使用证书来做RSA非对称式加密

本示例中使用了WSE(Web Service Enhancement)中对证书相关操作的功能,本文中所使用的WSE版本为2.0TP。基于.net framework 1.1

using System;
using System.Security.Cryptography;
using X509=Microsoft.Web.Services.Security.X509;

namespace Util
{
    /**//// <summary>
    /// EncryptionWithRSA 的摘要说明。
    /// </summary>
    public class EncryptionWithRSA
    {
        /**//// <summary>
        /// CertificateName的内部变量
        /// </summary>
        private string _CertificateName="";

        /**//// <summary>
        /// 构造函数
        /// </summary>
        public EncryptionWithRSA()
        {
        }

        /**//// <summary>
        /// 构造函数
        /// </summary>
        /// <param name="CertificateName">证书名称</param>
        public EncryptionWithRSA(string CertificateName)
        {
            this._CertificateName=CertificateName;
        }

        /**//// <summary>
        /// 证书名称
        /// </summary>
        public string CertificateName
        {
            get
            {
                return _CertificateName;
            }
            set
            {
                _CertificateName=value;
            }
        }

        /**//// <summary>
        /// 使用WSE的功能来查找证书
        /// </summary>
        /// <returns>X509Certificate</returns>
        private X509.X509Certificate GetCertificate(X509.X509CertificateStore store)
        {

            X509.X509CertificateStore store;
            X509.X509CertificateCollection certs;
            X509.X509Certificate cert;
            store=X509.X509CertificateStore.CurrentUserStore(store.MyStore);
            if(!store.Open())
                throw new System.Exception("CertificateStore can't open!");
            certs=store.FindCertificateBySubjectString(this._CertificateName);
            if(certs.Count==0)
                throw new System.Exception("Can not find certificate");
            cert=certs[0];
            return cert;

        }


        /**//// <summary>
        /// 获取证书的密钥信息以XML的形式返回
        /// </summary>
        /// <param name="cert">Certificate证书</param>
        /// <param name="PrivateKey">是否获取私钥信息</param>
        /// <returns>密钥信息</returns>
        private string GetRSAParameters(X509.X509Certificate cert,bool PrivateKey)
        {
            AsymmetricAlgorithm _key;
            string xml="";
            if(!PrivateKey)
            {
                _key=cert.PublicKey;
                xml=_key.ToXmlString(false);
            }
            else
            {
                _key=cert.Key;
                xml=_key.ToXmlString(true);
            }
            return xml;
        }



        /**//// <summary>
        /// 加密数据
        /// </summary>
        /// <param name="data">待加密的数据</param>
        /// <returns>加密后的数据</returns>
        public string EncryptionData(byte[] data)
        {
            X509.X509Certificate cert;
            byte[] output;
            string msg;
            cert=GetCertificate(X509.X509CertificateStore.CAStore);
            string xml=this.GetRSAParameters(cert,false);
            RSACryptoServiceProvider rsa=new RSACryptoServiceProvider(1024);
            rsa.FromXmlString(xml);
            output=rsa.Encrypt(data,false);
            msg=Convert.ToBase64String(output);
            return msg;
        }

        /**//// <summary>
        /// 解密数据
        /// </summary>
        /// <param name="EncodeData">待解密的数据</param>
        /// <returns>解密后的数据</returns>
        public byte[] DecryptionData(string EncodeData)
        {
            X509.X509Certificate cert;
            byte[] output,btencode;
            cert=GetCertificate(X509.X509CertificateStore.MyStore);
            string xml=this.GetRSAParameters(cert,true);
            btencode=Convert.FromBase64String(EncodeData);
            RSACryptoServiceProvider rsa=new RSACryptoServiceProvider(1024);
            rsa.FromXmlString(xml);
            output=rsa.Decrypt(btencode,false);
            return output;
        }


        
    }
}