C# Rsa加密(私钥加密、公钥解密、密钥格式转换、支持超大长度分段加密)

 

    此为工具类,这个和java版本的加密对比过了,结果是一样的,代码赋值黏贴直接用,不多比比,直接上代码(需要在nuget上寻找"Portable.BouncyCastle"包安装):

  (java端有个和c#端不一样的地方,base64编码有好几套,有时候对不上大概率是base64那边的问题)

 

    

using Org.BouncyCastle.Asn1.Pkcs;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Pkcs;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.X509;
using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;
using System.Xml;

public class RSAUtil
{
    /// <summary>
    /// 生成公钥与私钥方法
    /// </summary>
    /// <returns></returns>
    public static string[] CreateKey(KeyType keyType, KeySize keySize)
    {
        try
        {
            string[] sKeys = new string[2];
            RSACryptoServiceProvider rsa = new RSACryptoServiceProvider((int)keySize);
            switch (keyType)
            {
                case KeyType.XML:
                    {
                        //私钥
                        sKeys[0] = rsa.ToXmlString(true);
                        //公钥
                        sKeys[1] = rsa.ToXmlString(false);
                    }
                    break;
                case KeyType.PKS8:
                    {
                        sKeys[0] = rsa.ToXmlString(true);
                        //公钥
                        sKeys[1] = rsa.ToXmlString(false);

                        //JAVA私钥
                        sKeys[0] = RSAPrivateKeyDotNet2Java(sKeys[0]);
                        //JAVA公钥
                        sKeys[1] = RSAPublicKeyDotNet2Java(sKeys[1]);
                    }
                    break;
                default:
                    break;
            }
            return sKeys;
        }
        catch (Exception ex)
        {
            return null;
        }
    }

    /// <summary>
    /// 密钥类型
    /// </summary>
    public enum KeyType
    {
        /// <summary>
        /// xml类型
        /// </summary>
        XML,

        /// <summary>
        /// pks8类型
        /// </summary>
        PKS8
    }

    /// <summary>
    /// 密钥尺寸(一般都是1024位的)
    /// </summary>
    public enum KeySize
    { 
        SMALL = 1024,
        BIG = 2048
    }


    /// <summary>
    /// RSA私钥格式转换,.net->java
    /// </summary>
    /// <param name="privateKey">.net生成的私钥</param>
    /// <returns></returns>
    public static string RSAPrivateKeyDotNet2Java(string privateKey)
    {
        XmlDocument doc = new XmlDocument();
        doc.LoadXml(privateKey);
        BigInteger m = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Modulus")[0].InnerText));
        BigInteger exp = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Exponent")[0].InnerText));
        BigInteger d = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("D")[0].InnerText));
        BigInteger p = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("P")[0].InnerText));
        BigInteger q = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Q")[0].InnerText));
        BigInteger dp = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("DP")[0].InnerText));
        BigInteger dq = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("DQ")[0].InnerText));
        BigInteger qinv = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("InverseQ")[0].InnerText));

        RsaPrivateCrtKeyParameters privateKeyParam = new RsaPrivateCrtKeyParameters(m, exp, d, p, q, dp, dq, qinv);

        PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateKeyParam);
        byte[] serializedPrivateBytes = privateKeyInfo.ToAsn1Object().GetEncoded();
        return Convert.ToBase64String(serializedPrivateBytes);

    }

    /// <summary>
    /// RSA公钥格式转换,.net->java
    /// </summary>
    /// <param name="publicKey">.net生成的公钥</param>
    /// <returns></returns>
    public static string RSAPublicKeyDotNet2Java(string publicKey)
    {
        XmlDocument doc = new XmlDocument();
        doc.LoadXml(publicKey);
        BigInteger m = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Modulus")[0].InnerText));
        BigInteger p = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Exponent")[0].InnerText));
        RsaKeyParameters pub = new RsaKeyParameters(false, m, p);

        SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pub);
        byte[] serializedPublicBytes = publicKeyInfo.ToAsn1Object().GetDerEncoded();
        return Convert.ToBase64String(serializedPublicBytes);
    }


    /// <summary>
    /// RSA私钥格式转换,java->.net
    /// </summary>
    /// <param name="privateKey">java生成的RSA私钥</param>
    /// <returns></returns>
    public static string RSAPrivateKeyJavaToDotNet(string privateKey)
    {
        RsaPrivateCrtKeyParameters privateKeyParam = (RsaPrivateCrtKeyParameters)PrivateKeyFactory.CreateKey(Convert.FromBase64String(privateKey));

        return string.Format("<RSAKeyValue><Modulus>{0}</Modulus><Exponent>{1}</Exponent><P>{2}</P><Q>{3}</Q><DP>{4}</DP><DQ>{5}</DQ><InverseQ>{6}</InverseQ><D>{7}</D></RSAKeyValue>",
            Convert.ToBase64String(privateKeyParam.Modulus.ToByteArrayUnsigned()),
            Convert.ToBase64String(privateKeyParam.PublicExponent.ToByteArrayUnsigned()),
            Convert.ToBase64String(privateKeyParam.P.ToByteArrayUnsigned()),
            Convert.ToBase64String(privateKeyParam.Q.ToByteArrayUnsigned()),
            Convert.ToBase64String(privateKeyParam.DP.ToByteArrayUnsigned()),
            Convert.ToBase64String(privateKeyParam.DQ.ToByteArrayUnsigned()),
            Convert.ToBase64String(privateKeyParam.QInv.ToByteArrayUnsigned()),
            Convert.ToBase64String(privateKeyParam.Exponent.ToByteArrayUnsigned()));

    }

    /// <summary>
    /// RSA公钥格式转换,java->.net
    /// </summary>
    /// <param name="publicKey">java生成的公钥</param>
    /// <returns></returns>
    public static string RSAPublicKeyJavaToDotNet(string publicKey)
    {
        RsaKeyParameters publicKeyParam = (RsaKeyParameters)PublicKeyFactory.CreateKey(Convert.FromBase64String(publicKey));
        return string.Format("<RSAKeyValue><Modulus>{0}</Modulus><Exponent>{1}</Exponent></RSAKeyValue>",
            Convert.ToBase64String(publicKeyParam.Modulus.ToByteArrayUnsigned()),
            Convert.ToBase64String(publicKeyParam.Exponent.ToByteArrayUnsigned()));
    }


    /// <summary>
    /// 最大加密长度
    /// </summary>
    private const int MAX_ENCRYPT_BLOCK = 245;

    /// <summary>
    /// 最大解密长度
    /// </summary>
    private const int MAX_DECRYPT_BLOCK = 256;


    /// <summary>
    /// 用私钥给数据进行RSA加密
    /// </summary>
    /// <param name="xmlPrivateKey"></param>
    /// <param name="strEncryptString"></param>
    /// <returns></returns>
    public static string PrivateKeyEncrypt(string xmlPrivateKey, string strEncryptString)
    {
        //加载私钥
        RSACryptoServiceProvider privateRsa = new RSACryptoServiceProvider();
        privateRsa.FromXmlString(xmlPrivateKey);

        //转换密钥
        AsymmetricCipherKeyPair keyPair = DotNetUtilities.GetKeyPair(privateRsa);
        IBufferedCipher c = CipherUtilities.GetCipher("RSA/ECB/PKCS1Padding"); //使用RSA/ECB/PKCS1Padding格式

        c.Init(true, keyPair.Private);//第一个参数为true表示加密,为false表示解密;第二个参数表示密钥
        byte[] dataToEncrypt = Encoding.UTF8.GetBytes(strEncryptString);//获取字节

        byte[] cache;
        int time = 0;//次数
        int inputLen = dataToEncrypt.Length;
        int offSet = 0;

        MemoryStream outStream = new MemoryStream();
        while (inputLen - offSet > 0)
        {
            if (inputLen - offSet > MAX_ENCRYPT_BLOCK)
            {
                cache = c.DoFinal(dataToEncrypt, offSet, MAX_ENCRYPT_BLOCK);
            }
            else
            {
                cache = c.DoFinal(dataToEncrypt, offSet, inputLen - offSet);
            }
            //写入
            outStream.Write(cache, 0, cache.Length);

            time++;
            offSet = time * MAX_ENCRYPT_BLOCK;
        }

        byte[] resData = outStream.ToArray();

        string strBase64 = Convert.ToBase64String(resData);
        outStream.Close();
        return strBase64;
    }

    /// <summary>
    /// 用公钥给数据进行RSA解密 
    /// </summary>
    /// <param name="xmlPublicKey"> 公钥(XML格式字符串) </param>
    /// <param name="strDecryptString"> 要解密数据 </param>
    /// <returns> 解密后的数据 </returns>
    public static string PublicKeyDecrypt(string xmlPublicKey, string strDecryptString)
    {
        //加载公钥
        RSACryptoServiceProvider publicRsa = new RSACryptoServiceProvider();
        publicRsa.FromXmlString(xmlPublicKey);
        RSAParameters rp = publicRsa.ExportParameters(false);

        //转换密钥
        AsymmetricKeyParameter pbk = DotNetUtilities.GetRsaPublicKey(rp);

        IBufferedCipher c = CipherUtilities.GetCipher("RSA/ECB/PKCS1Padding");
        //第一个参数为true表示加密,为false表示解密;第二个参数表示密钥
        c.Init(false, pbk);

        byte[] DataToDecrypt = Convert.FromBase64String(strDecryptString);

        byte[] cache;
        int time = 0;//次数
        int inputLen = DataToDecrypt.Length;
        int offSet = 0;
        MemoryStream outStream = new MemoryStream();
        while (inputLen - offSet > 0)
        {
            if (inputLen - offSet > MAX_DECRYPT_BLOCK)
            {
                cache = c.DoFinal(DataToDecrypt, offSet, MAX_DECRYPT_BLOCK);
            }
            else
            {
                cache = c.DoFinal(DataToDecrypt, offSet, inputLen - offSet);
            }
            //写入
            outStream.Write(cache, 0, cache.Length);

            time++;
            offSet = time * MAX_DECRYPT_BLOCK;
        }
        byte[] resData = outStream.ToArray();

        string strDec = Encoding.UTF8.GetString(resData);
        return strDec;
    }

    /// <summary>
    /// 签名
    /// </summary>
    /// <param name="str">需签名的数据</param>
    /// <returns>签名后的值</returns>
    public static string Sign(string str, string privateKey, SignAlgType signAlgType)
    {
        //根据需要加签时的哈希算法转化成对应的hash字符节
        byte[] bt = Encoding.GetEncoding("utf-8").GetBytes(str);
        byte[] rgbHash = null;
        switch (signAlgType)
        {
            case SignAlgType.SHA256:
                {
                    SHA256CryptoServiceProvider csp = new SHA256CryptoServiceProvider();
                    rgbHash = csp.ComputeHash(bt);
                }
                break;
            case SignAlgType.MD5:
                {
                    MD5CryptoServiceProvider csp = new MD5CryptoServiceProvider();
                    rgbHash = csp.ComputeHash(bt);
                }
                break;
            case SignAlgType.SHA1:
                {
                    SHA1 csp = new SHA1CryptoServiceProvider();
                    rgbHash = csp.ComputeHash(bt);
                }
                break;
            default:
                break;
        }
        RSACryptoServiceProvider key = new RSACryptoServiceProvider();
        key.FromXmlString(privateKey);
        RSAPKCS1SignatureFormatter formatter = new RSAPKCS1SignatureFormatter(key);
        formatter.SetHashAlgorithm(signAlgType.ToString());//此处是你需要加签的hash算法,需要和上边你计算的hash值的算法一致,不然会报错。
        byte[] inArray = formatter.CreateSignature(rgbHash);
        return Convert.ToBase64String(inArray);
    }

    /// <summary>
    /// 签名验证
    /// </summary>
    /// <param name="str">待验证的字符串</param>
    /// <param name="sign">加签之后的字符串</param>
    /// <returns>签名是否符合</returns>
    public static bool Verify(string str, string sign, string publicKey, SignAlgType signAlgType)
    {

        byte[] bt = Encoding.GetEncoding("utf-8").GetBytes(str);
        byte[] rgbHash = null;
        switch (signAlgType)
        {
            case SignAlgType.SHA256:
                {
                    SHA256CryptoServiceProvider csp = new SHA256CryptoServiceProvider();
                    rgbHash = csp.ComputeHash(bt);
                }
                break;
            case SignAlgType.MD5:
                {
                    MD5CryptoServiceProvider csp = new MD5CryptoServiceProvider();
                    rgbHash = csp.ComputeHash(bt);
                }
                break;
            case SignAlgType.SHA1:
                {
                    SHA1 csp = new SHA1CryptoServiceProvider();
                    rgbHash = csp.ComputeHash(bt);
                }
                break;
            default:
                break;
        }
        RSACryptoServiceProvider key = new RSACryptoServiceProvider();
        key.FromXmlString(publicKey);
        RSAPKCS1SignatureDeformatter deformatter = new RSAPKCS1SignatureDeformatter(key);
        deformatter.SetHashAlgorithm(signAlgType.ToString());
        byte[] rgbSignature = Convert.FromBase64String(sign);
        if (deformatter.VerifySignature(rgbHash, rgbSignature))
            return true;
        return false;
    }

    /// <summary>
    /// 签名算法类型
    /// </summary>
    public enum SignAlgType
    {
        /// <summary>
        /// sha256
        /// </summary>
        SHA256,

        /// <summary>
        /// md5
        /// </summary>
        MD5,

        /// <summary>
        /// sha1
        /// </summary>
        SHA1
    }
}

 

posted @ 2024-08-16 11:49  程序员徐坤  阅读(417)  评论(3编辑  收藏  举报