php openssl_sign 对应 C#版 RSA签名

 

RSA Key Converter 在线转换工具:https://superdry.apphb.com/tools/online-rsa-key-converter

 

PHP 代码:

/ rsa 私钥复制到这里

$private_key = <<<EOD

PASTE YOUR RSA PRIVATE KEY IN HERE

EOD;

 // 空着即可,不需要赋值

$binary_signature = "";

 $algo = "SHA256";

openssl_sign($data, $binary_signature, $private_key, $algo);

 // 最终生成的 signature

$signature = base64_encode($binary_signature)

 

C# 代码实现:

using System;
using System.Text;
using System.Security.Cryptography;
using System.Web;
using System.IO;
using System.Security.Cryptography.X509Certificates;


namespace User2MC
{
   public class RSA
    {

        #region RSAWithSHA256

        /// <summary>
        /// RSAWithSHA256 签名
        /// </summary>
        /// <param name="data">数据</param>
        /// <returns>密文</returns>
        public static string Sign(string data)
        {
            //转换成适用于.Net的秘钥
            var netKey = "<RSAKeyValue><Modulus>7XdZSrF+spbABFhYuxP7rfJKycvT0O7BmCoSJvU7yHWYqucc8msPDTi8ymdZOPOjHj2BuLUrqGsUm8Ljy8FVM2Bb51GaO2lgiBip9elFkzOJ8XP/ncHHvm4XCq5S201ovJefNC0xOxsXJU4fM+4B6ufYr4WqBmyuxTcZVHweE0k=</Modulus><Exponent>AQAB</Exponent><P>9ryI0kxJL9PupO9NEeWuCUo4xcl9x/M9+mtkfY3VoDDDV1E/eUjmoTfANYwrjcddiQrO0MLyEdootiLpN77qOw==</P><Q>9mG2//6moxVOsvFadUotnhlVM8+AlBCQV2FbBiXPugrMHdVtBG3+MsVdTII3Z4I/uuCWtedrPsBgF+0XRqMcSw==</Q><DP>wzX5HkFC6jdIKXA3TsCkSC9T6ZB4FplpYNZUxE1SRhIuisf6ay/1YHomdXc4Ak1IwKMva9XBBcTPzwKh9/vxfw==</DP><DQ>zsTCp6Q2hLblDRewKq7OCdiIwKpr5dbgy/RQR6CD7EYTdxYeH5GPu1wXKJY/mQaeJV9GG/LS9h7MhkfbONS6cQ==</DQ><InverseQ>dBEb5vloBDLcSQFDQO/VZ9SKFHCmHLXluhhIizYKGzgf3OXEGNDSAC3qy+ZTnLd3N5iYrVbK52UoiLOLhhNMqA==</InverseQ><D>iBOTTHUn6EjwoczKk/GgkI4+gyLVL24R7BN3sXFoH7gbkxu6/8OPrYDs1oOgoj0jJSoT0vemm+04swVcKh+QpTSniPswQl1n4KNW+B7G2RZrzSeP9RmIzWg4vpgfAfhm0+1j6kUJMrWt2ff7TvSoEH22dWe1s3+OrQt3t/S3tQ0=</D></RSAKeyValue>"; //RSAPrivateKeyJava2DotNet(privateKey);
            var rsa = new RSACryptoServiceProvider();
            rsa.FromXmlString(netKey);
            //创建一个空对象
            var rsaClear = new RSACryptoServiceProvider();
            var paras = rsa.ExportParameters(true);
            rsaClear.ImportParameters(paras);
            //签名返回
            using (var sha256 = new SHA256CryptoServiceProvider())
            {
                var signData = rsa.SignData(Encoding.UTF8.GetBytes(data), sha256);
                return Convert.ToBase64String(signData);
            }
        }

        #endregion


        #region RSAWithSHA256
        /// <summary>
        /// RSAWithSHA256 签名
        /// </summary>
        /// <param name="data">数据</param>
        /// <param name="privateKeyPath">私钥文件路径</param>
        /// <returns>密文</returns>
        public static string Sign(string data, string privateKeyPath)
        {
            // using (RSACryptoServiceProvider rsa = opensslkey.DecodePrivateKeyInfo(merchantPrivateKey))
            RSACryptoServiceProvider rsaCsp = LoadCertificateFile(privateKeyPath);
            byte[] dataBytes = Encoding.Default.GetBytes(data);
            byte[] signatureBytes = rsaCsp.SignData(dataBytes, "SHA256");
            return Convert.ToBase64String(signatureBytes);
        }

        /// <summary>
        /// RSAWithSHA256 签名
        /// </summary>
        /// <param name="data">数据</param>
        /// <param name="privateKey">私钥字符串(参数privateKey是Pem私钥文件中去除头(-----BEGIN RSA PRIVATE KEY-----)和尾(-----END RSA PRIVATE KEY-----)以及换行符后的字符串)</param>
        /// <returns>密文</returns>
        public static string SignByKey(string data, string privateKey)
        {
            using (RSACryptoServiceProvider rsaCsp = DecodeRSAPrivateKey(Convert.FromBase64String(privateKey)))
            {
                byte[] dataBytes = Encoding.Default.GetBytes(data);
                byte[] signatureBytes = rsaCsp.SignData(dataBytes, "SHA256");
                return Convert.ToBase64String(signatureBytes);
            }
        }

        private static byte[] GetPem(string type, byte[] data)
        {

            string pem = Encoding.UTF8.GetString(data);
            string header = String.Format("-----BEGIN {0}-----\\n", type);
            string footer = String.Format("-----END {0}-----", type);
            int start = pem.IndexOf(header) + header.Length;
            int end = pem.IndexOf(footer, start);
            string base64 = pem.Substring(start, (end - start));
            return Convert.FromBase64String(base64);
        }
        private static RSACryptoServiceProvider LoadCertificateFile(string filename)
        {
            using (FileStream fs = File.OpenRead(filename))
            {
                byte[] data = new byte[fs.Length];
                byte[] res = null;
                fs.Read(data, 0, data.Length);
                if (data[0] != 0x30)
                {
                    res = GetPem("RSA PRIVATE KEY", data);
                }
                try
                {
                    RSACryptoServiceProvider rsa = DecodeRSAPrivateKey(res);

                    return rsa;
                }
                catch (Exception ex)
                {
                }
                return null;
            }
        }

        private static RSACryptoServiceProvider DecodeRSAPrivateKey(byte[] privkey)
        {
            byte[] MODULUS, E, D, P, Q, DP, DQ, IQ;

            // --------- Set up stream to decode the asn.1 encoded RSA private key ------
            MemoryStream mem = new MemoryStream(privkey);
            BinaryReader binr = new BinaryReader(mem); //wrap Memory Stream with BinaryReader for easy reading
            byte bt = 0;
            ushort twobytes = 0;
            int elems = 0;
            try
            {
                twobytes = binr.ReadUInt16();
                if (twobytes == 0x8130) //data read as little endian order (actual data order for Sequence is 30 81)
                    binr.ReadByte(); //advance 1 byte
                else if (twobytes == 0x8230)
                    binr.ReadInt16(); //advance 2 bytes
                else
                    return null;

                twobytes = binr.ReadUInt16();
                if (twobytes != 0x0102) //version number
                    return null;
                bt = binr.ReadByte();
                if (bt != 0x00)
                    return null;


                //------ all private key components are Integer sequences ----
                elems = GetIntegerSize(binr);
                MODULUS = binr.ReadBytes(elems);

                elems = GetIntegerSize(binr);
                E = binr.ReadBytes(elems);

                elems = GetIntegerSize(binr);
                D = binr.ReadBytes(elems);

                elems = GetIntegerSize(binr);
                P = binr.ReadBytes(elems);

                elems = GetIntegerSize(binr);
                Q = binr.ReadBytes(elems);

                elems = GetIntegerSize(binr);
                DP = binr.ReadBytes(elems);

                elems = GetIntegerSize(binr);
                DQ = binr.ReadBytes(elems);

                elems = GetIntegerSize(binr);
                IQ = binr.ReadBytes(elems);


                // ------- create RSACryptoServiceProvider instance and initialize with public key -----
                CspParameters CspParameters = new CspParameters();
                CspParameters.Flags = CspProviderFlags.UseMachineKeyStore;
                RSACryptoServiceProvider RSA = new RSACryptoServiceProvider(1024, CspParameters);
                RSAParameters RSAparams = new RSAParameters();
                RSAparams.Modulus = MODULUS;
                RSAparams.Exponent = E;
                RSAparams.D = D;
                RSAparams.P = P;
                RSAparams.Q = Q;
                RSAparams.DP = DP;
                RSAparams.DQ = DQ;
                RSAparams.InverseQ = IQ;
                RSA.ImportParameters(RSAparams);
                return RSA;
            }
            catch (Exception ex)
            {

                return null;
            }
            finally
            {
                binr.Close();
            }
        }



        private static int GetIntegerSize(BinaryReader binr)
        {
            byte bt = 0;
            byte lowbyte = 0x00;
            byte highbyte = 0x00;
            int count = 0;
            bt = binr.ReadByte();
            if (bt != 0x02) //expect integer
                return 0;
            bt = binr.ReadByte();

            if (bt == 0x81)
                count = binr.ReadByte(); // data size in next byte
            else
            if (bt == 0x82)
            {
                highbyte = binr.ReadByte(); // data size in next 2 bytes
                lowbyte = binr.ReadByte();
                byte[] modint = { lowbyte, highbyte, 0x00, 0x00 };
                count = BitConverter.ToInt32(modint, 0);
            }
            else
            {
                count = bt; // we already have the data size
            }

            while (binr.ReadByte() == 0x00)
            { //remove high order zeros in data
                count -= 1;
            }
            binr.BaseStream.Seek(-1, SeekOrigin.Current); //last ReadByte wasn't a removed zero, so back up a byte
            return count;
        }


        #endregion
    }
}
View Code

 

posted @ 2021-07-15 12:37  Xingsoft  阅读(288)  评论(0编辑  收藏  举报