internal ParametersWithID GetPrivateKey() { var key = PrivateKeyFactory.CreateKey(Convert.FromBase64String(PrivateKey)); var parametersWithId = new ParametersWithID(key, Encoding.UTF8.GetBytes(DefaultUserId)); return(parametersWithId); }
private ParametersWithID BuildPrivateKeyParams(string privateKey) { AsymmetricKeyParameter key = PrivateKeyFactory.CreateKey(Convert.FromBase64String(privateKey)); ParametersWithID parametersWithID = new ParametersWithID(key, Encoding.UTF8.GetBytes(DEFAULT_USER_ID)); return(parametersWithID); }
/** * sm2验签 * @param userId ID值,若无约定,使用默认:1234567812345678 * @param publicKey 公钥,二进制数据 * @param sourceData 待验签数据 * @param signData 签名值 * @return 返回是否成功 */ public static Boolean VerifySign(byte[] userId, byte[] publicKey, byte[] sourceData, byte[] signData) { if (publicKey.Length == 64) { byte[] tmp = new byte[65]; Buffer.BlockCopy(publicKey, 0, tmp, 1, publicKey.Length); tmp[0] = 0x04; publicKey = tmp; } X9ECParameters sm2p256v1 = GMNamedCurves.GetByName("sm2p256v1"); ECDomainParameters parameters = new ECDomainParameters(sm2p256v1.Curve, sm2p256v1.G, sm2p256v1.N); ECPublicKeyParameters pubKeyParameters = new ECPublicKeyParameters(sm2p256v1.Curve.DecodePoint(publicKey), parameters); SM2Signer signer = new SM2Signer(); ICipherParameters param; if (userId != null) { param = new ParametersWithID(pubKeyParameters, userId); } else { param = pubKeyParameters; } signer.Init(false, param); signer.BlockUpdate(sourceData, 0, sourceData.Length); return(signer.VerifySignature(signData)); }
/// <summary> /// 验证签名 /// </summary> /// <param name="publicKey">公钥</param> /// <param name="content">待签名内容</param> /// <param name="sign">签名值</param> /// <returns></returns> public static bool Verify(string publicKey, string content, string sign) { //待签名内容 byte[] message = Hex.Decode(content); byte[] signData = Hex.Decode(sign); // 获取一条SM2曲线参数 X9ECParameters sm2EcParameters = GMNamedCurves.GetByName("sm2p256v1"); // 构造domain参数 ECDomainParameters domainParameters = new ECDomainParameters(sm2EcParameters.Curve, sm2EcParameters.G, sm2EcParameters.N); //提取公钥点 ECPoint pukPoint = sm2EcParameters.Curve.DecodePoint(Hex.Decode(publicKey)); // 公钥前面的02或者03表示是压缩公钥,04表示未压缩公钥, 04的时候,可以去掉前面的04 ECPublicKeyParameters publicKeyParameters = new ECPublicKeyParameters(pukPoint, domainParameters); //创建签名实例 SM2Signer sm2Signer = new SM2Signer(); ParametersWithID parametersWithId = new ParametersWithID(publicKeyParameters, Strings.ToByteArray("1234567812345678")); sm2Signer.Init(false, parametersWithId); //sm2Signer.BlockUpdate(); //验证签名结果 bool verify = sm2Signer.VerifySignature(message); return(verify); }
protected override bool DoVerify(string content, string charset, string publicKey, string sign) { //加载公钥参数 ParametersWithID parametersWithID = BuildPublickKeyParams(publicKey); //加载签名器 SM2Signer signer = new SM2Signer(); signer.Init(false, parametersWithID); //向签名器中输入原文 byte[] input = Encoding.GetEncoding(charset).GetBytes(content); signer.BlockUpdate(input, 0, input.Length); //传入指定签名串进行验签并返回结果 return(signer.VerifySignature(Convert.FromBase64String(sign))); }
protected override string DoSign(string content, string charset, string privateKey) { //加载私钥参数 ParametersWithID parametersWithID = BuildPrivateKeyParams(privateKey); //加载签名器 SM2Signer signer = new SM2Signer(); signer.Init(true, parametersWithID); //向签名器中输入原文 byte[] input = Encoding.GetEncoding(charset).GetBytes(content); signer.BlockUpdate(input, 0, input.Length); //将签名结果转换为Base64 return(Convert.ToBase64String(signer.GenerateSignature())); }
/// <summary> /// /// </summary> /// <param name="msg"></param> /// <param name="signature"></param> /// <param name="id"></param> /// <returns></returns> public bool VerifySignWithRsAsn1(byte[] msg, byte[] signature, byte[] id = null) { var signer = SignerUtilities.GetSigner("SM3withSM2"); ICipherParameters cp; if (id != null) { cp = new ParametersWithID(new ParametersWithRandom(key.PrivateKeyParameters), id); } else { cp = new ParametersWithRandom(key.PrivateKeyParameters); } signer.Init(true, cp); signer.BlockUpdate(msg, 0, msg.Length); return(signer.VerifySignature(RsPlainByteArrayToAsn1(signature))); }
/// <summary> /// /// </summary> /// <param name="msg"></param> /// <param name="signature"></param> /// <param name="id"></param> /// <returns></returns> public bool VerifySign(byte[] msg, byte[] signature, byte[] id = null) { var sm2 = new SM2Signer(new SM3()); ICipherParameters cp; if (id != null) { cp = new ParametersWithID(key.PublicKeyParameters, id); } else { cp = key.PublicKeyParameters; } sm2.Init(false, cp); sm2.BlockUpdate(msg, 0, msg.Length); return(sm2.VerifySignature(signature)); }
/// <summary> /// /// </summary> /// <param name="msg"></param> /// <param name="id"></param> /// <returns></returns> public byte[] Sign(byte[] msg, byte[] id = null) { var sm2 = new SM2Signer(new SM3()); ICipherParameters cp; if (id != null) { cp = new ParametersWithID(new ParametersWithRandom(key.PrivateKeyParameters), id); } else { cp = new ParametersWithRandom(key.PrivateKeyParameters); } sm2.Init(true, cp); sm2.BlockUpdate(msg, 0, msg.Length); return(sm2.GenerateSignature()); }
/** * sm2签名 * @param userId ID值,若无约定,使用默认:1234567812345678 * @param privateKey 私钥,二进制数据 * @param sourceData 待签名数据 * @return 返回der编码的签名值 * @throws CryptoException */ public static byte[] Sign(byte[] userId, byte[] privateKey, byte[] sourceData) { X9ECParameters sm2p256v1 = GMNamedCurves.GetByName("sm2p256v1"); ECDomainParameters parameters = new ECDomainParameters(sm2p256v1.Curve, sm2p256v1.G, sm2p256v1.N); ECPrivateKeyParameters priKeyParameters = new ECPrivateKeyParameters(new BigInteger(1, privateKey), parameters); SM2Signer signer = new SM2Signer(); ICipherParameters param = null; ParametersWithRandom pwr = new ParametersWithRandom(priKeyParameters, new SecureRandom()); if (userId != null) { param = new ParametersWithID(pwr, userId); } else { param = pwr; } signer.Init(true, param); signer.BlockUpdate(sourceData, 0, sourceData.Length); return(signer.GenerateSignature()); }
///** // * 私钥签名 // * @param privateKey 私钥 // * @param content 待签名内容 // * @return // */ //public static String sign(String privateKey, String content) //{ // //待签名内容转为字节数组 // byte[] message = Hex.Decode(content); // //获取一条SM2曲线参数 // X9ECParameters sm2ECParameters = GMNamedCurves.GetByName("sm2p256v1"); // //构造domain参数 // ECDomainParameters domainParameters = new ECDomainParameters(sm2ECParameters.Curve,sm2ECParameters.G, sm2ECParameters.N); // BigInteger privateKeyD = new BigInteger(privateKey, 16); // ECPrivateKeyParameters privateKeyParameters = new ECPrivateKeyParameters(privateKeyD, domainParameters); // //创建签名实例 // SM2Signer sm2Signer = new SM2Signer(); // //初始化签名实例,带上ID,国密的要求,ID默认值:1234567812345678 // sm2Signer.Init(true, new ParametersWithID(new ParametersWithRandom(privateKeyParameters, SecureRandom.GetInstance("SHA1PRNG")), Strings.ToByteArray("1234567812345678"))); // //生成签名,签名分为两部分r和s,分别对应索引0和1的数组 // byte[] bigIntegers = sm2Signer.GenerateSignature(); // byte[] rBytes = modifyRSFixedBytes(bigIntegers[0].toByteArray()); // byte[] sBytes = modifyRSFixedBytes(bigIntegers[1].toByteArray()); // byte[] signBytes = ByteUtils.concatenate(rBytes, sBytes); // String sign = Hex.toHexString(signBytes); // return sign; //} ///** // * 将R或者S修正为固定字节数 // * @param rs // * @return // */ //private static byte[] modifyRSFixedBytes(byte[] rs) //{ // int length = rs.length; // int fixedLength = 32; // byte[] result = new byte[fixedLength]; // if (length < 32) // { // System.arraycopy(rs, 0, result, fixedLength - length, length); // } // else // { // System.arraycopy(rs, length - fixedLength, result, 0, fixedLength); // } // return result; //} /** * 验证签名 * @param publicKey 公钥 * @param content 待签名内容 * @param sign 签名值 * @return */ public static bool verify(string publicKey, string content, string sign) { //待签名内容 byte[] message = Hex.Decode(content); byte[] signData = Hex.Decode(sign); // 获取一条SM2曲线参数 X9ECParameters sm2EcParameters = GMNamedCurves.GetByName("sm2p256v1"); // 构造domain参数 ECDomainParameters domainParameters = new ECDomainParameters(sm2EcParameters.Curve, sm2EcParameters.G, sm2EcParameters.N); //提取公钥点 ECPoint pukPoint = sm2EcParameters.Curve.DecodePoint(Hex.Decode(publicKey)); // 公钥前面的02或者03表示是压缩公钥,04表示未压缩公钥, 04的时候,可以去掉前面的04 ECPublicKeyParameters publicKeyParameters = new ECPublicKeyParameters(pukPoint, domainParameters); //获取签名 //BigInteger R = null; //BigInteger S = null; //byte[] rBy = new byte[33]; //Array.Copy(signData, 0, rBy, 1, 32); //rBy[0] = 0x00; //byte[] sBy = new byte[33]; //Array.Copy(signData, 32, sBy, 1, 32); //sBy[0] = 0x00; //R = new BigInteger(rBy); //S = new BigInteger(sBy); //创建签名实例 SM2Signer sm2Signer = new SM2Signer(); ParametersWithID parametersWithId = new ParametersWithID(publicKeyParameters, Strings.ToByteArray("1234567812345678")); sm2Signer.Init(false, parametersWithId); //验证签名结果 bool verify = sm2Signer.VerifySignature(message); return(verify); }