Java和.Net互相使用RSA加密时的问题和处理方法
前言
我们产品是使用JAVA语言开发的,有个供第三方获取Token的接口,过程大概就是第三方先调一个注册接口,获取一个RSA公钥,然后用通过公钥加密后的一些认证信息调用获取Token的接口,如果信息无误,则发放Token。
前段时间就遇到了对方是使用.Net进行开发的系统,在第一步获取公钥时没用问题,加密后的信息传过来就怎么都解密不了的情况,后来了解到,C#的默认密钥格式上似乎是略有不同才导致的问题。
NET Framework中,的RSACryptoServiceProvider
默认使用Microsoft
的专有格式
Java 通常使用PKCS#8
格式的私钥和X.509
格式的公钥
解决方案
其实C#中转换一下就可以了
示例代码
RsaApi.cs
using System; using System.Collections.Generic; using System.Linq; using System.Web; using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Pkcs; using Org.BouncyCastle.Security; using Org.BouncyCastle.X509; using System.Xml; using System.Text; using System.Security.Cryptography; namespace RsaApi { public class RSAConvert { /// <summary> /// RSA私钥格式转换,java->.net /// </summary> /// <param name="privateKey">java生成的RSA私钥</param> /// <returns></returns> public static string RSAPrivateKeyJava2DotNet(string privateKey) { RsaPrivateCrtKeyParameters privateKeyParam = (RsaPrivateCrtKeyParameters)PrivateKeyFactory.CreateKey(Convert.FromBase64String(privateKey)); return string.Format("<RSAKeyValue><Modulus>{0}</Modulus><Exponent>{1}</Exponent><P>{2}</P><Q>{3}</Q><DP>{4}</DP><DQ>{5}</DQ><InverseQ>{6}</InverseQ><D>{7}</D></RSAKeyValue>", Convert.ToBase64String(privateKeyParam.Modulus.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.PublicExponent.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.P.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.Q.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.DP.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.DQ.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.QInv.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.Exponent.ToByteArrayUnsigned())); } /// <summary> /// RSA私钥格式转换,.net->java /// </summary> /// <param name="privateKey">.net生成的私钥</param> /// <returns></returns> public static string RSAPrivateKeyDotNet2Java(string privateKey) { XmlDocument doc = new XmlDocument(); doc.LoadXml(privateKey); BigInteger m = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Modulus")[0].InnerText)); BigInteger exp = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Exponent")[0].InnerText)); BigInteger d = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("D")[0].InnerText)); BigInteger p = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("P")[0].InnerText)); BigInteger q = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Q")[0].InnerText)); BigInteger dp = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("DP")[0].InnerText)); BigInteger dq = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("DQ")[0].InnerText)); BigInteger qinv = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("InverseQ")[0].InnerText)); RsaPrivateCrtKeyParameters privateKeyParam = new RsaPrivateCrtKeyParameters(m, exp, d, p, q, dp, dq, qinv); PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateKeyParam); byte[] serializedPrivateBytes = privateKeyInfo.ToAsn1Object().GetEncoded(); return Convert.ToBase64String(serializedPrivateBytes); } /// <summary> /// RSA公钥格式转换,java->.net /// </summary> /// <param name="publicKey">java生成的公钥</param> /// <returns></returns> public static string RSAPublicKeyJava2DotNet(string publicKey) { RsaKeyParameters publicKeyParam = (RsaKeyParameters)PublicKeyFactory.CreateKey(Convert.FromBase64String(publicKey)); return string.Format("<RSAKeyValue><Modulus>{0}</Modulus><Exponent>{1}</Exponent></RSAKeyValue>", Convert.ToBase64String(publicKeyParam.Modulus.ToByteArrayUnsigned()), Convert.ToBase64String(publicKeyParam.Exponent.ToByteArrayUnsigned())); } /// <summary> /// RSA公钥格式转换,.net->java /// </summary> /// <param name="publicKey">.net生成的公钥</param> /// <returns></returns> public static string RSAPublicKeyDotNet2Java(string publicKey) { XmlDocument doc = new XmlDocument(); doc.LoadXml(publicKey); BigInteger m = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Modulus")[0].InnerText)); BigInteger p = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Exponent")[0].InnerText)); RsaKeyParameters pub = new RsaKeyParameters(false, m, p); SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pub); byte[] serializedPublicBytes = publicKeyInfo.ToAsn1Object().GetDerEncoded(); return Convert.ToBase64String(serializedPublicBytes); } /// <summary> /// rsa加密 /// </summary> /// <param name="xmlPublicKey"></param> /// <param name="m_strEncryptString"></param> /// <returns></returns> public static string RSAEncrypt(string xmlPublicKey, string m_strEncryptString) { try { byte[] PlainTextBArray; byte[] CypherTextBArray; string Result; System.Security.Cryptography.RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); rsa.FromXmlString(xmlPublicKey); PlainTextBArray = (new UTF8Encoding()).GetBytes(m_strEncryptString); CypherTextBArray = rsa.Encrypt(PlainTextBArray, false); Result = Convert.ToBase64String(CypherTextBArray); return Result; } catch (Exception ex) { throw ex; } } } }
Program.cs
using System.Security.Cryptography.X509Certificates; using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Threading.Tasks; using System.Security.Cryptography; using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto.Generators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Pkcs; using Org.BouncyCastle.Security; using Org.BouncyCastle.Crypto.Engines; using Org.BouncyCastle.X509; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Crypto.Encodings; namespace Program { public class Program { private static Encoding Encoding_UTF8 = Encoding.UTF8; public struct RSAKEY { public string PublicKey { get; set; } public string PrivateKey { get; set; } } //// 测试主方法 static void Main(string[] args) { Program p =new Program(); RSAKEY rsa = p.GetKey(); string publickey = rsa.PublicKey; string privateKey = rsa.PrivateKey; string s = p.EncryptByPublicKey("2882e099-c705-43ed-93a3-02cb2cd67559","MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGlTbBJzXF1fVv/+cB37QUwC5bmlm+p5KIuPIMuPX4PrhXl63R3e2bCfwhootzUdOcmmFAX6f9fWBj1Bc4lQem+FvFvE3Y53tNvGUdlNakysfXAVF8Q1PnPyGrVqiEsTHt3WMq/8vD29XJQMQ1FRvHZfY60ptypvNvvzES9JxC66RYskPHmTnerIRFzmXAJ0GUavpT3smg+K+vM5aSgfYbnuoANJTb4RMh358GTkTt4dAXRn0qpbhO+7+xbxmfOzHH9jlJ66JQr7q+W2PawNXnE4xsdwQ/1D0hT78zniTTaFyvfxBOQzx/6o1MNTZAWyhuSw7niJXUNGySJRS87OJQIDAQAB"); Console.WriteLine(s); } public RSAKEY GetKey() { //RSA密钥对的构造器 RsaKeyPairGenerator keyGenerator = new RsaKeyPairGenerator(); //RSA密钥构造器的参数 RsaKeyGenerationParameters param = new RsaKeyGenerationParameters( Org.BouncyCastle.Math.BigInteger.ValueOf(3), new Org.BouncyCastle.Security.SecureRandom(), 1024, //密钥长度 25); //用参数初始化密钥构造器 keyGenerator.Init(param); //产生密钥对 AsymmetricCipherKeyPair keyPair = keyGenerator.GenerateKeyPair(); //获取公钥和密钥 AsymmetricKeyParameter publicKey = keyPair.Public; AsymmetricKeyParameter privateKey = keyPair.Private; SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey); PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateKey); Asn1Object asn1ObjectPublic = subjectPublicKeyInfo.ToAsn1Object(); byte[] publicInfoByte = asn1ObjectPublic.GetEncoded("UTF-8"); Asn1Object asn1ObjectPrivate = privateKeyInfo.ToAsn1Object(); byte[] privateInfoByte = asn1ObjectPrivate.GetEncoded("UTF-8"); RSAKEY item = new RSAKEY() { PublicKey = Convert.ToBase64String(publicInfoByte), PrivateKey = Convert.ToBase64String(privateInfoByte) }; return item; } private AsymmetricKeyParameter GetPublicKeyParameter(string keyBase64) { keyBase64 = keyBase64.Replace("\r", "").Replace("\n", "").Replace(" ", ""); byte[] publicInfoByte = Convert.FromBase64String(keyBase64); Asn1Object pubKeyObj = Asn1Object.FromByteArray(publicInfoByte);//这里也可以从流中读取,从本地导入 AsymmetricKeyParameter pubKey = PublicKeyFactory.CreateKey(publicInfoByte); return pubKey; } private AsymmetricKeyParameter GetPrivateKeyParameter(string keyBase64) { keyBase64 = keyBase64.Replace("\r", "").Replace("\n", "").Replace(" ", ""); byte[] privateInfoByte = Convert.FromBase64String(keyBase64); // Asn1Object priKeyObj = Asn1Object.FromByteArray(privateInfoByte);//这里也可以从流中读取,从本地导入 // PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateKey); AsymmetricKeyParameter priKey = PrivateKeyFactory.CreateKey(privateInfoByte); return priKey; } /// <summary> /// 私钥加密 /// </summary> /// <param name="data">加密内容</param> /// <param name="privateKey">私钥(Base64后的)</param> /// <returns>返回Base64内容</returns> public string EncryptByPrivateKey(string data, string privateKey) { //非对称加密算法,加解密用 IAsymmetricBlockCipher engine = new Pkcs1Encoding(new RsaEngine()); //加密 try { engine.Init(true, GetPrivateKeyParameter(privateKey)); byte[] byteData = Encoding_UTF8.GetBytes(data); var ResultData = engine.ProcessBlock(byteData, 0, byteData.Length); return Convert.ToBase64String(ResultData); } catch (Exception ex) { throw ex; } } /// <summary> /// 私钥解密 /// </summary> /// <param name="data">待解密的内容</param> /// <param name="privateKey">私钥(Base64编码后的)</param> /// <returns>返回明文</returns> public string DecryptByPrivateKey(string data, string privateKey) { data = data.Replace("\r", "").Replace("\n", "").Replace(" ", ""); //非对称加密算法,加解密用 IAsymmetricBlockCipher engine = new Pkcs1Encoding(new RsaEngine()); //解密 try { engine.Init(false, GetPrivateKeyParameter(privateKey)); byte[] byteData = Convert.FromBase64String(data); var ResultData = engine.ProcessBlock(byteData, 0, byteData.Length); return Encoding_UTF8.GetString(ResultData); } catch (Exception ex) { throw ex; } } /// <summary> /// 公钥加密 /// </summary> /// <param name="data">加密内容</param> /// <param name="publicKey">公钥(Base64编码后的)</param> /// <returns>返回Base64内容</returns> public string EncryptByPublicKey(string data, string publicKey) { //非对称加密算法,加解密用 IAsymmetricBlockCipher engine = new Pkcs1Encoding(new RsaEngine()); //加密 try { engine.Init(true, GetPublicKeyParameter(publicKey)); byte[] byteData = Encoding_UTF8.GetBytes(data); var ResultData = engine.ProcessBlock(byteData, 0, byteData.Length); return Convert.ToBase64String(ResultData); } catch (Exception ex) { throw ex; } } /// <summary> /// 公钥解密 /// </summary> /// <param name="data">待解密的内容</param> /// <param name="publicKey">公钥(Base64编码后的)</param> /// <returns>返回明文</returns> public string DecryptByPublicKey(string data, string publicKey) { data = data.Replace("\r", "").Replace("\n", "").Replace(" ", ""); //非对称加密算法,加解密用 IAsymmetricBlockCipher engine = new Pkcs1Encoding(new RsaEngine()); //解密 try { engine.Init(false, GetPublicKeyParameter(publicKey)); byte[] byteData = Convert.FromBase64String(data); var ResultData = engine.ProcessBlock(byteData, 0, byteData.Length); return Encoding_UTF8.GetString(ResultData); } catch (Exception ex) { throw ex; } } } }
本文作者:地球上的张先生
本文链接:https://www.cnblogs.com/MrZhangonEarth/p/18590682
版权声明:本作品采用知识共享署名-非商业性使用-禁止演绎 2.5 中国大陆许可协议进行许可。
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】凌霞软件回馈社区,博客园 & 1Panel & Halo 联合会员上线
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】博客园社区专享云产品让利特惠,阿里云新客6.5折上折
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 微软正式发布.NET 10 Preview 1:开启下一代开发框架新篇章
· C# 集成 DeepSeek 模型实现 AI 私有化(本地部署与 API 调用教程)
· DeepSeek R1 简明指南:架构、训练、本地部署及硬件要求
· NetPad:一个.NET开源、跨平台的C#编辑器
· 面试官:你是如何进行SQL调优的?