C#下ECDsa签名、验签

最新推荐文章于 2024-09-14 17:12:19 发布
最新推荐文章于 2024-09-14 17:12:19 发布
阅读量5.6k 收藏 7
点赞数 1
分类专栏: C# 加密解密 文章标签: ECDsa 签名
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/starfd/article/details/96865574
版权

因为业务需要,与第三方对接时,第三方签名方法居然采用的ECDsa,而不是更常见的RSAMD5之类,真是不走寻常路,当然我是不会承认是我见识太少的!!!

麻利的让对方提供了签名算法代码,奈何对方是java,提供的也是java版本代码,具体代码如下:

/**
 * Project Name:trustsql_sdk
 * File Name:ECDSAAlgoUtil.java
 * Package Name:com.tencent.trustsql.sdk.algo
 * Date:Jul 26, 20175:17:04 PM
 * Copyright (c) 2017, Tencent All Rights Reserved.
 *
 */

package com.tencent.trustsql.sdk.algorithm;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.SecureRandom;

import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.Hex;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.DERSequenceGenerator;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.ec.CustomNamedCurves;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.signers.ECDSASigner;
import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
import org.bouncycastle.jce.ECNamedCurveTable;
import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
import org.bouncycastle.math.ec.ECPoint;
import org.spongycastle.asn1.ASN1InputStream;
import org.spongycastle.asn1.ASN1Integer;
import org.spongycastle.asn1.DERSequenceGenerator;
import org.spongycastle.asn1.DLSequence;
import org.spongycastle.asn1.x9.X9ECParameters;
import org.spongycastle.crypto.digests.SHA256Digest;
import org.spongycastle.crypto.ec.CustomNamedCurves;
import org.spongycastle.crypto.params.ECDomainParameters;
import org.spongycastle.crypto.params.ECPrivateKeyParameters;
import org.spongycastle.crypto.params.ECPublicKeyParameters;
import org.spongycastle.crypto.signers.ECDSASigner;
import org.spongycastle.crypto.signers.HMacDSAKCalculator;
import org.spongycastle.math.ec.FixedPointUtil;

import com.google.common.base.Objects;
import com.tencent.trustsql.sdk.Constants;

/**
 * 
 * @author sagazhang
 *
 */
public class ECDSAAlgorithm {
	
	
	public static final ECDomainParameters CURVE;
	public static final BigInteger HALF_CURVE_ORDER;
	static {
		X9ECParameters CURVE_PARAMS = CustomNamedCurves.getByName("secp256k1");
		// Tell Bouncy Castle to precompute data that's needed during secp256k1
		// calculations. Increasing the width
		// number makes calculations faster, but at a cost of extra memory usage
		// and with decreasing returns. 12 was
		// picked after consulting with the BC team.
		FixedPointUtil.precompute(CURVE_PARAMS.getG(), 12);
		CURVE = new ECDomainParameters(CURVE_PARAMS.getCurve(), CURVE_PARAMS.getG(), CURVE_PARAMS.getN(),
				CURVE_PARAMS.getH());
		HALF_CURVE_ORDER = CURVE_PARAMS.getN().shiftRight(1);
	}

	public static String generatePrivateKey() throws Exception {
		SecureRandom secureRandom;
		try {
			secureRandom = SecureRandom.getInstance(Constants.RANDOM_NUMBER_ALGORITHM,
					Constants.RANDOM_NUMBER_ALGORITHM_PROVIDER);
		} catch (Exception e) {
			secureRandom = new SecureRandom();
		}
		// Generate the key, skipping as many as desired.
		byte[] privateKeyAttempt = new byte[32];
		secureRandom.nextBytes(privateKeyAttempt);
		BigInteger privateKeyCheck = new BigInteger(1, privateKeyAttempt);
		while (privateKeyCheck.compareTo(BigInteger.ZERO) == 0 || privateKeyCheck.compareTo(Constants.MAXPRIVATEKEY) == 1) {
			secureRandom.nextBytes(privateKeyAttempt);
			privateKeyCheck = new BigInteger(1, privateKeyAttempt);
		}
	//	System.out.println(Hex.encodeHexString(privateKeyAttempt));
		String result = Base64.encodeBase64String(privateKeyAttempt);
		result = result.replaceAll("[\\s*\t\n\r]", "");
		return result;
	}
	
	public static String generatePublicKey(String priateKeyBase64String, boolean encode) throws Exception {
		try {
			byte[] privateKeyBytes = Base64.decodeBase64(priateKeyBase64String);
			ECNamedCurveParameterSpec spec = ECNamedCurveTable.getParameterSpec("secp256k1");
			ECPoint pointQ = spec.getG().multiply(new BigInteger(1, privateKeyBytes));
			String result = Base64.encodeBase64String(pointQ.getEncoded(encode));
			result = result.replaceAll("[\\s*\t\n\r]", "");
			return result;
		} catch (Exception e) {
			throw new RuntimeException(e);
		}
	}
	
	public static String generatePublicKey(String priateKeyBase64String) throws Exception {
		return generatePublicKey(priateKeyBase64String, false);
	}
	
	public static String decodePublicKey(String encodePubKeyBase64String) throws Exception {
		try {
			byte[] encodePubkeyBytes = Base64.decodeBase64(encodePubKeyBase64String);
			ECNamedCurveParameterSpec spec = ECNamedCurveTable.getParameterSpec("secp256k1");
			ECPoint pointQ = spec.getG().getCurve().decodePoint(encodePubkeyBytes);
			String result = Base64.encodeBase64String(pointQ.getEncoded(false));
			result = result.replaceAll("[\\s*\t\n\r]", "");
			return result;
		} catch(Exception e) {
			throw new RuntimeException(e);
		}
	}
	
	public static String getAddress(byte[] keyBytes, int...version) throws Exception {
		byte[] hashSha256 = BaseAlgorithm.encode("SHA-256", keyBytes);
		MessageDigest messageDigest = MessageDigest.getInstance("RipeMD160");
		messageDigest.update(hashSha256);
		byte[] hashRipeMD160 = messageDigest.digest();
		byte[] versionHashBytes = new byte[1 + hashRipeMD160.length];
		if(version == null || version.length == 0) {
			versionHashBytes[0] = 0;
		} else {
			versionHashBytes[0] = (byte) version[0];
		}
		System.arraycopy(hashRipeMD160, 0, versionHashBytes, 1, hashRipeMD160.length);
		byte[] checkSumBytes = BaseAlgorithm.encodeTwice("SHA-256", versionHashBytes);
		byte[] rawAddr = new byte[versionHashBytes.length + 4];
		System.arraycopy(versionHashBytes, 0, rawAddr, 0, versionHashBytes.length);
		System.arraycopy(checkSumBytes, 0, rawAddr, versionHashBytes.length, 4);
//		byte[] hashRipeMD160 = messageDigest.digest();
//		byte[] hashDoubleSha256 = BaseAlgorithm.encodeTwice("SHA-256", hashRipeMD160);
//		byte[] rawAddr = new byte[1 + hashRipeMD160.length + 4];
// 		rawAddr[0] = 0;
//		System.arraycopy(hashRipeMD160, 0, rawAddr, 1, hashRipeMD160.length);
//		System.arraycopy(hashDoubleSha256, 0, rawAddr, hashRipeMD160.length + 1, 4);
		return Base58Algorithm.encode(rawAddr);
	}
	
	public static String sign(String privateKey, byte[] data, boolean isHash256) throws Exception {
		byte[] hash256 = data;
		if(!isHash256) { //未hash256 encode的字节数组
			hash256 = BaseAlgorithm.encode("SHA-256", data);
		}
		ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));
		//ECDSASigner signer = new ECDSASigner();
		BigInteger pri = new BigInteger(1, Base64.decodeBase64(privateKey));
		ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(pri, CURVE);
		signer.init(true, privKey);
		BigInteger[] components = signer.generateSignature(hash256);
		byte[] content = new ECDSASignature(components[0], components[1]).toCanonicalised().encodeToDER();
		String result = Base64.encodeBase64String(content);
		result = result.replaceAll("[\\s*\t\n\r]", "");
		return result;
	}
	
	public static String sign(String privateKey, byte[] data) throws Exception {
		byte[] hash256 = data;
		ECDSASigner signer = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));
		BigInteger pri = new BigInteger(1, Base64.decodeBase64(privateKey));
		ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(pri, CURVE);
		signer.init(true, privKey);
		BigInteger[] components = signer.generateSignature(hash256);
		byte[] content = new ECDSASignature(components[0], components[1]).toCanonicalised().encodeToDER();
		String result = Base64.encodeBase64String(content);
		result = result.replaceAll("[\\s*\t\n\r]", "");
		return result;
	}
	
	public static boolean verify(String srcStr,String sign, String pubKey) throws Exception {
		byte[] hash256 = BaseAlgorithm.encode("SHA-256", srcStr.getBytes("UTF-8"));
		ECDSASignature eCDSASignature = ECDSASignature.decodeFromDER(Base64.decodeBase64(sign));
		ECDSASigner signer = new ECDSASigner();
		org.spongycastle.math.ec.ECPoint pub = CURVE.getCurve().decodePoint(Base64.decodeBase64(pubKey));
		ECPublicKeyParameters params = new ECPublicKeyParameters(CURVE.getCurve().decodePoint(pub.getEncoded()), CURVE);
		signer.init(false, params);
	    return signer.verifySignature(hash256, eCDSASignature.r, eCDSASignature.s);
	}
	
	public static boolean verify(String srcStr,boolean isHash256, String sign, String pubKey) throws Exception {
		byte[] hash256 = srcStr.getBytes("UTF-8");
		if(!isHash256) {
			hash256 = BaseAlgorithm.encode("SHA-256", srcStr.getBytes("UTF-8"));
		}
		ECDSASignature eCDSASignature = ECDSASignature.decodeFromDER(Base64.decodeBase64(sign));
		ECDSASigner signer = new ECDSASigner();
		org.spongycastle.math.ec.ECPoint pub = CURVE.getCurve().decodePoint(Base64.decodeBase64(pubKey));
		ECPublicKeyParameters params = new ECPublicKeyParameters(CURVE.getCurve().decodePoint(pub.getEncoded()), CURVE);
		signer.init(false, params);
	    return signer.verifySignature(hash256, eCDSASignature.r, eCDSASignature.s);
	}
	
	public static boolean verify(byte[] bytes, boolean isHash256, String sign, String pubKey) throws Exception {
		byte[] hash256 = bytes;
		if(!isHash256) {
			hash256 = BaseAlgorithm.encode("SHA-256", bytes);
		}
		ECDSASignature eCDSASignature = ECDSASignature.decodeFromDER(Base64.decodeBase64(sign));
		ECDSASigner signer = new ECDSASigner();
		org.spongycastle.math.ec.ECPoint pub = CURVE.getCurve().decodePoint(Base64.decodeBase64(pubKey));
		ECPublicKeyParameters params = new ECPublicKeyParameters(CURVE.getCurve().decodePoint(pub.getEncoded()), CURVE);
		signer.init(false, params);
	    return signer.verifySignature(hash256, eCDSASignature.r, eCDSASignature.s);
	}
	
	public static boolean VerifyRenSign(String pubKey, byte[] bytes, String sign) {
		byte[] hash256 = bytes;
		//byte[] hash256 = BaseAlgorithm.encode("SHA-256", bytes);
		ECDSASignature eCDSASignature = ECDSASignature.decodeFromDER(Base64.decodeBase64(sign));
		ECDSASigner signer = new ECDSASigner();
		org.spongycastle.math.ec.ECPoint pub = CURVE.getCurve().decodePoint(Base64.decodeBase64(pubKey));
		ECPublicKeyParameters params = new ECPublicKeyParameters(CURVE.getCurve().decodePoint(pub.getEncoded()), CURVE);
		signer.init(false, params);
	    return signer.verifySignature(hash256, eCDSASignature.r, eCDSASignature.s);
	}
	
	public static class ECDSASignature {
		/** The two components of the signature. */
		public final BigInteger r, s;

		/**
		 * Constructs a signature with the given components. Does NOT
		 * automatically canonicalise the signature.
		 */
		public ECDSASignature(BigInteger r, BigInteger s) {
			this.r = r;
			this.s = s;
		}

		/**
		 * Returns true if the S component is "low", that means it is below
		 * {@link ECKey#HALF_CURVE_ORDER}. See <a href=
		 * "https://github.com/bitcoin/bips/blob/master/bip-0062.mediawiki#Low_S_values_in_signatures">
		 * BIP62</a>.
		 */
		public boolean isCanonical() {
			return s.compareTo(HALF_CURVE_ORDER) <= 0;
		}

		/**
		 * Will automatically adjust the S component to be less than or equal to
		 * half the curve order, if necessary. This is required because for
		 * every signature (r,s) the signature (r, -s (mod N)) is a valid
		 * signature of the same message. However, we dislike the ability to
		 * modify the bits of a Bitcoin transaction after it's been signed, as
		 * that violates various assumed invariants. Thus in future only one of
		 * those forms will be considered legal and the other will be banned.
		 */
		public ECDSASignature toCanonicalised() {
			if (!isCanonical()) {
				// The order of the curve is the number of valid points that
				// exist on that curve. If S is in the upper
				// half of the number of valid points, then bring it back to the
				// lower half. Otherwise, imagine that
				// N = 10
				// s = 8, so (-8 % 10 == 2) thus both (r, 8) and (r, 2) are
				// valid solutions.
				// 10 - 8 == 2, giving us always the latter solution, which is
				// canonical.
				return new ECDSASignature(r, CURVE.getN().subtract(s));
			} else {
				return this;
			}
		}

		/**
		 * DER is an international standard for serializing data structures
		 * which is widely used in cryptography. It's somewhat like protocol
		 * buffers but less convenient. This method returns a standard DER
		 * encoding of the signature, as recognized by OpenSSL and other
		 * libraries.
		 */
		public byte[] encodeToDER() {
			try {
				return derByteStream().toByteArray();
			} catch (IOException e) {
				throw new RuntimeException(e); // Cannot happen.
			}
		}

		public static ECDSASignature decodeFromDER(byte[] bytes) {
			ASN1InputStream decoder = null;
			try {
				decoder = new ASN1InputStream(bytes);
				DLSequence seq = (DLSequence) decoder.readObject();
				if (seq == null)
					throw new RuntimeException("Reached past end of ASN.1 stream.");
				ASN1Integer r, s;
				try {
					r = (ASN1Integer) seq.getObjectAt(0);
					s = (ASN1Integer) seq.getObjectAt(1);
				} catch (ClassCastException e) {
					throw new IllegalArgumentException(e);
				}
				// OpenSSL deviates from the DER spec by interpreting these
				// values as unsigned, though they should not be
				// Thus, we always use the positive versions. See:
				// http://r6.ca/blog/20111119T211504Z.html
				return new ECDSASignature(r.getPositiveValue(), s.getPositiveValue());
			} catch (IOException e) {
				throw new RuntimeException(e);
			} finally {
				if (decoder != null)
					try {
						decoder.close();
					} catch (IOException x) {
					}
			}
		}

		protected ByteArrayOutputStream derByteStream() throws IOException {
			// Usually 70-72 bytes.
			ByteArrayOutputStream bos = new ByteArrayOutputStream(72);
			DERSequenceGenerator seq = new DERSequenceGenerator(bos);
			seq.addObject(new ASN1Integer(r));
			seq.addObject(new ASN1Integer(s));
			seq.close();
			return bos;
		}

		@Override
		public boolean equals(Object o) {
			if (this == o)
				return true;
			if (o == null || getClass() != o.getClass())
				return false;
			ECDSASignature other = (ECDSASignature) o;
			return r.equals(other.r) && s.equals(other.s);
		}

		@Override
		public int hashCode() {
			return Objects.hashCode(r, s);
		}
	}
}

好家伙,用的还是Tencent的sdk,而且一如RSA一样,对方提供的公钥私钥果然还是base64格式,根本无法应用于C#下的ECDsaCng,好在之前已经做过了大量BouncyCastle相关的代码,虽然略有波折,但还是成功的将java代码改造成了C#代码,而过程中发现java下的ASN1Integer,实际与C#下的DerInteger对应,这样如果后续还有其它基于BouncyCastle的跨语言对接,应该也可以减少一些对接中的阻碍

    using Org.BouncyCastle.Asn1;
    using Org.BouncyCastle.Crypto.Digests;
    using Org.BouncyCastle.Crypto.EC;
    using Org.BouncyCastle.Crypto.Parameters;
    using Org.BouncyCastle.Crypto.Signers;
    using Org.BouncyCastle.Math;
    using System.IO;

    /// <summary>
    /// ECDsa签名验证算法
    /// </summary>
    public static class ECDsaHelper
    {
        private static readonly ECDomainParameters Curve;
        private static readonly BigInteger HalfCurveOrder;
        static ECDsaHelper()
        {
            var curveParams = CustomNamedCurves.GetByName("secp256k1");
            Curve = new ECDomainParameters(curveParams.Curve, curveParams.G, curveParams.N, curveParams.H);
            HalfCurveOrder = curveParams.N.ShiftRight(1);
        }
        /// <summary>
        /// 签名
        /// </summary>
        /// <param name="privateKey">ECDsa私钥</param>
        /// <param name="content">待签名的内容</param>
        /// <returns></returns>
        public static byte[] SignData(byte[] privateKey, byte[] content)
        {
            //为了保证签名结果与java一致,此处参数同样传递了IDsaKCalculator,但测试发现如果不传虽然签名结果不一致,但验签是可以通过的
            var signer = new ECDsaSigner(new HMacDsaKCalculator(new Sha256Digest()));
            var priKey = new ECPrivateKeyParameters(new BigInteger(1, privateKey), Curve);
            signer.Init(true, priKey);
            var components = signer.GenerateSignature(content);
            using (var stream = new MemoryStream())
            {
                var seq = new DerSequenceGenerator(stream);
                seq.AddObject(new DerInteger(components[0]));
                var s = components[1];
                if (s.CompareTo(HalfCurveOrder) > 0)
                {
                    s = Curve.N.Subtract(components[1]);
                }
                seq.AddObject(new DerInteger(s));
                seq.Close();
                var signature = stream.ToArray();
                return signature;
            }
        }
        /// <summary>
        /// 验签
        /// </summary>
        /// <param name="publicKey">ECDsa公钥</param>
        /// <param name="content">待验签的内容</param>
        /// <param name="signature">待比较的签名结果</param>
        /// <returns></returns>
        public static bool VerifyData(byte[] publicKey, byte[] content, byte[] signature)
        {
            using (var input = new Asn1InputStream(signature))
            {
                var seq = (DerSequence)input.ReadObject();
                if (seq != null)
                {
                    var signer = new ECDsaSigner();
                    var point = Curve.Curve.DecodePoint(publicKey);
                    var pubKey = new ECPublicKeyParameters(Curve.Curve.DecodePoint(point.GetEncoded()), Curve);
                    signer.Init(false, pubKey);
                    return signer.VerifySignature(content, ((DerInteger)seq[0]).Value, ((DerInteger)seq[1]).Value);
                }
            }
            return false;
        }
    }

就两个方法,也就不提供测试代码了,反正签名的逻辑是没看懂,只是依样画葫芦的抄了java的逻辑。

娃都会打酱油了
关注
专栏目录
ECDSA签名【利用ECDSA签名算法实现密码加密】
03-29
ECDSA签名是美国联邦的标准,此加密算法利用签名保存公钥和私钥,代码很简单!
C# ECC ECDSA签名验签 加解密实现
Allen_lv的博客
08-08 992
C# ECC ECDSA 加解密 签名验签
密码学基础--ECDSA算法入门
最新发布
认真搞搞汽车MCU
09-14 773
从上面签名生成过程,其实我们可以发现,不管是r还是s,它的长度都不会超过模数p,因此P-256签名(r,s)的长度最大理应为256*2 = 512bit.ECDSA签名总体流程一句话概括:对消息做Hash计算得到H,对M进行计算得到整数对(r,s),(r,s)根据不同编码格式输出S,作为最终签名。仔细看,这个签名的长度竟然来到了568bit,可是我们用的是SECP256R1,这个长度既不是256,也不是256的倍数,这里面到底有什么玄机?为了证明消息是自己发的,用自己的私钥对摘要进行加密,也即签名
C#实现JAVA中SHA1withECDSA数字签名
fjj8707的专栏
01-11 372
请测有效,点个赞哦!!! using System; using Org.BouncyCastle.Security; using Org.BouncyCastle.Crypto.Engines; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Encodings; using System.IO; namespace Test { public class RSATool { private ...
ECDSA签名+验签
andylau00j的专栏
08-14 1万+
    ECDSA签名每次结果不同。      原因:ECDSA签名过程中混入随机值,生成签名结果不同。     公钥证书验签没问题。   1. 签名过程     假设要签名的消息是一个字符串:“Hello World!”。DSA签名的第一个步骤是对待签名的消息生成一个消息摘要。不同的签名算法使用不同的消息摘要算法。比如,DSS使用SHA1来生成160比特的摘要,而ECDSA256使用S...
密码学系列 - 椭圆曲线 ECDSA - 签名验签
搬砖魁首的博客
01-06 4888
数字签名的生成 数字签名的验证 公钥恢复
图解ECDSA签名验签基本原理
区块链之美
04-27 2470
本文首发公众号VenusBlockChain,关注公众号后可免费阅读!VenusBlockChain致力于区块链技术研究,传播区块链技术和解决方案、区块链应用落地、区块链行业动态等。 1 ECDSA算法 首先,需要设置参数(a,b,p,N,G)(a,b,p,N,G)(a,b,p,N,G)来初始化一椭圆曲线,椭圆曲线方程y2=(x3+ax+b)modpy^2=(x^3+ax+b)modpy2=(x...
【转】C#sm2签名验签实现
yh361的博客
06-09 5951
【转】C#sm2签名验签实现
ecdsa签名算法c语言实现,走进算法:ECDSA算法如何保护你的数据(上)
weixin_36070745的博客
05-25 584
原标题:走进算法:ECDSA算法如何保护你的数据(上)大家好呀,我卡卡博士今天来安利一下ECDSA算法,也就是椭圆曲线数字签名算法。首先我们了解一下,什么是数字签名。什么是数字签名?在现实工作与生活中,我们一般使用签名的方式表达对一份重要文件的认可,而其他人通过识别你的签名,来确定你是否已确认/同意这份文件。 但是通过临摹等方式,有些人可以伪造出相似度达99%的字迹,假装你的签名,这时候非专业人员...
ECC密钥生成、加密解密、签名验签工具
01-29
在这个项目中,开发者使用C语言和Visual Studio 2010创建了三个工具:ECC密钥生成器、ECC加密解密工具以及ECC签名验签工具,这些工具都基于OpenSSL库进行关键操作。 首先,ECC密钥生成器是用于创建ECC密钥对的核心...
SM3WithSM2摘要的SM2签名验签
数字人生
12-08 1万+
GmSSL是一个开源的密码学库,实现了SM2、SM3、SM4等国家密码算法,由中国科学院信息工程研究所实施。SM2是一种椭圆曲线公钥密码算法,主要用于数字签名、密钥交换和公钥加密。SM3是一种加密哈希函数。在GmSSL中,你可以使用SM2算法和SM3哈希函数结合来进行签名和验证。 下面提供一个GmSSL利用SM3和SM2进行签名和验证的C代码示例。请注意,要成功运行以下代码,你需要有GmSSL库的开发环境设置好,代码仅供参考:
C#实现椭圆曲线数字签名算法
DarcyCode的博客
09-03 133
数字签名算法是信息安全领域中的重要技术,它可以保证数据的完整性、不可抵赖性和认证性。椭圆曲线数字签名算法(ECDSA)是一种基于椭圆曲线的数字签名算法,其安全性已经得到广泛认可。为了方便起见,我们采用了Bouncy Castle加密算法库,该算法库提供了丰富的加密算法和密码学实现。在签名的过程中,需要先读取私钥,并计算消息的哈希值。在实现数字签名时,需要注意数据的安全性和保密性,避免私钥和签名数据泄露。需要读取公钥并计算哈希值,然后使用ECDSA算法对签名进行验证,判断签名是否合法。下面是签名的代码实现。
The Elliptic Curve Digital Signature Algorithm(ECDSA)学习之路 - 签名验签流程
HustKity的博客
12-18 667
@[TOC]ECDSA签名验签 前言 本文档主要基于规范<ANSI-X962-2005>进行学习理解。该标准主要定义了使用ECDSA算法对数据进行保护的数字签名的产生和验证方法。 ECDSA应该与某个已经验证过的Hash函数结合一起使用,如SHA-1、SHA-224、SHA-256、SHA-384、SHA-512 该标准不仅提供了生成公私钥对的方法,同时也提供了使用这些密钥的流程。该标准同样也提供了产生椭圆曲线参数的方法和算法中安全使用这些椭圆曲线参数的流程。 安全级别 ECDSA的每种加密都
数字签名(3):ECDSA
草帽的博客
09-11 1万+
一.ECDSA:    椭圆曲线数字签名算法(ECDSA)是使用椭圆曲线密码(ECC)对数字签名算法(DSA)的模拟 二. 三. 四.具体的实现(java):
SECP256K1签名
huang714的专栏
03-16 1997
#include <iostream> #include <secp256k1.h> #include <string> #include <sstream> #include <iomanip> #include <assert.h> #include <openssl/sha.h> //十六进制字符串转字符串...
C语言openssl库的ECDSA-with-sha256签名验签
hackett的博客
10-14 1915
1.直接上源码: #include <stdio.h> #include <string.h> #include <openssl/ecdsa.h> #include <openssl/pem.h> #include <openssl/err.h> // base64 编码 char *base64_encode(const char *buffer, int length) { BIO *bmem = NULL; BIO *b6
ECDSA密钥生成基于C语言/Linux
weixin_60827703的博客
05-16 465
只需要将main,c和openssl目录在同一文件下。成功,具体使用各位灵活应用。1、编译main.o文件。3、运行main文件。
Java 签名(SHA1WithRSA、SHA256WithRSA、SHA256withECDSA
qq_41980051的博客
08-21 3844
RSA1、RSA256 签名 public static String MakeSign(String Data) { try { byte[] data = Data.getBytes(); byte[] keyBytes = base64String2Byte(PrivateKey); PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes); KeyFactory...
C# RSA加密、解密、加签、验签、支持JAVA格式公钥私钥、PEM格式公钥私钥、.NET格式公钥私钥 -变态模式【支持私钥加密,公钥解密】(二)
热门推荐
蜗牛水里爬
02-28 2万+
2019-02-26更新:已上传github RSA变态模式:【私钥加密,公钥解密】 一般这种写法都是JAVA弄的。.NET原生不支持。为啥,我也不清楚,大概是因为安全性问题吧,毕竟公钥是人人都可是持有的。私钥只有自己拥有。 对接注意事项:http://blog.csdn.net/gzy11/article/details/54573973 一般方法请看:http://blog.csdn....
ECDSA签名验签过程
05-21
ECDSA (Elliptic Curve Digital Signature Algorithm) 是一种基于椭圆曲线密码学的数字签名算法,其签名和验证过程如下: 1. 签名过程 假设消息为 m,私钥为 d,椭圆曲线为 E。 1. 选择一个随机数 k,满足 1 ,...
评论 5
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值