我有一个智能卡,我需要用这个签名文件。 这是一个很大的问题,因为我在stackover看到。使用SHA256签名
我不能使用RSACryptoServiceProvider,bkz它不支持RSA-SHA256 alogrithm。
起初,我用的CAPICOM.dll,如代码波纹管,
SignedData sed = new SignedData();
sed.Content = "a"; // data to sign
Signer ser = new Signer();
ser.Certificate = cc;
string singnn = sed.Sign(ser, false, CAPICOM_ENCODING_TYPE.CAPICOM_ENCODE_BASE64);
但心不是公钥来验证我的签名值,,我不可能得到的CAPICOM.dll一个验证关键。
,后,
我用X509Certificate2,以及像的RSACryptoServiceProvider下面的代码,
X509Certificate2 certificate = new X509Certificate2();
// Access Personal (MY) certificate store of current user
X509Store my = new X509Store(StoreName.My, StoreLocation.CurrentUser);
my.Open(OpenFlags.ReadOnly);
// Find the certificate we'll use to sign
RSACryptoServiceProvider csp = null;
foreach (X509Certificate2 cert in my.Certificates)
{
if (cert.Subject.Contains(certSubject))
{
// We found it.
// Get its associated CSP and private key
certificate = cert;
csp = (RSACryptoServiceProvider)cert.PrivateKey;
}
}
if (csp == null)
{
throw new Exception("No valid cert was found");
}
// Hash the data
SHA1Managed sha1 = new SHA1Managed();
UnicodeEncoding encoding = new UnicodeEncoding();
byte[] data = encoding.GetBytes(text);
byte[] hash = sha1.ComputeHash(data);
//byte[] data = Encoding.UTF8.GetBytes(text);
//HashAlgorithm sha = new SHA256Managed();
//byte[] hash = sha.TransformFinalBlock(data, 0, data.Length);
string key = csp.ToXmlString(false);
// Sign the hash
csp.PersistKeyInCsp = true;
byte[] response = csp.SignData(data, CryptoConfig.MapNameToOID("SHA1"));
string signbase64 = Convert.ToBase64String(response);
它的工作原理,但我需要与RSA-SHA256算法签署。 当我changw哈希算法这样
byte[] response = csp.SignData(data, CryptoConfig.MapNameToOID("SHA256"));
我米得到一个
错误: “未指定的错误”。
那是我的问题, 什么是溶剂,或者我应该使用哪个库?
感谢您的任何建议..
对于第二个解决方法(从证书中将证书导入到新的csp中),这对硬件密钥的工作方式如何?这些密钥可导出吗? – ezile