C # programming Summary (8) Digital Signature

In daily work, there are many documents that need to be reviewed, signed, and stamped by leaders. As the company's business is carried out, cross-regional and cross-border businesses are becoming increasingly common, and the signature and stamp of leaders become very troublesome, at the beginning, people solve the problem by mailing or fax, but it takes time, manpower, and material resources. Today, with the increasingly in-depth networking, more and more things need to be approved and signed and stamped by leaders, and the time is getting increasingly urgent. The emergence of digital signatures has effectively solved this problem. It has promoted the development of the Internet and multinational corporations. Digital Signature 1. Concept digital signature is based on the hash algorithm and public key encryption algorithm. plaintext packets are first computed using the hash algorithm and then encrypted using the private key, the obtained value is the digital signature of the original text. Digital signatures (also known as public key digital signatures and electronic signatures) are similar to common physical signatures written on paper. However, they are implemented using public key encryption technology and used to identify digital information. A set of digital signatures usually define two complementary operations, one for signature and the other for verification. It can be used to represent the electronic signature. 2. The working principle flowchart is as follows: the use of digital signature generally involves the following steps. We will introduce the case through secure email (1) the sender generates or obtains a unique encryption password group, including the private key and public key. (2) email writing by the sender (3) The sender uses a secure Digest algorithm to obtain the abstract of the email information (4) The sender then encrypts the Abstract With the private key, to obtain the digital signature. (5) The sender attaches the digital signature to the information. (6) The sender sends the digital signature and Information (encrypted or unencrypted) to the electronic recipient. (7) The recipient uses the sender's public password (Public Key) to confirm the sender's electronic signature, that is, the sender's digital signature is decrypted through the public key to obtain the information abstract (8) the recipient uses the same security Digest algorithm to obtain the "information digest" of information (encrypted or unencrypted ". (9) The recipient compares two information summaries. if the two are the same, the recipient can be sure that the information has not changed after it is issued (10) the recipient has obtained the certificate from the certification authority (or by the sender of the information ), this certificate is used to confirm the authenticity of the digital signature sent by the sender. in the digital signature system, the certification organization is a typical third party entrusted with management certification services. the certificate contains the sender's public password and name (and other possible additional information), and is digitally signed by the certification authority. (1 )~ (6) It is the digital signature creation process (7 )~ (10) It is a digital signature verification process. 3. Main function. 1. Anti-spoofing. Because the private key is only known to the signatory, no one else can forge a correct signature. 2. identifiable identity, after the receiver decrypts the message signature with the public key of the sender, it matches the original text. 3. anti-tampering. The plaintext and signature value are sent together for mutual verification, prevent data tampering. 4. Anti-Denial. The signature value can identify the identity. The information contained in the signed data cannot be offset. 4. Typical applications are as follows: one of the most important application scenarios of online banking, e-commerce, e-government, and network communication is digital certificates, which will be detailed in subsequent articles. 5. Use RSA to implement digital signature copy code /// <summary> /// digital signature /// </summary> /// <param name = "plaintext"> original article </param> /// <param name = "privateKey"> Private Key </param> /// <returns> signature </returns> public static string HashAndSignString (string plaintext, string privateKey) {UnicodeEncoding ByteConverter = new UnicodeEncoding (); byte [] dataToEncrypt = ByteConverter. getBytes (plaintext); using (RSACryptoServiceProvider RSAalg = n Ew RSACryptoServiceProvider () {RSAalg. fromXmlString (privateKey); // use the SHA1 Digest algorithm to generate the signature byte [] encryptedData = RSAalg. signData (dataToEncrypt, new SHA1CryptoServiceProvider (); return Convert. toBase64String (encryptedData) ;}} copy the code signature for authentication: copy the code /// <summary> /// verify the signature /// </summary> /// <param name = "plaintext"> original </param> // <param name = "SignedData"> signature </param> // <param name = "publicKey"> Public Key </param> /// <Returns> </returns> public static bool VerifySigned (string plaintext, string SignedData, string publicKey) {using (RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider () {RSAalg. fromXmlString (publicKey); UnicodeEncoding ByteConverter = new UnicodeEncoding (); byte [] overoverifybytes = ByteConverter. getBytes (plaintext); byte [] signedDataBytes = Convert. fromBase64String (SignedData); ret Urn RSAalg. verifyData (dataToVerifyBytes, new SHA1CryptoServiceProvider (), signedDataBytes);} copy the code test case: copy the code public static void TestSign () {string originalData = "this is my signature: obama! "; Console. writeLine ("number of signatures: {0}", originalData); KeyValuePair <string, string> keyPair = Encrypter. createRSAKey (); string privateKey = keyPair. value; string publicKey = keyPair. key; // 1. Generate a signature using the Digest algorithm string signedData = Encrypter. hashAndSignString (originalData, privateKey); Console. writeLine ("Digital Signature: {0}", signedData); // 2. verify the signature bool verify = Encrypter. verifySigned (originalData, signedData, publicKey); Console. writeLine ("Signature Verification Result: {0}", verify);} copy the code