我有一個智能卡,我需要用這個簽名文件。 這是一個很大的問題,因爲我在stackover看到。使用SHA256簽名
我不能使用RSACryptoServiceProvider,bkz它不支持RSA-SHA256 alogrithm。
起初,我用的CAPICOM.dll,如代碼波紋管,
SignedData sed = new SignedData();
sed.Content = "a"; // data to sign
Signer ser = new Signer();
ser.Certificate = cc;
string singnn = sed.Sign(ser, false, CAPICOM_ENCODING_TYPE.CAPICOM_ENCODE_BASE64);
但心不是公鑰來驗證我的簽名值,,我不可能得到的CAPICOM.dll一個驗證關鍵。
,後,
我用X509Certificate2,以及像的RSACryptoServiceProvider下面的代碼,
X509Certificate2 certificate = new X509Certificate2();
// Access Personal (MY) certificate store of current user
X509Store my = new X509Store(StoreName.My, StoreLocation.CurrentUser);
my.Open(OpenFlags.ReadOnly);
// Find the certificate we'll use to sign
RSACryptoServiceProvider csp = null;
foreach (X509Certificate2 cert in my.Certificates)
{
if (cert.Subject.Contains(certSubject))
{
// We found it.
// Get its associated CSP and private key
certificate = cert;
csp = (RSACryptoServiceProvider)cert.PrivateKey;
}
}
if (csp == null)
{
throw new Exception("No valid cert was found");
}
// Hash the data
SHA1Managed sha1 = new SHA1Managed();
UnicodeEncoding encoding = new UnicodeEncoding();
byte[] data = encoding.GetBytes(text);
byte[] hash = sha1.ComputeHash(data);
//byte[] data = Encoding.UTF8.GetBytes(text);
//HashAlgorithm sha = new SHA256Managed();
//byte[] hash = sha.TransformFinalBlock(data, 0, data.Length);
string key = csp.ToXmlString(false);
// Sign the hash
csp.PersistKeyInCsp = true;
byte[] response = csp.SignData(data, CryptoConfig.MapNameToOID("SHA1"));
string signbase64 = Convert.ToBase64String(response);
它的工作原理,但我需要與RSA-SHA256算法簽署。 當我changw哈希算法這樣
byte[] response = csp.SignData(data, CryptoConfig.MapNameToOID("SHA256"));
我米得到一個
錯誤: 「未指定的錯誤」。
那是我的問題, 什麼是溶劑,或者我應該使用哪個庫?
感謝您的任何建議..
對於第二個解決方法(從證書中將證書導入到新的csp中),這對硬件密鑰的工作方式如何?這些密鑰可導出嗎? – ezile