使用 public 密钥验证签名 XML 中的私钥

Question

我用javascript打开CAPICOM商店选择证书。 之后我导出选定的证书、public 密钥和该证书的私钥并将它们放在三个隐藏字段中。

    var privateKey = certificates.Item(1).PrivateKey;
    var cert = certificates.Item(1);
    var publicKey = cert.PublicKey().EncodedKey.Value

签名时xml我使用了：

拿证

    Dim hideCertCapicom As String = Replace(HiddenCert.Value, " ", "+")
    Dim certificate As New X509Certificate2(Convert.FromBase64String(hideCertCapicom))

为了定义我使用的私钥

    Dim keyC As String = hideKey 

    Dim cspp As New CspParameters()
    cspp.KeyContainerName = keyC

    Dim tmpRsa As New RSACryptoServiceProvider(cspp)
    tmpRsa.PersistKeyInCsp = True

这将成功签署我的xml。

为了验证 xml 我使用了：

    Dim hidePublicKey As String = HiddenPublicKey.Value

    Dim keyC As String = hidePublicKey

    Dim cspp As New CspParameters()
    cspp.KeyContainerName = keyC 

    Dim tmpRsa As New RSACryptoServiceProvider(cspp)
    tmpRsa.PersistKeyInCsp = True

但这不起作用。只有当我再次使用私钥时它才有效。

使用相同的私钥签名和验证或使用 public 密钥进行签名和验证是好的做法吗？

Answer 1

我能够用私钥签名并用public密钥验证签名，我想和你分享。

在 SignXml() 函数中，我从私钥导出了 public 密钥：

 Dim publicKey as String = tmpRsa.ToXmlString(False) 

然后在同一个函数中调用 verifyXml() 函数：

 Dim verifySign As Boolean

 verifySign = VerifyXml(doc, publicKey)

在 verifyXml() 函数中，我以这种方式获取了 public 键：

Public Function VerifyXml(Doc As XmlDocument, Key As String) As Boolean

 Dim tmpRsa As New RSACryptoServiceProvider()
 tmpRsa.FromXmlString(Key)

 Dim signedXml As New SignedXml(Doc)

 Dim nodeList As XmlNodeList = Doc.GetElementsByTagName("Signature")

 If nodeList.Count <= 0 Then
    Throw New CryptographicException("Verification failed: No Signature was found in the document.")
 End If

 If nodeList.Count >= 2 Then
    Throw New CryptographicException("Verification failed: More that one signature was found for the document.")
 End If

 signedXml.LoadXml(DirectCast(nodeList(0), XmlElement))

 Return signedXml.CheckSignature(tmpRsa)

End Function