DSAPryptoServiceProvider的.NET 4.0 DsaKeyValue必需/可选参数查询

时间:2012-12-30 20:14:01

标签: c# cryptography dsa keyczar

我对于为DSACryptoServiceProvider加载XML的必需/可选要求感到困惑。

this网站上,以下是架构: 架构定义:

   <element name="DSAKeyValue" type="ds:DSAKeyValueType"/> 
   <complexType name="DSAKeyValueType"> 
     <sequence>
       <sequence minOccurs="0">
         <element name="P" type="ds:CryptoBinary"/> 
         <element name="Q" type="ds:CryptoBinary"/>
       </sequence>
       <element name="G" type="ds:CryptoBinary" minOccurs="0"/> 
       <element name="Y" type="ds:CryptoBinary"/> 
       <element name="J" type="ds:CryptoBinary" minOccurs="0"/>
       <sequence minOccurs="0">
         <element name="Seed" type="ds:CryptoBinary"/> 
         <element name="PgenCounter" type="ds:CryptoBinary"/> 
       </sequence>
     </sequence>
   </complexType>

但是,根据MSDN,DsaKeyValue XML的定义如下:

<DSAKeyValue>

  <!-- Child elements -->
  P,
  Q,
  G?,
  Y,
  J?,
  Seed,
  PgenCounter

</DSAKeyValue>

从XML导入时我得到了错误的数据。以下是我的代码:

JsonDictionary privateKeyDictionary = (JsonDictionary) JsonReader.Parse(privateKey);
//FYI: this private signing key was generated using Keyczar.

var dsaParameterArray = privateKeyDictionary["publicKey"] as JsonDictionary;

    DSACryptoServiceProvider signer = new DSACryptoServiceProvider(1024);

    var pArray = Encoding.UTF8.GetBytes(dsaParameterArray["p"].ToString());
    string p = Convert.ToBase64String(pArray);

    var qArray = Encoding.UTF8.GetBytes(dsaParameterArray["q"].ToString());
    string q = Convert.ToBase64String(qArray);

    var gArray = Encoding.UTF8.GetBytes(dsaParameterArray["g"].ToString());
    string g = Convert.ToBase64String(gArray);

    var yArray = Encoding.UTF8.GetBytes(dsaParameterArray["y"].ToString());
    string y = Convert.ToBase64String(yArray);

    xml = String.Format("<DSAKeyValue><P>{0}</P><Q>{1}</Q><G>{2}</G><Y>{3}</Y><J/><Seed/><PgenCounter/></DSAKeyValue>", p, q, g, y);
    doc = new XmlDocument();
    doc.LoadXml(xml);
    signer.FromXmlString(doc.InnerXml);

所有这一切,我的问题是我的钥匙里没有“J”,“种子”和“PgenCounter”因此我没有提供它们。根据W3C,那是可选的。但是,我的密钥中有一个“x”,但不确定是什么。

根据W3C,Seed和PgenCounter标签是可选的。但是,MSDN根据需要定义它。

我已经尝试删除J,Seed和PgenCounter标签,这似乎没有帮助。

谢谢!

1 个答案:

答案 0 :(得分:2)

以下是Mono为此示例生成的测试Dsa密钥的示例输出:

<DSAKeyValue
    <P>jTBkDXQ38ZCYNzCK8gmweKsJ/mTqtDkf9TMNJnJycC4Hel2B/owSoOBGclAXhFLkvGqOC+zz8uMz7X2K31rvTpFxhTD7j6MDiVkjQEhFIacb6+TUn71x0KdN3nZo0CR8QgkkU10bkjHq2409S34pU6d8fZaMUFyOFZtSbkxFGV8=</P>
    <Q>6N/tEzeK0DS5nS/PBg944efSlPs=</Q>
    <G>OCsUHXdniP4HpLV537LsaetSI3DQRI8dyQUOdhpCFk00t+/Sadokn2rt0dYkL1KCGTc74Z9fXpCKA0ae3aqh63GvV6Uznjn8Mm75jeS9O03YyNmTMKTi1mcTFVipLanaWskqR9o3+DaTY6Puk7UkL9dDEsF+njAE412DCihej0Q=</G>
    <Y>gjzX/7ggD8ax1inJv+7GsDNcLWr7wvxLvBETO0BxrMYABP4cH4xF/w63dghNgXOSEFKZ8SFQZpdDhG6LLlysIzOW/KvEE/L2/xkT4tWZUAhxYkVbdjfphVkH4IVqrKbpUUsHcTj/7qc7FtEepWLlywIMNW3dTeeaP3DuKnMIn7w=</Y>
    <J>mzWoXBr+3jptO5/JOYh+bNckQgwuwHhCyqbGCJotoVpZzTts10rWEOdf0wQGtWTCXnpU/so1P8S6ZItvflYJxX77fZxv9iEOLcaNIUwBbgv2Jf5kRFx9xAz0yafHQTSyzZJW7bcc+mU2SaG6</J>
    <Seed>NfC0CEI+/bzAnuyGgUo2PHTLyw8=</Seed>
    <PgenCounter>OA==</PgenCounter>
    <X>pK0LlCD6PLynniOKtW/S+iyR3F8=</X>
</DSAKeyValue>

这包括私人参数。如果我只包含公共参数,则输出为:

<DSAKeyValue>
    <P>6run4SADV/kR/oEUmYXCTIqwWHG9yE+vMlnAbh4+I1YYTTCZ7Mf9BKZ6Z4WlSk+7WcnX+idT0HI5lOht+f5p32Z7aV86f89fLz4FTB+6r5B/cF8hhNe3mdGVpzzInwh2o16H9ejaB4chgOMASgeeBdNSzgVfj2RRWOZVX8wXWKU=</P>
    <Q>mfCvMD98ObtyBO1bJ6rIno2Wxws=</Q>
    <G>kgwCcpUWTyGaps8P/ePGj+CZUKSl2kxeJUSABYkgOa5I7OVIWrEgNl5fxCrs7qjXwJ+P+hQFe3HeHZWXONGgHpuakvDtp+G0wXuNUIF4vVwmZ0ff63TMFHGdUQXhsJPtK4ZK3LppSvWXACSzvZETH35A79nm4WRXlAIcHpxyeyg=</G>
    <Y>3fUEqW303wicxGJwsq1DoGKtvNUc3Eo33fpsdHMtZj+SyOH5ihvgKE7qd8yQxZH5qMI+5SFTokdwD8lh1jwmIq+Rrf2hi3RjZqNx+Lf3c6xRW3vDZSeTKwW/2xPiA+5z1rpO1/o2Bo5vV8i0ML3ik0VZasNVouo3C9KSX7Ya2cw=</Y>
    <J>AAAAAYZbcc5kA7nb5725pbY/qaTakYrxutdCZKEbtFu8KeXYFLCyw3FWlhmvMsStoAkleCnop0bBIoI3FLSEq5ZqUGcBfpNsV4qCs6tKcS7aZ8OFWpXncrYF1pwpaKpdzjDCaV69CEgkDCdQHw4gbA==</J>
    <Seed>n6ylLBasoS2Xqoc+QvBAXxQaFsc=</Seed>
    <PgenCounter>Dg==</PgenCounter>
</DSAKeyValue>

注意缺少的'X'值是私钥。

您不应该尝试手动解析这些。而是使用DsaCryptoServiceProvider.FromXmlString方法。此外,除非我误读了输出,否则此 与W3C标准兼容,尽管我的上述评论仍然存在。

编辑

以下是我用来生成密钥的代码。请记住,这是在Mac OS X上使用Mono,但我认为它在Windows上的.NET中也是如此。

using System;
using System.Security.Cryptography;

namespace DsaParametersToy
{
    class MainClass
    {
        public static void Main (string[] args)
        {
            var dsa = new DSACryptoServiceProvider(1024);
            var dsaparams = dsa.ToXmlString(false);
            Console.WriteLine (dsaparams);
        }
    }
}