(答案是完全重写的,一些不那么有趣的想法和片段可以在
previous revisions中找到)
对SignHash的调用(btHash,CryptoConfig.MapNameToOID(“SHA256”))执行PKCS#1 v1.5签名(RSASSA-PKCS1-v1_5),例如:
byte[] btHash = new byte[] { 0x57,0x91,0x16,0xB6,0x3E,0x06,0x58,0x83,0x24,0x8C,0x07,0xDA,0x6A,0x03,0x4D,0x23,0x37,0x0B,0x32,0x1C,0xA0,0x80,0x08,0x1F,0x42,0x81,0x8E,0x54,0x3A,0xC6 };
X509Certificate2 cert = new X509Certificate2("dummy.p12","1234",X509KeyStorageFlags.Exportable);
using (RSACryptoServiceProvider key = new RSACryptoServiceProvider())
{
key.FromXmlString(cert.PrivateKey.ToXmlString(true));
byte[] ret = key.SignHash(btHash,CryptoConfig.MapNameToOID("SHA256"));
}
提供签名:
0A5003E549C4E4310F720076A5A4D785B165C4FE352110F6CA9877EB9F364D0C40B0197110304D6F92E8BD40DFD38DB91F356601CDD2CD34129BC54492C2D7F371D431150288A95C21E47533F01A9FA4977439FF9594C703380BEDF49A47A7B060ECAC26AEB53B8732D93E18FAD3B2D5889B3311C1B0D4F9F6B318169BDEB143D771DEFB56BAFE49B2B59F172757D4273EF369AFCB32490EC954E17599BD66D4E3BDB345B860748DB0C3B5A272ECFA546E65F2D4C87870CC62D91680AB71DB52DE618C006356258A941E8F36A5DCC7A06BA6DACAC3DC35F482B168107B4D7DA6C19A56FEDC247232DD7210CA9DB7273AA9AE6A90A8A4DFEB64BA0FBC830AB922
其中包含PKCS#1 v1.5填充DigestInfo和哈希(当使用公钥解密时):
0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF003031300D060960864801650304020105000420579116B63E065883248C0716DA6A034D23370B321CA080081F4203818E543AC6
由于您只有哈希(而不是数据)要签名,您需要在java中使用NONEwithRSA algorithm(它应该执行PKCS#1 v1.5填充输入数据的签名,而不需要任何哈希值),并生成正确的输入DigestInfo与手动散列OID.像这样(在Apache Commons Lang的帮助下)::
byte[] btHash = new