A developer where I work is running into some difficulty using a certificate's private key to sign a payload on our production server. The code works on both his development box and the production server, but the two different locations end up with a different signature for the same payload. We've confirmed that it's the same certificate in both locations, but for some reason, the RSACryptoServiceProvider.SignData method seems to return a different value depending on whether it's being run on Windows 7 or Server 2008 R2.
Here's the code we're using - you can see that we've replaced the payload with a Base64 string from our config file, so it's not even possible that it could be a difference in the payload that's causing the different signatures.
byte[] encryptedSignature = new byte[1];
CspParameters cp = new CspParameters(24, "Microsoft Enhanced RSA and AES Cryptographic Provider", "{4FC30434-29E5-482D-B817-72102A046137}");
cp.Flags = CspProviderFlags.UseMachineKeyStore;
cp.KeyNumber = (int)KeyNumber.Exchange;
bool signatureVerified = false;
using (RSACryptoServiceProvider rsaCrypto = new RSACryptoServiceProvider(2048, cp))
{
encryptedSignature = rsaCrypto.SignData(Convert.FromBase64String(Propert开发者_StackOverflow中文版ies.Settings.Default.EncryptedSessionData), "SHA256");
// Signature verifies properly on both servers
signatureVerified = rsaCrypto.VerifyData(Convert.FromBase64String(Properties.Settings.Default.EncryptedSessionData), "SHA256", encryptedSignature);
}
Is it possible that the server, an x64 box, could be handling the signature differently than our x86 development workstations? It doesn't seem likely, but we're stumped as to why the production server would produce a different signature. Also, not sure if it matters, but this code comes from an ASP.NET page where we create the payload and then forward the visitor to a vendor's page along with the encrypted payload.
Hopefully somebody has some light to shed here or has seen something similar.
Change
CspParameters(24, "Microsoft Enhanced RSA and AES Cryptographic Provider", "{4FC30434-29E5-482D-B817-72102A046137}");
to
CspParameters cp = new CspParameters(24, "Microsoft Enhanced RSA and AES Cryptographic Provider", ((RSACryptoServiceProvider)cert.PrivateKey).CspKeyContainerInfo.KeyContainerName);
that will get the ContainerName from the PrivateKey. Nice avatar pic ;)
Random Padding is NOT used in PKCS1 V 1.5 SIGNATURE (EMSA-PKCS1-v1_5 as stated in PKCS1 RSA document). It is used only in ENCRYPTION (ie Encryption using Public Keys)
RSA employs random padding. You can't guarantee two signatures of the same plain text be the same.
try to verify the different signatures against the public key ... as long as both signatures are valid, there is no problem
精彩评论