RSACryptoServiceProvider.SignHash 方法
重要
一些信息与预发行产品相关,相应产品在发行之前可能会进行重大修改。 对于此处提供的信息,Microsoft 不作任何明示或暗示的担保。
计算指定哈希值的签名。
| SignHash(Byte[], String) |
计算指定哈希值的签名。 |
| SignHash(Byte[], HashAlgorithmName, RSASignaturePadding) |
使用指定的填充计算指定的哈希值的签名。 |
计算指定哈希值的签名。
public:
cli::array <System::Byte> ^ SignHash(cli::array <System::Byte> ^ rgbHash, System::String ^ str);C#
public byte[] SignHash(byte[] rgbHash, string? str);C#
public byte[] SignHash(byte[] rgbHash, string str);override this.SignHash : byte[] * string -> byte[]member this.SignHash : byte[] * string -> byte[]Public Function SignHash (rgbHash As Byte(), str As String) As Byte()参数
- rgbHash
- Byte[]
待签名数据的哈希值。
- str
- String
用于创建数据哈希值的哈希算法标识符 (OID)。
返回
Byte[]
指定哈希值的 RSA 签名。
例外
rgbHash 参数为 null。
示例
下面的代码示例加密某些数据,创建加密数据的哈希,然后使用数字签名对哈希进行签名。
// This example uses the SHA1 algorithm.
// Due to collision problems with SHA1, Microsoft recommends SHA256 or better.
#using <System.dll>
using namespace System;
using namespace System::Text;
using namespace System::Security::Cryptography;
ref class Sender
{
private:
RSAParameters rsaPubParams;
RSAParameters rsaPrivateParams;
public:
Sender()
{
RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
//Generate public and private key data.
rsaPrivateParams = rsaCSP->ExportParameters( true );
rsaPubParams = rsaCSP->ExportParameters( false );
}
property RSAParameters PublicParameters
{
RSAParameters get()
{
return rsaPubParams;
}
}
//Manually performs hash and then signs hashed value.
array<Byte>^ HashAndSign( array<Byte>^encrypted )
{
RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
SHA1Managed^ hash = gcnew SHA1Managed;
array<Byte>^hashedData;
rsaCSP->ImportParameters( rsaPrivateParams );
hashedData = hash->ComputeHash( encrypted );
return rsaCSP->SignHash( hashedData, CryptoConfig::MapNameToOID( "SHA1" ) );
}
//Encrypts using only the public key data.
array<Byte>^ EncryptData( RSAParameters rsaParams, array<Byte>^toEncrypt )
{
RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
rsaCSP->ImportParameters( rsaParams );
return rsaCSP->Encrypt( toEncrypt, false );
}
};
ref class Receiver
{
private:
RSAParameters rsaPubParams;
RSAParameters rsaPrivateParams;
public:
Receiver()
{
RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
//Generate public and private key data.
rsaPrivateParams = rsaCSP->ExportParameters( true );
rsaPubParams = rsaCSP->ExportParameters( false );
}
property RSAParameters PublicParameters
{
RSAParameters get()
{
return rsaPubParams;
}
}
//Manually performs hash and then verifies hashed value.
bool VerifyHash( RSAParameters rsaParams, array<Byte>^signedData, array<Byte>^signature )
{
RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
SHA1Managed^ hash = gcnew SHA1Managed;
array<Byte>^hashedData;
rsaCSP->ImportParameters( rsaParams );
bool dataOK = rsaCSP->VerifyData(signedData, CryptoConfig::MapNameToOID("SHA1"), signature);
hashedData = hash->ComputeHash( signedData );
return rsaCSP->VerifyHash( hashedData, CryptoConfig::MapNameToOID( "SHA1" ), signature );
}
//Decrypt using the private key data.
void DecryptData( array<Byte>^encrypted )
{
array<Byte>^fromEncrypt;
String^ roundTrip;
ASCIIEncoding^ myAscii = gcnew ASCIIEncoding;
RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider;
rsaCSP->ImportParameters( rsaPrivateParams );
fromEncrypt = rsaCSP->Decrypt( encrypted, false );
roundTrip = myAscii->GetString( fromEncrypt );
Console::WriteLine( "RoundTrip: {0}", roundTrip );
}
};
int main()
{
array<Byte>^toEncrypt;
array<Byte>^encrypted;
array<Byte>^signature;
//Choose a small amount of data to encrypt.
String^ original = "Hello";
ASCIIEncoding^ myAscii = gcnew ASCIIEncoding;
//Create a sender and receiver.
Sender^ mySender = gcnew Sender;
Receiver^ myReceiver = gcnew Receiver;
//Convert the data string to a byte array.
toEncrypt = myAscii->GetBytes( original );
//Encrypt data using receiver's public key.
encrypted = mySender->EncryptData( myReceiver->PublicParameters, toEncrypt );
//Hash the encrypted data and generate a signature on the hash
// using the sender's private key.
signature = mySender->HashAndSign( encrypted );
Console::WriteLine( "Original: {0}", original );
//Verify the signature is authentic using the sender's public key.
if ( myReceiver->VerifyHash( mySender->PublicParameters, encrypted, signature ) )
{
//Decrypt the data using the receiver's private key.
myReceiver->DecryptData( encrypted );
}
else
{
Console::WriteLine( "Invalid signature" );
}
}
C#
// This example uses the SHA1 algorithm.
// Due to collision problems with SHA1, Microsoft recommends SHA256 or better.
using System;
using System.Text;
using System.Security.Cryptography;
namespace RSACryptoServiceProvider_Examples
{
class MyMainClass
{
static void Main()
{
byte[] toEncrypt;
byte[] encrypted;
byte[] signature;
//Choose a small amount of data to encrypt.
string original = "Hello";
ASCIIEncoding myAscii = new ASCIIEncoding();
//Create a sender and receiver.
Sender mySender = new Sender();
Receiver myReceiver = new Receiver();
//Convert the data string to a byte array.
toEncrypt = myAscii.GetBytes(original);
//Encrypt data using receiver's public key.
encrypted = mySender.EncryptData(myReceiver.PublicParameters, toEncrypt);
//Hash the encrypted data and generate a signature on the hash
// using the sender's private key.
signature = mySender.HashAndSign(encrypted);
Console.WriteLine("Original: {0}", original);
//Verify the signature is authentic using the sender's public key.
if (myReceiver.VerifyHash(mySender.PublicParameters, encrypted, signature))
{
//Decrypt the data using the receiver's private key.
myReceiver.DecryptData(encrypted);
}
else
{
Console.WriteLine("Invalid signature");
}
}
}
class Sender
{
RSAParameters rsaPubParams;
RSAParameters rsaPrivateParams;
public Sender()
{
RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();
//Generate public and private key data.
rsaPrivateParams = rsaCSP.ExportParameters(true);
rsaPubParams = rsaCSP.ExportParameters(false);
}
public RSAParameters PublicParameters
{
get
{
return rsaPubParams;
}
}
//Manually performs hash and then signs hashed value.
public byte[] HashAndSign(byte[] encrypted)
{
RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();
SHA1Managed hash = new SHA1Managed();
byte[] hashedData;
rsaCSP.ImportParameters(rsaPrivateParams);
hashedData = hash.ComputeHash(encrypted);
return rsaCSP.SignHash(hashedData, CryptoConfig.MapNameToOID("SHA1"));
}
//Encrypts using only the public key data.
public byte[] EncryptData(RSAParameters rsaParams, byte[] toEncrypt)
{
RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();
rsaCSP.ImportParameters(rsaParams);
return rsaCSP.Encrypt(toEncrypt, false);
}
}
class Receiver
{
RSAParameters rsaPubParams;
RSAParameters rsaPrivateParams;
public Receiver()
{
RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();
//Generate public and private key data.
rsaPrivateParams = rsaCSP.ExportParameters(true);
rsaPubParams = rsaCSP.ExportParameters(false);
}
public RSAParameters PublicParameters
{
get
{
return rsaPubParams;
}
}
//Manually performs hash and then verifies hashed value.
public bool VerifyHash(RSAParameters rsaParams, byte[] signedData, byte[] signature)
{
RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();
SHA1Managed hash = new SHA1Managed();
byte[] hashedData;
rsaCSP.ImportParameters(rsaParams);
bool dataOK = rsaCSP.VerifyData(signedData, CryptoConfig.MapNameToOID("SHA1"), signature);
hashedData = hash.ComputeHash(signedData);
return rsaCSP.VerifyHash(hashedData, CryptoConfig.MapNameToOID("SHA1"), signature);
}
//Decrypt using the private key data.
public void DecryptData(byte[] encrypted)
{
byte[] fromEncrypt;
string roundTrip;
ASCIIEncoding myAscii = new ASCIIEncoding();
RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();
rsaCSP.ImportParameters(rsaPrivateParams);
fromEncrypt = rsaCSP.Decrypt(encrypted, false);
roundTrip = myAscii.GetString(fromEncrypt);
Console.WriteLine("RoundTrip: {0}", roundTrip);
}
}
}
' This example uses the SHA1 algorithm.
' Due to collision problems with SHA1, Microsoft recommends SHA256 or better.
Imports System.Text
Imports System.Security.Cryptography
Namespace RSACryptoServiceProvider_Examples
Class MyMainClass
Shared Sub Main()
Dim toEncrypt() As Byte
Dim encrypted() As Byte
Dim signature() As Byte
'Choose a small amount of data to encrypt.
Dim original As String = "Hello"
Dim myAscii As New ASCIIEncoding()
'Create a sender and receiver.
Dim mySender As New Sender()
Dim myReceiver As New Receiver()
'Convert the data string to a byte array.
toEncrypt = myAscii.GetBytes(original)
'Encrypt data using receiver's public key.
encrypted = mySender.EncryptData(myReceiver.PublicParameters, toEncrypt)
'Hash the encrypted data and generate a signature on the hash
' using the sender's private key.
signature = mySender.HashAndSign(encrypted)
Console.WriteLine("Original: {0}", original)
'Verify the signature is authentic using the sender's public key.
If myReceiver.VerifyHash(mySender.PublicParameters, encrypted, signature) Then
'Decrypt the data using the receiver's private key.
myReceiver.DecryptData(encrypted)
Else
Console.WriteLine("Invalid signature")
End If
End Sub
End Class
Class Sender
Private rsaPubParams As RSAParameters
Private rsaPrivateParams As RSAParameters
Public Sub New()
Dim rsaCSP As New RSACryptoServiceProvider()
'Generate public and private key data.
rsaPrivateParams = rsaCSP.ExportParameters(True)
rsaPubParams = rsaCSP.ExportParameters(False)
End Sub
Public ReadOnly Property PublicParameters() As RSAParameters
Get
Return rsaPubParams
End Get
End Property
'Manually performs hash and then signs hashed value.
Public Function HashAndSign(ByVal encrypted() As Byte) As Byte()
Dim rsaCSP As New RSACryptoServiceProvider()
Dim hash As New SHA1Managed()
Dim hashedData() As Byte
rsaCSP.ImportParameters(rsaPrivateParams)
hashedData = hash.ComputeHash(encrypted)
Return rsaCSP.SignHash(hashedData, CryptoConfig.MapNameToOID("SHA1"))
End Function 'HashAndSign
'Encrypts using only the public key data.
Public Function EncryptData(ByVal rsaParams As RSAParameters, ByVal toEncrypt() As Byte) As Byte()
Dim rsaCSP As New RSACryptoServiceProvider()
rsaCSP.ImportParameters(rsaParams)
Return rsaCSP.Encrypt(toEncrypt, False)
End Function 'EncryptData
End Class
Class Receiver
Private rsaPubParams As RSAParameters
Private rsaPrivateParams As RSAParameters
Public Sub New()
Dim rsaCSP As New RSACryptoServiceProvider()
'Generate public and private key data.
rsaPrivateParams = rsaCSP.ExportParameters(True)
rsaPubParams = rsaCSP.ExportParameters(False)
End Sub
Public ReadOnly Property PublicParameters() As RSAParameters
Get
Return rsaPubParams
End Get
End Property
'Manually performs hash and then verifies hashed value.
Public Function VerifyHash(ByVal rsaParams As RSAParameters, ByVal signedData() As Byte, ByVal signature() As Byte) As Boolean
Dim rsaCSP As New RSACryptoServiceProvider()
Dim hash As New SHA1Managed()
Dim hashedData() As Byte
Dim dataOK As Boolean
rsaCSP.ImportParameters(rsaParams)
dataOK = rsaCSP.VerifyData(signedData, CryptoConfig.MapNameToOID("SHA1"), signature)
hashedData = hash.ComputeHash(signedData)
Return rsaCSP.VerifyHash(hashedData, CryptoConfig.MapNameToOID("SHA1"), signature)
End Function 'VerifyHash
'Decrypt using the private key data.
Public Sub DecryptData(ByVal encrypted() As Byte)
Dim fromEncrypt() As Byte
Dim roundTrip As String
Dim myAscii As New ASCIIEncoding()
Dim rsaCSP As New RSACryptoServiceProvider()
rsaCSP.ImportParameters(rsaPrivateParams)
fromEncrypt = rsaCSP.Decrypt(encrypted, False)
roundTrip = myAscii.GetString(fromEncrypt)
Console.WriteLine("RoundTrip: {0}", roundTrip)
End Sub
End Class
End Namespace 'RSACryptoServiceProvider_Examples
注解
此方法创建使用 VerifyHash 方法验证的数字签名。
有效的哈希算法为 SHA1 和 MD5。 可以使用 MapNameToOID 方法从哈希名称派生算法标识符。
由于 SHA1 和 MD5 的冲突问题,Microsoft 建议使用基于 SHA256 或更高版本的安全模型。
另请参阅
适用于
.NET 10 和其他版本
| 产品 | 版本 |
|---|---|
| .NET | Core 1.0, Core 1.1, Core 2.0, Core 2.1, Core 2.2, Core 3.0, Core 3.1, 5, 6, 7, 8, 9, 10 |
| .NET Framework | 1.1, 2.0, 3.0, 3.5, 4.0, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1 |
| .NET Standard | 2.0, 2.1 |
使用指定的填充计算指定的哈希值的签名。
public:
override cli::array <System::Byte> ^ SignHash(cli::array <System::Byte> ^ hash, System::Security::Cryptography::HashAlgorithmName hashAlgorithm, System::Security::Cryptography::RSASignaturePadding ^ padding);C#
public override byte[] SignHash(byte[] hash, System.Security.Cryptography.HashAlgorithmName hashAlgorithm, System.Security.Cryptography.RSASignaturePadding padding);override this.SignHash : byte[] * System.Security.Cryptography.HashAlgorithmName * System.Security.Cryptography.RSASignaturePadding -> byte[]Public Overrides Function SignHash (hash As Byte(), hashAlgorithm As HashAlgorithmName, padding As RSASignaturePadding) As Byte()参数
- hash
- Byte[]
待签名数据的哈希值。
- hashAlgorithm
- HashAlgorithmName
要用于创建数据哈希值的哈希算法名称。
- padding
- RSASignaturePadding
填充。
返回
Byte[]
指定哈希值的 RSA 签名。
例外
hashAlgorithm 是 null 或 Empty。
padding 不等于 Pkcs1。
适用于
.NET 10 和其他版本
| 产品 | 版本 |
|---|---|
| .NET | Core 1.0, Core 1.1, Core 2.0, Core 2.1, Core 2.2, Core 3.0, Core 3.1, 5, 6, 7, 8, 9, 10 |
| .NET Framework | 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1 |
| .NET Standard | 2.0, 2.1 |
