/// <summary> /// 使用公钥验证签名 /// </summary> /// <param name="data">原始数据</param> /// <param name="sign">签名的base64格式数据</param> /// <returns></returns> public static bool Verify(string data, string sign, string publicPemKey) { var rsa = RSACryptoServiceProvider.Create(); rsa.ImportParameters(GetRSAParametersFromFromPublicPem(publicPemKey)); return(rsa.VerifyData(Encoding.UTF8.GetBytes(data), Convert.FromBase64String(sign), HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1)); }
public void RoundtripCertificate_Should_Succeed() { // Arrange var originalRsaParameters = RSACryptoServiceProvider.Create(RsaKey.KeySize).ExportParameters(false); // Act var model = SerializationModelConverter.Convert(rsaParameters: originalRsaParameters); var rsaParameters = SerializationModelConverter.Convert(rsaSerializationModel: model); // Assert model.D.Should().BeNull(); rsaParameters.D.Should().BeNull(); model.DP.Should().BeNull(); rsaParameters.DP.Should().BeNull(); model.DQ.Should().BeNull(); rsaParameters.DQ.Should().BeNull(); System.Convert.FromBase64String(model.Exponent).SequenceEqual(rsaParameters.Exponent).Should().BeTrue(); model.InverseQ.Should().BeNull(); rsaParameters.InverseQ.Should().BeNull(); System.Convert.FromBase64String(model.Modulus).SequenceEqual(rsaParameters.Modulus).Should().BeTrue(); model.P.Should().BeNull(); rsaParameters.P.Should().BeNull(); model.Q.Should().BeNull(); rsaParameters.Q.Should().BeNull(); }
/// <summary> /// 使用私钥签名,并返回base64格式的签名 /// </summary> /// <param name="data">原始数据</param> /// <returns></returns> public static string Sign(string data, string privatePemKey) { var rsa = RSACryptoServiceProvider.Create(); rsa.ImportParameters(GetRSAParametersFromFromPrivatePem(privatePemKey)); return(Convert.ToBase64String(rsa.SignData(Encoding.UTF8.GetBytes(data), HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1))); }
static void Main(string[] args) { var plainText = "Hello world"; var HashAlgorithm = HashAlgorithmName.SHA256.Name; var hashedData = HashData(plainText, HashAlgorithm); Console.WriteLine($"Plain text: {plainText}"); Console.WriteLine($"Hashed text: {Convert.ToBase64String(hashedData)}"); const int KeySize = 2048; using var rsa = RSACryptoServiceProvider.Create(KeySize); Console.WriteLine("\nUsing Signature Formatters"); var signature1 = SignByFormatter(rsa, hashedData, HashAlgorithm); var verificationResult1 = VerifySignatureByFormatter(rsa, hashedData, signature1, HashAlgorithm); Console.WriteLine($"1st Signature: {Convert.ToBase64String(signature1)}"); Console.WriteLine($"1st Verification result: {verificationResult1}"); // Someone malicious edits your data var hashedData2 = (byte[])hashedData.Clone(); hashedData2[0] = (byte)new Random().Next(); var verificationResult2 = VerifySignatureByFormatter(rsa, hashedData2, signature1, HashAlgorithm); Console.WriteLine($"2nd Verification result: {verificationResult2}"); Console.WriteLine("\nUsing RSA only"); var signature2 = rsa.SignHash(hashedData, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1); var verificationResult3 = rsa.VerifyHash(hashedData, signature2, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1); Console.WriteLine($"2nd Signature: {Convert.ToBase64String(signature2)}"); Console.WriteLine($"3rd Verification result: {verificationResult1}"); }
/// <summary> /// Generates a new public/private key pair as XML strings /// </summary> public void GenerateNewKeyset(ref string publicKeyXML, ref string privateKeyXML) { RSA rsa = RSACryptoServiceProvider.Create(); publicKeyXML = rsa.ToXmlString(false); privateKeyXML = rsa.ToXmlString(true); }
public override IE2eEndpoint GenerateEndpoint(IE2eSymmetricCipher Cipher) { RSA RSA = RSACryptoServiceProvider.Create(); RSA.KeySize = 1024; return(new RsaEndpoint(RSA, Cipher)); }
/// <summary> /// 根据pem格式的publicKey加密,此用的是RSACryptoServiceProvider,微软考虑到安全性,约定只有公钥能进行加密 /// </summary> /// <param name="publicPemKey"></param> /// <param name="inBuf"></param> /// <returns></returns> public static byte[] EncryptByPublicPemKey(string publicPemKey, byte[] inBuf) { var para = GetRSAParametersFromFromPublicPem(publicPemKey); var rsa = RSACryptoServiceProvider.Create(); rsa.ImportParameters(para); return(rsa.Encrypt(inBuf, RSAEncryptionPadding.Pkcs1));//大多数用的是pkcs1方式,考虑和其它系统或平台的兼容,用此方式 }
public SigningConfigurations() { using (var provider = RSACryptoServiceProvider.Create(2048)) { Key = new RsaSecurityKey(provider.ExportParameters(true)); } SigningCredentials = new SigningCredentials(Key, SecurityAlgorithms.RsaSha256Signature); }
/// <summary>秘密鍵と公開鍵を取得する。</summary> /// <param name="publicKey">公開鍵</param> /// <param name="privateKey">秘密鍵</param> public static void GetKeys(out string publicKey, out string privateKey) { // RSACryptoServiceProviderオブジェクトの作成 RSA rsa = RSACryptoServiceProvider.Create(); // devps(1703) // 公開鍵をXML形式で取得 publicKey = rsa.ToXmlString(false); // 秘密鍵をXML形式で取得 privateKey = rsa.ToXmlString(true); rsa.Clear(); // devps(1725) }
public void ConfigureServices(IServiceCollection services) { services.AddMvc(); services .AddDbContext <ApplicationDbContext>(ConfigureDb()) .AddIdentity <ApplicationUser, IdentityRole>() .AddEntityFrameworkStores <ApplicationDbContext>() .AddDefaultTokenProviders(); services.ConfigureApplicationCookie(options => { options.Cookie.Name = "Mimoto.Identity"; options.Cookie.HttpOnly = true; options.ExpireTimeSpan = TimeSpan.FromMinutes(60); options.SlidingExpiration = true; }); var identityBuilder = services.AddIdentityServer() .AddAspNetIdentity <ApplicationUser>() .AddConfigurationStore(options => { options.ConfigureDbContext = ConfigureDb(); }) // this adds the operational data from DB (codes, tokens, consents) .AddOperationalStore(options => { options.ConfigureDbContext = ConfigureDb(); // this enables automatic token cleanup. this is optional. options.EnableTokenCleanup = true; }); if (_env.IsDevelopment()) { identityBuilder.AddDeveloperSigningCredential(); } else { SecurityKey key = new RsaSecurityKey(RSACryptoServiceProvider.Create(512)); var signingCredentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256Signature); identityBuilder.AddSigningCredential(signingCredentials); } services.AddExternalAuthentication(_config) .AddIfExists("google", (p, a, c) => a.AddGoogle(p, c)) .AddIfExists("facebook", (p, a, c) => a.AddFacebook(p, c)) .AddIfExists("microsoft", (p, a, c) => a.AddMicrosoftAccount(p, c)) .AddIfExists("github", (p, a, c) => a.AddGitHub(p, c)); services.AddSingleton <IWindowsPrincipalProvider, WindowsPrincipalProvider>(); }
public String Sign(Byte[] iData) { using (SHA256 pSHAHash = SHA256CryptoServiceProvider.Create()) { Byte[] pBytSHAHash = pSHAHash.ComputeHash(iData); using (RSACryptoServiceProvider pCSPRSA = (RSACryptoServiceProvider)RSACryptoServiceProvider.Create()) { pCSPRSA.ImportParameters(RSAParameters); Byte[] pBytSignature = pCSPRSA.SignHash(pBytSHAHash, CryptoConfig.MapNameToOID("SHA256")); return(Convert.ToBase64String(pBytSignature)); } } }
public Boolean VerifySignature(Byte[] iData, Byte[] iSignature) { using (SHA256 pSHAHash = SHA256CryptoServiceProvider.Create()) { Byte[] pBytSHAHash = pSHAHash.ComputeHash(iData); using (RSACryptoServiceProvider pCSPRSA = (RSACryptoServiceProvider)RSACryptoServiceProvider.Create()) { pCSPRSA.ImportParameters(RSAParameters); return(pCSPRSA.VerifyHash(pBytSHAHash, CryptoConfig.MapNameToOID("SHA256"), iSignature)); } } }
static void Main(string[] args) { RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)RSACryptoServiceProvider.Create(); using (StreamReader pemFile = File.OpenText("su.pem")) { rsa.LoadPrivateKeyPEM(pemFile.ReadToEnd()); } MerchantApiClient client = new MerchantApiClient("c8kqcf", "su", rsa); LogResponse(client.Get("/merchant/" + client.merchantId + "/")); LogResponse(client.Post("/pos/", "{\"id\": \"pos1\", \"name\":\"pøs1\", \"type\":\"store\"}")); LogResponse(client.Delete("/pos/pos1/")); }
/// <summary>暗号化されたバイト配列を復号化する</summary> /// <param name="source">暗号化されたバイト配列</param> /// <param name="privateKey">復号化に使用する秘密鍵</param> /// <returns>非対称アルゴリズムで復号化されたバイト配列</returns> public static byte[] DecryptBytes(byte[] source, string privateKey) { // RSACryptoServiceProviderオブジェクトの作成 RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)RSACryptoServiceProvider.Create(); // devps(1703) // 秘密鍵 rsa.FromXmlString(privateKey); // 復号化 byte[] temp = rsa.Decrypt(source, false); rsa.Clear(); // devps(1725) return(temp); }
/// <summary>バイト配列を暗号化する</summary> /// <param name="source">暗号化するバイト配列</param> /// <param name="publicKey">暗号化に使用する公開鍵</param> /// <returns>非対称アルゴリズムで暗号化されたバイト配列</returns> public static byte[] EncryptBytes(byte[] source, string publicKey) { // RSACryptoServiceProviderオブジェクトの作成 RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)RSACryptoServiceProvider.Create(); // devps(1703) // 公開鍵 rsa.FromXmlString(publicKey); // 暗号化する byte[] temp = rsa.Encrypt(source, false); rsa.Clear(); // devps(1725) return(temp); }
static void Main(string[] args) { Console.WriteLine("Enter the text to be Encrpted"); RSA Rsa = RSACryptoServiceProvider.Create(512); //Console.WriteLine(Rsa.ToXmlString(true)); UnicodeEncoding ByteConverter = new UnicodeEncoding(); var cypher = Rsa.Encrypt(ByteConverter.GetBytes("Hello"), RSAEncryptionPadding.OaepSHA1); Console.WriteLine(ByteConverter.GetString(cypher)); var text = Rsa.Decrypt(cypher, RSAEncryptionPadding.OaepSHA1); Console.WriteLine(ByteConverter.GetString(text)); //RSAParameters RsaParameters = new RSAParameters(); RSAParameters rs = new RSAParameters(); }
/// <summary>秘密鍵と公開鍵を取得する。</summary> /// <param name="publicKey">公開鍵</param> /// <param name="privateKey">秘密鍵</param> public static void GetKeys(out string publicKey, out string privateKey) { // RSACryptoServiceProviderオブジェクトの作成 RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)RSACryptoServiceProvider.Create(); // 公開鍵をXML形式で取得 publicKey = rsa.ToXmlString(false); // 秘密鍵をXML形式で取得 privateKey = rsa.ToXmlString(true); // https://msdn.microsoft.com/en-us/library/tswxhw92.aspx // https://msdn.microsoft.com/ja-jp/library/tswxhw92.aspx rsa.PersistKeyInCsp = false; rsa.Clear(); // devps(1725) }
/// <summary>対称アルゴリズム暗号化サービスプロバイダ生成</summary> /// <param name="easa">EnumASymmetricAlgorithm</param> /// <param name="certificateFilePath">X.509証明書(*.pfx, *.cer)へのパス</param> /// <param name="password">パスワード</param> /// <param name="flag">X509KeyStorageFlags</param> /// <returns>AsymmetricAlgorithm</returns> public static AsymmetricAlgorithm CreateCryptographySP(EnumASymmetricAlgorithm easa, string certificateFilePath = "", string password = "", X509KeyStorageFlags flag = X509KeyStorageFlags.DefaultKeySet) { AsymmetricAlgorithm asa = null; if (easa == EnumASymmetricAlgorithm.X509) { // X.509対応 X509Certificate2 x509Key = new X509Certificate2(certificateFilePath, password, flag); if (string.IsNullOrEmpty(password)) { asa = x509Key.PublicKey.Key; } else { asa = x509Key.PrivateKey; } } else { if (easa == EnumASymmetricAlgorithm.RsaCsp) { // RSACryptoServiceProviderサービスプロバイダ asa = RSACryptoServiceProvider.Create(); // devps(1703) } #if !NET45 else if (easa == EnumASymmetricAlgorithm.RsaCng) { // RSACngサービスプロバイダ asa = RSACng.Create(); // devps(1703) } #endif #if NETSTD else if (easa == EnumASymmetricAlgorithm.RsaOpenSsl) { // RSAOpenSslサービスプロバイダ asa = RSAOpenSsl.Create(); // devps(1703) } #endif } return(asa); }
/// <summary>バイト配列を暗号化する</summary> /// <param name="source">暗号化するバイト配列</param> /// <param name="publicKey">暗号化に使用する公開鍵</param> /// <returns>非対称アルゴリズムで暗号化されたバイト配列</returns> public static byte[] EncryptBytes(byte[] source, string publicKey) { // RSACryptoServiceProviderオブジェクトの作成 RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)RSACryptoServiceProvider.Create(); // devps(1703) // 公開鍵 rsa.FromXmlString(publicKey); // 暗号化する(XP以降の場合のみ2項目にTrueを指定し、OAEPパディングを使用できる) byte[] temp = rsa.Encrypt(source, false); // https://msdn.microsoft.com/en-us/library/tswxhw92.aspx // https://msdn.microsoft.com/ja-jp/library/tswxhw92.aspx rsa.PersistKeyInCsp = false; rsa.Clear(); // devps(1725) return(temp); }
internal static void CreateKey() { using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider()) { //Export the key information to an RSAParameters object. //Pass false to export the public key information or pass //true to export public and private key information. RSAParameters RSAParams = RSA.ExportParameters(false); } RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); using (StreamWriter writer = new StreamWriter("PrivateKey.xml")) //这个文件要保密... { writer.WriteLine(RSACryptoServiceProvider.Create().ToXmlString(true)); } using (StreamWriter writer = new StreamWriter("PublicKey.xml")) { writer.WriteLine(rsa.ToXmlString(false)); } }
public void Complete(string token) { //generate aes key and iv AesCryptoServiceProvider aes = (AesCryptoServiceProvider)AesCryptoServiceProvider.Create(); aes.GenerateIV(); aes.GenerateKey(); aes.Padding = PaddingMode.PKCS7; //encrypt the token and encode as hex byte[] unencryptedTokenBytes = System.Text.Encoding.UTF8.GetBytes(token); using (ICryptoTransform encrypt = aes.CreateEncryptor()) { byte[] encryptedTokenBytes = encrypt.TransformFinalBlock(unencryptedTokenBytes, 0, unencryptedTokenBytes.Length); EncryptedToken = encryptedTokenBytes.ToHexString(); } //hex decode the public rsa key xml string publicRSAKeyXML = PublicRSAKey.StringFromHexString(); //create an initialise an instance of the rsa provider RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)RSACryptoServiceProvider.Create(); rsa.FromXmlString(publicRSAKeyXML); //encrypt and hex encode the key byte[] encryptedAESKeyBytes = rsa.Encrypt(aes.Key, RSAEncryptionPadding.Pkcs1); string encryptedAESKey = encryptedAESKeyBytes.ToHexString(); //hex encode the IV string iv = aes.IV.ToHexString(); //concatenate the iv and encrypted key EncryptedAESKey = String.Format("{0}.{1}", iv, encryptedAESKey); State = "complete"; }
public ActionResult GetPasswordToken() { try { PasswordToken token = new PasswordToken { Rsa = (RSACryptoServiceProvider)RSACryptoServiceProvider.Create(), ChallengeData = Guid.NewGuid().ToString("N").Substring(0, 8) }; var rsa = _randomCodeHelper.CreateObject(RandomCodeNames.PasswordToken, token, TimeSpan.FromMinutes(1)); var p = token.Rsa.ExportParameters(false); return(Json(new { Success = true, RsaModulus = p.Modulus.ToHexString(), RsaExponent = p.Exponent.ToHexString(), ChallengeData = rsa.ChallengeData.GetBytesAscii().ToHexString() }, JsonRequestBehavior.AllowGet)); } catch (Exception ex) { return(Json(new SimpleAjaxResult(ex.Message), JsonRequestBehavior.AllowGet)); } }
public IDictionary <string, string> Execute(IDictionary <string, string> options) { string keytype; if (!options.TryGetValue(KEY_TYPE_NAME, out keytype)) { keytype = DEFAULT_KEYTYPE; } string username; if (!options.TryGetValue(KEY_USERNAME, out username)) { username = DEFAULT_USERNAME; } string keylen_s; if (!options.TryGetValue(KEY_KEYLEN, out keylen_s)) { keylen_s = "0"; } int keylen; if (!int.TryParse(keylen_s, out keylen)) { keylen = DEFAULT_KEYLEN; } if (KEYTYPE_RSA.Equals(keytype, StringComparison.InvariantCultureIgnoreCase)) { var rsa = RSACryptoServiceProvider.Create(); if (keylen > 0) { rsa.KeySize = keylen; } else { rsa.KeySize = DEFAULT_KEYLEN; } var key = rsa.ExportParameters(true); var privateEntries = new byte[][] { new byte[] { 0x0 }, key.Modulus, key.Exponent, key.D, key.P, key.Q, key.DP, key.DQ, key.InverseQ }; var publicEntries = new byte[][] { System.Text.Encoding.ASCII.GetBytes(PUB_KEY_FORMAT_RSA), key.Exponent, key.Modulus }; return(OutputKey(EncodeDER(privateEntries), EncodePEM(publicEntries), KEY_TEMPLATE_RSA, PUB_KEY_FORMAT_RSA, username)); } else if (KEYTYPE_DSA.Equals(keytype, StringComparison.InvariantCultureIgnoreCase)) { var dsa = DSACryptoServiceProvider.Create(); if (keylen > 0) { dsa.KeySize = keylen; } else { dsa.KeySize = DEFAULT_KEYLEN; } var key = dsa.ExportParameters(true); var privateEntries = new byte[][] { new byte[] { 0x0 }, key.P, key.Q, key.G, key.Y, key.X }; var publicEntries = new byte[][] { System.Text.Encoding.ASCII.GetBytes(PUB_KEY_FORMAT_DSA), key.P, key.Q, key.G, key.Y }; return(OutputKey(EncodeDER(privateEntries), EncodePEM(publicEntries), KEY_TEMPLATE_DSA, PUB_KEY_FORMAT_DSA, username)); } else { throw new Exception(string.Format("Unsupported key type: {0}", keytype)); } }