這幾天做了個接口對接的需求,其中涉及到數據需要RSA加密的。以下是本人結合網上資料,整合出來的代碼。
PS:需要添加System.Extended(System.Extended -Version 3.4.16.616) 的引用。
//私鑰加密-分段加密
public static string PrivateKeyEncrypt(string PrivateKey, string strEncryptString)
{
//加載私鑰
RSACryptoServiceProvider privateRsa = new RSACryptoServiceProvider();
//privateRsa.FromPKCS1PrivateKey(Convert.FromBase64String(PrivateKey));
privateRsa.FromPKCS8PrivateKey(Convert.FromBase64String(PrivateKey));
//轉換密鑰
AsymmetricCipherKeyPair keyPair = DotNetUtilities.GetKeyPair(privateRsa);
IBufferedCipher c = CipherUtilities.GetCipher("RSA/ECB/PKCS1Padding"); //使用RSA/ECB/PKCS1Padding格式
//第一個參數爲true表示加密,爲false表示解密;第二個參數表示密鑰c.Init(true, keyPair.Private);
byte[] dataToEncrypt = Encoding.UTF8.GetBytes(strEncryptString);
#region 分段加密
int bufferSize = (privateRsa.KeySize / 8) - 11;
byte[] buffer = new byte[bufferSize];
byte[] outBytes = null;
//分段加密
using (MemoryStream input = new MemoryStream(dataToEncrypt))
using (MemoryStream ouput = new MemoryStream())
{
while (true)
{
int readLine = input.Read(buffer, 0, bufferSize);
if (readLine <= 0)
{
break;
}
byte[] temp = new byte[readLine];
Array.Copy(buffer, 0, temp, 0, readLine);
byte[] encrypt = c.DoFinal(temp);
ouput.Write(encrypt, 0, encrypt.Length);
}
outBytes = ouput.ToArray();
}
#endregion
//byte[] outBytes = c.DoFinal(DataToEncrypt);//加密
string strBase64 = Convert.ToBase64String(outBytes);return strBase64;
}
//公鑰解密-分段加密
public static string PublicKeyDecrypt(string PublicKey, string strDecryptString)
{
//加載公鑰
RSACryptoServiceProvider publicRsa = new RSACryptoServiceProvider();
publicRsa.FromX509PublicKey(Convert.FromBase64String(PublicKey));
RSAParameters rp = publicRsa.ExportParameters(false);//轉換密鑰
AsymmetricKeyParameter pbk = DotNetUtilities.GetRsaPublicKey(rp);IBufferedCipher c = CipherUtilities.GetCipher("RSA/ECB/PKCS1Padding");
//第一個參數爲true表示加密,爲false表示解密;第二個參數表示密鑰
c.Init(false, pbk);
byte[] outBytes = null;
byte[] dataToDecrypt = Convert.FromBase64String(strDecryptString);
#region 分段解密
int keySize = publicRsa.KeySize / 8;
byte[] buffer = new byte[keySize];using (MemoryStream input = new MemoryStream(dataToDecrypt))
using (MemoryStream output = new MemoryStream())
{
while (true)
{
int readLine = input.Read(buffer, 0, keySize);
if (readLine <= 0)
{
break;
}
byte[] temp = new byte[readLine];
Array.Copy(buffer, 0, temp, 0, readLine);
byte[] decrypt = c.DoFinal(temp);
output.Write(decrypt, 0, decrypt.Length);
}
outBytes = output.ToArray();
}
#endregion
//byte[] outBytes = c.DoFinal(DataToDecrypt);//解密string strDec = Encoding.UTF8.GetString(outBytes);
return strDec;
}
//公鑰加密-分段加密
public string EncrytByPublic(string publicKey, string strEncryptString)
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.FromX509PublicKey(Convert.FromBase64String(publicKey));
byte[] originalData = Encoding.UTF8.GetBytes(strEncryptString);
if (originalData == null || originalData.Length <= 0)
{
throw new NotSupportedException();
}
if (rsa == null)
{
throw new ArgumentNullException();
}
byte[] encryContent = null;
#region 分段加密
int bufferSize = (rsa.KeySize / 8) - 11;
byte[] buffer = new byte[bufferSize];
//分段加密
using (MemoryStream input = new MemoryStream(originalData))
using (MemoryStream ouput = new MemoryStream())
{
while (true)
{
int readLine = input.Read(buffer, 0, bufferSize);
if (readLine <= 0)
{
break;
}
byte[] temp = new byte[readLine];
Array.Copy(buffer, 0, temp, 0, readLine);
byte[] encrypt = rsa.Encrypt(temp, false);
ouput.Write(encrypt, 0, encrypt.Length);
}
encryContent = ouput.ToArray();
}
#endregion
return Convert.ToBase64String(encryContent);
}
//私鑰解密-分段解密
public string DecryptByPrivate(string privateKey, string strDecryptString)
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
//rsa.FromPKCS1PrivateKey(Convert.FromBase64String(privateKey));
rsa.FromPKCS8PrivateKey(Convert.FromBase64String(privateKey));
byte[] encryptData = Convert.FromBase64String(strDecryptString);
//byte[] dencryContent = rsa.Decrypt(encryptData, false);
byte[] dencryContent = null;
#region 分段解密
if (encryptData == null || encryptData.Length <= 0)
{
throw new NotSupportedException();
}int keySize = rsa.KeySize / 8;
byte[] buffer = new byte[keySize];using (MemoryStream input = new MemoryStream(encryptData))
using (MemoryStream output = new MemoryStream())
{
while (true)
{
int readLine = input.Read(buffer, 0, keySize);
if (readLine <= 0)
{
break;
}
byte[] temp = new byte[readLine];
Array.Copy(buffer, 0, temp, 0, readLine);
byte[] decrypt = rsa.Decrypt(temp, false);
output.Write(decrypt, 0, decrypt.Length);
}
dencryContent = output.ToArray();
}
#endregion
return Encoding.UTF8.GetString(dencryContent);
}
使用openssl生成證書
openssl下載地址:http://www.onlinedown.net/soft/85287.htm
如何使用openssl生成證書及簽名
https://www.jianshu.com/p/7d940d7a07d9
重要參考來源:https://blog.csdn.net/lengyue2015/article/details/86582177
//私鑰加密-分段加密,公鑰解密-分段加密--測試
string initial3 = jsonStr;//需要加密的字符串
string EncryptStr3 = PrivateKeyEncrypt(PriKey1, initial3);//PriKey1--私鑰
string DecryptStr3 = PublicKeyDecrypt(PubKey1, EncryptStr3);//PubKey1--公鑰
return Content(DecryptStr3);//公鑰加密-分段加密,私鑰解密-分段解密
string initial4 = jsonStr;//需要加密的字符串
string EncryptStr4 = EncrytByPublic(PubKey1, initial4);//PubKey1--公鑰
string DecryptStr4 = DecryptByPrivate(PriKey1, EncryptStr4);//PriKey1--私鑰return Content(DecryptStr3);