.NET - 移植的RSACryptoServiceProvider以CNG为签约数据

Question

我试图端口用C＃编写的RSA签名功能，从（比较好用）RSACryptoServiceProvider.SignHash方法，对CNG API，为了使用特定cryptographic service provider。

这是原来的（移植前）功能：

private static byte[] SignDigest(RSAParameters keyMaterial, byte[] digest, string hashAlgo) 
    { 
     using (var cryptoProvider = new RSACryptoServiceProvider()) 
     { 
      cryptoProvider.ImportParameters(keyMaterial); 
      // hashAlgo can only be one of "SHA1", "SHA256", "SHA384" and "SHA512". 
      return cryptoProvider.SignHash(digest, CryptoConfig.MapNameToOID(hashAlgo)); 
     } 
    } 

相当简单，你不觉得吗？当移植到CNG，这是我能做到迄今为止最好的：

private static byte[] SignDigest(RSAParameters keyMaterial, byte[] digest, string hashAlgo) 
    { 
     var size = 6 * 4 + keyMaterial.Exponent.Length + keyMaterial.Modulus.Length + keyMaterial.P.Length + keyMaterial.Q.Length; 
     var keyBlob = new byte[size];    
     using (var writer = new BinaryWriter(new MemoryStream(keyBlob))) 
     { 
      // This is BCRYPT_RSAKEY_BLOB structure (https://msdn.microsoft.com/en-us/library/windows/desktop/aa375531(v=vs.85).aspx). 
      writer.Write(0x32415352); // BCRYPT_RSAPRIVATE_MAGIC 
      writer.Write(keyMaterial.Modulus.Length * 8); // BitLength 
      writer.Write(keyMaterial.Exponent.Length); // cbPublicExp 
      writer.Write(keyMaterial.Modulus.Length); // cbModulus 
      writer.Write(keyMaterial.P.Length); // cbPrime1 
      writer.Write(keyMaterial.Q.Length); // cbPrime2 
      writer.Write(keyMaterial.Exponent); // PublicExponent 
      writer.Write(keyMaterial.Modulus); // Modulus 
      writer.Write(keyMaterial.P); // Prime1 
      writer.Write(keyMaterial.Q); // Prime2 
     } 

     // Function NCryptImportKey uses "RSAPRIVATEBLOB" to indicate a BCRYPT_RSAPRIVATE_BLOB structure. 
     // See https://msdn.microsoft.com/en-us/library/windows/desktop/aa376276(v=vs.85).aspx. 

     var key = CngKey.Import(keyBlob, new CngKeyBlobFormat("RSAPRIVATEBLOB"), _myProvider); 

     IntPtr pPaddingInfo = question; // What do I specify here? 
     byte[] pbHashValue = question; // Should I calculate hash from digest? How can I make sure it will be valid for verification? 
     byte[] pbSignature = question; // Is the signature size related to hash size? Or RSA key size? 
     int dwFlags = question; // Should I use BCRYPT_PAD_PKCS1 here or simply zero? 

     int pcbResult; 
     int result; 

     using (var hKey = key.Handle) 
     { 
      result = NCryptSignHash(hKey, pPaddingInfo, pbHashValue, pbHashValue.Length, pbSignature, pbSignature.Length, out pcbResult, dwFlags); 
     } 

     if (result != 0) 
      throw new Exception(); 

     return TrimArray(pbSignature, pcbResult); 
    } 

    // As described on https://msdn.microsoft.com/en-us/library/windows/desktop/aa376295(v=vs.85).aspx. 
    [DllImport("ncrypt.dll")] 
    internal static extern NCryptErrorCode NCryptSignHash(
     SafeNCryptKeyHandle hKey, 
     IntPtr pPaddingInfo, 
     [MarshalAs(UnmanagedType.LPArray)] byte[] pbHashValue, 
     int cbHashValue, 
     [MarshalAs(UnmanagedType.LPArray)] byte[] pbSignature, 
     int cbSignature, 
     out int pcbResult, 
     int dwFlags); 

我能成功导入的关键，CNG，但我不知道如何执行签名操作。欢迎任何帮助......

Answer 1

如果你在.NET 4.6或更高版本，然后var key = CngKey.Import(...)

using (RSACng rsa = new RSACng(key)) 
{ 
    // Consider changing your signature to take a HashAlgorithmName instead of string. 
    // I'm assuming you want RSA-SSA PKCS#1 v1.5 instead of RSA-SSA-PSS. 
    return rsa.SignHash(digest, new HashAlgorithmName(hashAlgo), RSASignaturePadding.Pkcs1); 
} 

或之后你可以检查出https://referencesource.microsoft.com/#System.Core/System/Security/Cryptography/RsaCng.cs,672daeef0962f4ad，如果你想看到的P /调用（假设你没有做任何违反referencesource.microsoft.com许可证的行为）。