各位大神帮帮忙:
有下面两段java代码:
证书签名方法(加密)
1)将data(根据规范要求决定是否和timestamp拼接在一起)做hash
2)使用用户私钥key对hash做加密。
3)加密的结果用hex编码
其中data代表要签名的数据,timestamp代表时间戳,key代表证书的私钥
public class Sign implements ISign {
public String sign(String data, long timestamp, PrivateKey key) throws Exception {
return sign(data.getBytes("utf-8"), timestamp, key);
}
public String sign(String data, PrivateKey key) throws Exception{
return sign(data.getBytes("utf-8"), 0, key);
}
public String sign(byte [] data, PrivateKey key) throws Exception {
return sign(data, 0, key);
}
public String sign(byte [] data, long timestamp, PrivateKey key) throws Exception {
MessageDigest md = MessageDigest.getInstance("SHA-256");
md.update(data);
if(timestamp > 0){
md.update(EncodeUtil.toBE(timestamp));
}
byte[] hash = md.digest();
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] encrypted = cipher.doFinal(hash);
return HexBin.encode(encrypted);
}
}
EncodeUtil.toBE:
public class EncodeUtil {
public static byte[] toBE(long data) {
String ts = String.valueOf(data);
if (ts.length() >= 13){
//平台http协议加密用,平台时间戳毫秒13位
byte[] buffer = new byte[8];
buffer[0] = (byte)(data >>> 56);
buffer[1] = (byte)(data >>> 48);
buffer[2] = (byte)(data >>> 40);
buffer[3] = (byte)(data >>> 32);
buffer[4] = (byte)(data >>> 24);
buffer[5] = (byte)(data >>> 16);
buffer[6] = (byte)(data >>> 8);
buffer[7] = (byte)(data >>> 0);
}else{ //终端tcp协议加密用,终端时间戳秒10位
byte[] buffer = new byte[4];
buffer[0] = (byte)(data >>> 24);
buffer[1] = (byte)(data >>> 16);
buffer[2] = (byte)(data >>> 8);
buffer[3] = (byte)(data >>> 0);
}
return buffer;
}
}
验证签名方法(解密)
1)将data和timestamp(如果有)拼接在一起做hash
2)对encodedEncryptedStr做hex解码
3)使用证书验证数据的有效性(比较hash)
其中data代表要被解密的数据,timestamp代表时间戳,encodedEncryptedStr代表签名之后的串,userCert代表用公钥生成的X509Certificate对象。
public class Verify implements IVerify {
public boolean verify(String data, long timestamp, String encodedEncryptedStr,
X509Certificate userCert) throws Exception
{
return verify(data.getBytes("utf-8"), timestamp, encodedEncryptedStr, userCert);
}
public boolean verify(String data, String encodedEncryptedStr,
X509Certificate userCert) throws Exception
{
return verify(data.getBytes("utf-8"), 0, encodedEncryptedStr, userCert);
}
public boolean verify(byte [] data, String encodedEncryptedStr,
X509Certificate userCert) throws Exception{
return verify(data, encodedEncryptedStr, userCert);
}
public boolean verify(byte [] data, long timestamp, String encodedEncryptedStr,
X509Certificate userCert) throws Exception
{
MessageDigest md = MessageDigest.getInstance("SHA-256");
md.update(data);
if(timestamp > 0){
md.update(EncodeUtil.toBE(timestamp));
}
byte[] hash = md.digest();
byte[] encryptedStr = HexBin.decode(encodedEncryptedStr);
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE, userCert);
byte[] plain = cipher.doFinal(encryptedStr);
boolean ok = Arrays.equals(hash, plain);
return ok;
}
}
现在需要将第二部分 解密用c# 实现 ,有什么好的思路吗?真心求教!