C# 验证完整性Certifcate{RSACryptServiceProvider-SHA1-指纹}
我有个小问题。我想验证证书的完整性 所以我做了以下代码:C# 验证完整性Certifcate{RSACryptServiceProvider-SHA1-指纹},c#,certificate,sha1,verify,rsacryptoserviceprovider,C#,Certificate,Sha1,Verify,Rsacryptoserviceprovider,我有个小问题。我想验证证书的完整性 所以我做了以下代码: using System.Security.Cryptography; using System.Runtime.InteropServices; using System.Security.Cryptography.X509Certificates; SHA1Managed sha1 = new SHA1Managed(); RSACryptoServiceProvider csp = null; AsymmetricAlgorit
using System.Security.Cryptography;
using System.Runtime.InteropServices;
using System.Security.Cryptography.X509Certificates;
SHA1Managed sha1 = new SHA1Managed();
RSACryptoServiceProvider csp = null;
AsymmetricAlgorithm rsaAlgo = certificatEnCours.PublicKey.Key;
byte[] data = null;
byte[] hash = null;
string keyPublic = "";
string signatureLikeInteger = "";
bool verif = false;
// ------------- PART 1 -------------
signatureLikeInteger = certificatEnCours.Thumbprint;
data = Convert.FromBase64String(signatureLikeInteger);
// ------------- PART 2 -------------
hash = sha1.ComputeHash(certificatEnCours.RawData);
keyPublic = rsaAlgo.ToXmlString(false);
csp = new RSACryptoServiceProvider();
csp.FromXmlString(keyPublic);
// ------------------------------
verif = csp.VerifyData(hash, CryptoConfig.MapNameToOID("SHA1"), data);
我的问题是,我的变量“
verif
”上已经有值“false
”这里没有实际问题。您是对的,您无条件地忽略了verif的初始值。更重要的是,您是否考虑过使用X509Certificate2进行验证
X509Certificate2 x2 = new X509Certificate2(certificatEnCours);
bool verif = x2.Verify();
我认为这比重新发明轮子更明智
编辑:如果您正在验证证书链,我相信您希望使用
尤其是财产。有人能重新格式化这个问题吗。读起来非常困难。