Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Verifying PHP OpenSSL signature in C# with RSACryptoProvider

Tags:

c#

php

openssl

bouncycastle

rsacryptoserviceprovider

I am attempting to verify an OpenSSL signature (created using openssl_sign with SHA1 in PHP) using C# RSACryptoProvider.VerifyData. It is returning false using the correct public key certificate.

Any idea about how to do this successfully?

EDIT:

I attempted to verify the OpenSSL SHA1 signature using BouncyCastle with the following code but verification is failing. Are the signatures calculated differently? How can I create a signature with OpenSSL that is verifiable by .NET?

byte[] signatureBytes = UTF8Encoding.Default.GetBytes(signature);
  byte[] dataBytes = UTF8Encoding.Default.GetBytes(data);

  StreamReader sr = new StreamReader(Path.Combine(@"C:\test", @"test\test.crt"));
  PemReader pr = new PemReader(sr);

  Org.BouncyCastle.X509.X509Certificate cert = (Org.BouncyCastle.X509.X509Certificate)pr.ReadObject();

  ISigner sig = SignerUtilities.GetSigner("SHA1WithRSAEncryption");
  sig.Init(false, cert.GetPublicKey());
  sig.BlockUpdate(dataBytes, 0, dataBytes.Length);
  if (sig.VerifySignature(signatureBytes)) {
    Console.WriteLine("all good!");
  }

PHP Code:

function signTokenWithPrivateKey($message, $keyLocation) {
  try {
    if (file_exists($keyLocation)) {
      $privateKey= openssl_get_privatekey(file_get_contents($keyLocation));

      $signature = '';
      if (!openssl_sign($message, $signature, $privateKey)) {
        die('Failed to encrypt');
      }

      openssl_free_key($privateKey);
    }
  }
  catch (Exception $ex) {

  }

  return $signature;
}
like image 314
theringostarrs Avatar asked Jan 01 '26 20:01

theringostarrs

1 Answers

The following code should do the trick for you. It loads the certificate from the file path given and then uses the public key to verify the data against the given signature. Returns true if valid.

            byte[] signature = Convert.FromBase64String(Signature);

            byte[] data = Encoding.UTF8.GetBytes(Data);

            var x509 = new X509Certificate2(Path.Combine(@"C:\test", @"test\test.crt"));

            var rsa = x509.PublicKey.Key as RSACryptoServiceProvider;
            if (rsa == null)
            {
                LogMessage("Authorize", "Invalid", Level.Alert);
                return false;
            }

            string sha1Oid = CryptoConfig.MapNameToOID("SHA1");

            //use the certificate to verify data against the signature
            bool sha1Valid = rsa.VerifyData(data, sha1Oid, signature);

            return sha1Valid;
like image 53
Sharkz Avatar answered Jan 03 '26 10:01

Sharkz
Sign in to Comment

Related questions

C# equivalent of Java Class.this
Windows 8 Metro App - Render PNGs
Hiding the gray border of the ZedGraph control
Retrive a PDF from running a report with JasperReports Server API
Reading Excel 2010 file - cells in C#

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!