sign a request using SHA1 and private.key

[MaxPlatinum]

Hello, I have private key like:

string privateKey = @"-----BEGIN PRIVATE KEY-----
MIICd...............................
hqhPg==
-----END PRIVATE KEY-----";

And request like:

string request = "<?xml version=\"1.0\" encoding=\"windows-1251\"?><request>...............</request>";

.

I need to write code in C# based on Openssl commands:

openssl dgst –sha1 -out request.sign –sign private.key request.txt
openssl base64 -in request.sign –out request.enc

How to code these commands in C#? I tried a lot of exmaples and didnt get result. Could anyone code it please? How to read private key?

 

[JohnH]

Found this online converter: RSA PEM TO XML - RSAKeyConverter
Then this works in .Net Framework:

using (var rsa = RSA.Create())
{
    rsa.FromXmlString(File.ReadAllText(@"X:\privkey.xml"));
    var data = System.Text.Encoding.UTF8.GetBytes(requestData);
    var signed = rsa.SignData(data, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
    var b64 = Convert.ToBase64String(signed);
    
}

 

[MaxPlatinum]

Found this online converter: RSA PEM TO XML - RSAKeyConverter
Then this works in .Net Framework:

using (var rsa = RSA.Create())
{
    rsa.FromXmlString(File.ReadAllText(@"X:\privkey.xml"));
    var data = System.Text.Encoding.UTF8.GetBytes(requestData);
    var signed = rsa.SignData(data, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
    var b64 = Convert.ToBase64String(signed);
   
}

Thanks, I did it, but the result is different as generated by openssl:
request.enc, generated by openssl:

Pya7wHvOpzG..............................ieTzzUGHck=

this generated by code you gave:

3Ucn7Yg4NwoA6LRJjLg7e..............................ZWPQARI9/g1gRng=

 

[JohnH]

Ok, I get the same results as openssl.

 

[MaxPlatinum]

Ok, I get the same results as openssl.

Because I will send requests to server, and server supports only same format like: (in 4.5 Net framework)

-----BEGIN PRIVATE KEY-----
MIICd...............................
hqhPg==
-----END PRIVATE KEY-----

 

[JohnH]

What do you mean? Xml format is just a way for .Net RSA to read it, the key is not changed of course.

 

[MaxPlatinum]

What do you mean? Xml format is just a way for .Net RSA to read it, the key is not changed of course.

You know the situation is:
1) I did:
openssl genrsa -out private.key 1024 openssl rsa -in private.key –pubout –out public.key
2) I registered public key in the server
3) I have to do:
openssl dgst –sha1 -out request.sign –sign private.key request.txt openssl base64 -in request.sign –out request.enc
When I use the key which generated from your code, I think maybe it will be conflict with generated public key in openssl. Or there will not be any problem?

 

[JohnH]

My code doesn't generate any key, it signs with same private key used with openssl. I get same bytes in variable signed as in request.sign file from openssl, and same base64 string.

 

[MaxPlatinum]

My code doesn't generate any key, it signs with same private key used with openssl. I get same bytes in variable signed as in request.sign file from openssl, and same base64 string.

Ok, just let me try

 

[MaxPlatinum]

Why request is not getting value inside the file? Am I giving wrong path? even I did var request = "request.txt" is not getting value inside the file

My code doesn't generate any key, it signs with same private key used with openssl. I get same bytes in variable signed as in request.sign file from openssl, and same base64 string.

 

[JohnH]

Use File.ReadAllText if you want to read the text content of file.

 

[MaxPlatinum]

Use File.ReadAllText if you want to read the text content of file.

Sorry for bothering you a lot. Am I converting Xml correct:

static void Main(string[] args)
        {
            var request = @"<?xml version=""1.0"" encoding=""windows - 1251""?><request><agents><getBalance/></agents></request>";
            XmlDocument xmlDoc = new XmlDocument();
            xmlDoc.LoadXml(request);
            using (var rsa = RSA.Create())
            {
                rsa.FromXmlString(File.ReadAllText(@"privkey.xml"));
                var data = System.Text.Encoding.UTF8.GetBytes("how about here");    //////////////////////////////////////////////////////////////
                var signed = rsa.SignData(data, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
                var b64 = Convert.ToBase64String(signed);
                Console.WriteLine(b64);
                Console.ReadLine();
            }
        }

 

[JohnH]

Now that you have the text you want to sign in request variable it is GetBytes(request) as before.

In the text the xml encoding should be "windows-1251", not "windows - 1251"

 

[Skydiver]

Also note that everything discussed so far has been signing the XML file as if it were any other kind of file. There is a separate standard for correctly signing XML files:

XML Signature - Wikipedia

en.wikipedia.org

 

[MaxPlatinum]

Now that you have the text you want to sign in request variable it is GetBytes(request) as before.

In the text the xml encoding should be "windows-1251", not "windows - 1251"

thank you so much! I appriciate a lot. Everything you said perfect and it works.

 

[MaxPlatinum]

Also note that everything discussed so far has been signing the XML file as if it were any other kind of file. There is a separate standard for correctly signing XML files:

XML Signature - Wikipedia

en.wikipedia.org

thank you so much for you too. I appriciate your help!