一、.Net加签与验签。经过测试,发现使用同一套私钥和公钥,JAVA和.Net可以实现互通
1.1 私钥加签 公钥验签
public void Encode()
{
try
{
var path = AppDomain.CurrentDomain.BaseDirectory + "../../ADFS/donghuangtaiyi.pfx"; X509Certificate2 cert = new X509Certificate2(path, "xxxxx", X509KeyStorageFlags.Exportable);
var privateKey = cert.PrivateKey.ToXmlString(true); var bt = Encoding.UTF8.GetBytes(data);
var rsaProvider = new RSACryptoServiceProvider();
rsaProvider.FromXmlString(privateKey);
byte[] inArray = rsaProvider.SignData(bt, CryptoConfig.MapNameToOID("SHA384"));
var result = Convert.ToBase64String(inArray);
}
catch (Exception)
{
throw;
}
}
1.2验签
public void Decode()
{
try
{ var path = AppDomain.CurrentDomain.BaseDirectory + "../../ADFS/dongsheng.crt";
var publicCert = new X509Certificate2(path);
var publicKey = publicCert.PublicKey.Key.ToXmlString(false); var rsaProvider = new RSACryptoServiceProvider();
rsaProvider.FromXmlString(publicKey);
var signatureData = Encoding.UTF8.GetBytes(data);
var result = rsaProvider.VerifyData(signatureData, CryptoConfig.MapNameToOID("SHA256"), Convert.FromBase64String(SignatureData)); }
catch (Exception ex)
{ throw;
}
}
二、实现私钥和公钥,.Net与Java转换。java和.Net秘钥格式不一样,.Net是xml格式,Java是字符串格式。
引用 BouncyCastle.dll类库
2.1 加签,这个加签结果和1.1的加签结果是一样的
public string EncodeJava()
{
try
{
var path = AppDomain.CurrentDomain.BaseDirectory + "../../ADFS/donghuangtaiyi.pfx"; X509Certificate2 cert = new X509Certificate2(path, "", X509KeyStorageFlags.Exportable);
var privateKey = cert.PrivateKey.ToXmlString(true);
var javaPrivateKey = DoNet2JavaForKey.RSAPrivateKeyDotNet2Java(privateKey); RsaKeyParameters privateKeyParam = (RsaKeyParameters)PrivateKeyFactory.CreateKey(Convert.FromBase64String(javaPrivateKey));
ISigner signer = SignerUtilities.GetSigner("SHA384WithRSA");
signer.Init(true, privateKeyParam);
var dataByte = Encoding.UTF8.GetBytes(data);
signer.BlockUpdate(dataByte, , dataByte.Length);
var result = Convert.ToBase64String(signer.GenerateSignature());
return result;
}
catch (Exception ex)
{ return "";
}
}
2.1解签
public void DecodeJava()
{
try
{
var data="12312ewrwe你好"; var path = AppDomain.CurrentDomain.BaseDirectory + "../../ADFS/dongsheng.crt";
var publicCert = new X509Certificate2(path);
var publicKey = publicCert.PublicKey.Key.ToXmlString(false);
var publicKeyJava = DoNet2JavaForKey.RSAPublicKeyDotNet2Java(publicKey); string hashAlgorithm = "SHA256WithRSA"; RsaKeyParameters publicKeyParam = (RsaKeyParameters)PublicKeyFactory.CreateKey(Convert.FromBase64String(publicKeyJava)); ISigner signer = SignerUtilities.GetSigner(hashAlgorithm);
//参数为false验签,参数为true加签
signer.Init(false, publicKeyParam);
byte[] dataByte = Encoding.UTF8.GetBytes(data);
signer.BlockUpdate(dataByte, , dataByte.Length); byte[] signatureByte = Convert.FromBase64String(SignatureData);
var result = signer.VerifySignature(signatureByte); }
catch (Exception ex)
{ throw;
}
}