问题
I want to verify my signature. I use this code
var encoder = new UTF8Encoding();
byte[] bytesToVerify = encoder.GetBytes(LoginChallenge);
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
RSAKeyInfo.Modulus = publickey1;
rsa.ImportParameters(RSAKeyInfo);
bool suc = rsa.VerifyData(bytesToVerify, CryptoConfig.MapNameToOID("SHA1"), signedBytes);
I have public key in byte array format. It is in my db. like this
enter image description here
always suc=false. I'm sure bytetoverify has same value with input value in method sign.
my sign method:
Signature signature=Signature.getInstance(Signature.ALG_RSA_SHA_PKCS1,false);
signature.init(thePrivateKey,Signature.MODE_SIGN);
signLength=signature.sign(buffer,(short)(ISO7816.OFFSET_CDATA & 0xFF), inputlength, buffer, (short)(0));
apdu.setOutgoingAndSend((short)0,signLength);
I dont know my generate public key in this way is problem or sign has problem. in sign method I use sh1 and pkcs1 but in verify i only find sh1.
can every body help me?
回答1:
What did you save into the database? Just the Modulus value?
An RSA public key has two fields, Modulus and Exponent. They are both required to do a successful key import and operation.
In 99.999993% of the RSA keys ever created the Exponent value is new byte[] { 0x01, 0x00, 0x01 }; so you can almost always get away with storing just the Modulus value, and assuming what Exponent is.
For best results, don't assume. Or, at the very least, reject keys on registration if their Exponent value isn't 0x010001.
So really this comes down to:
- You need to set Exponent (to the correct value)
- You need to make sure your import logic matches your export logic, to ensure you're loading/saving the same things into the same places.
来源:https://stackoverflow.com/questions/40734380/verify-digital-signature