我通过运行以下命令生成了密钥:
openssl ecparam -genkey -name secp256k1 -out private.key
值得一提的是,我必须使用secp256k1曲线。
这里是private.key:
-----BEGIN EC PARAMETERS-----
BgUrgQQACg==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MHQCAQEEIMaqRFP3zkco2B2xZaIDQ0/JGcgOqzLPcTTJPqvpu+UooAcGBSuBBAAK
oUQDQgAEp0mktO9BMlsVw9lG8EIxr9wZizBHSlUv3VIbf3sTBmCxE4myJvZcgF8b
qDp0T/o9TqnsBw15LU3wdnqV4tJp6w==
-----END EC PRIVATE KEY-----
然后我尝试签署一些随机的纯文本消息:
var privateKey = CngKey.Import(privateKeyBytes, CngKeyBlobFormat.EccPrivateBlob);
var signer = new ECDsaCng(privateKey);
var signed = signer.SignData(messageBytes, HashAlgorithmName.SHA256);
但是在调用CngKey.Import时遇到问题:Windows Cryptography Next Generation (CNG) is not supported on this platform.(MacOS)
有没有办法跨平台完成它?
感谢 Maarten Bodewes我找到了BouncyCastle.NetCore软件包。
这里是解决方法:
public void Main()
{
var asymmetricCipherKeyPair = ReadAsymmetricCipherKeyPairFromPem("./key.pem");
var signature = GetSignature(asymmetricCipherKeyPair.Private, "Some message");
}
private string GetSignature(AsymmetricKeyParameter privateKeyParameter, string message)
{
var signer = SignerUtilities.GetSigner("SHA-256withECDSA");
signer.Init(true, privateKeyParameter);
signer.BlockUpdate(Encoding.ASCII.GetBytes(message), 0, Encoding.ASCII.GetBytes(message).Length);
var signature = signer.GenerateSignature();
return Convert.ToBase64String(signature);
}
private AsymmetricCipherKeyPair ReadAsymmetricCipherKeyPairFromPem(string pathToPem)
{
using var reader = File.OpenText(pathToPem);
var keyPair = (AsymmetricCipherKeyPair)new PemReader(reader).ReadObject();
return keyPair;
}