptoServiceProvider();
result = rsaPub.VerifyData(data, sh, soureData);
return(result);
}
internal static RSACryptoServiceProvider DecodePrivateKeyInfo(byte[] pkcs8)
{
byte[] seqOID = { 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00 };
byte[] seq = new byte[15];
MemoryStream mem = new MemoryStream(pkcs8);
RSACryptoServiceProvider rsacsp = null;
int lenStream = (int)mem.Length;
BinaryReader binReader = new BinaryReader(mem);
byte bt = 0;
ushort twoBytes = 0;
try
{
twoBytes = binReader.ReadUInt16();
if (twoBytes == 0x8130) //data read as little endian order (actual data order for Sequence is 30 81)
{
binReader.ReadByte(); //advance 1 byte
}
else if (twoBytes == 0x8230)
{
binReader.ReadInt16(); //advance 2 bytes
}
else
{
return(null);
}
bt = binReader.ReadByte();
if (bt != 0x02)
{
return(null);
}
twoBytes = binReader.ReadUInt16();
if (twoBytes != 0x0001)
{
return(null);
}
seq = binReader.ReadBytes(15); //read the Sequence OID
if (!CompareBytearrays(seq, seqOID)) //make sure Sequence for OID is correct
{
return(null);
}
bt = binReader.ReadByte();
if (bt != 0x04) //expect an Octet string
{
return(null);
}
bt = binReader.ReadByte(); //read next byte, or next 2 bytes is 0x81 or 0x82; otherwise bt is the byte count
if (bt == 0x81)
{
binReader.ReadByte();
}
else
if (bt == 0x82)
{
binReader.ReadUInt16();
}
// at this stage, the remaining sequence should be the RSA private key
byte[] rsaprivkey = binReader.ReadBytes((int)(lenStream - mem.Position));
rsacsp = RSAProviderFactory.DecodeRSAPrivateKey(rsaprivkey);
return(rsacsp);
}
catch
{
return(null);
}
finally
{
binReader.Close();
}
}