RSA加密解密及RSA签名和验证及证书
- 公钥是给别人的
- 发送密文使用公钥加密
- 验证签名使用公钥验证
- 私钥是自己保留的
- 接受密文使用私钥解密
- 发送签名使用私钥签名
- 上述过程逆转是不行的,比如使用私钥加密,使用公钥解密是不行的
- 证书的制作参考自使用X.509数字证书加密解密实务(一)-- 证书的获得和管理
- 打开VS开发命令,输入下面的命令:
-
makecert -sr CurrentUser -ss My -n CN=MyTestCert -sky exchange -pe
- 从证书中读取私钥和公钥:
![](https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif)
/// <summary> /// 根据私钥证书得到证书实体,得到实体后可以根据其公钥和私钥进行加解密 /// 加解密函数使用DEncrypt的RSACryption类 /// </summary> /// <param name="pfxFileName"></param> /// <param name="password"></param> /// <returns></returns> public static X509Certificate2 GetCertificateFromPfxFile(string pfxFileName, string password) { try { return new X509Certificate2(pfxFileName, password, X509KeyStorageFlags.Exportable); } catch (Exception e) { return null; } }
![](https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif)
var cer= RSACryption.GetCertificateFromPfxFile(@"D:my.pfx", "123456"); tbPrivateKey.Text = cer.PrivateKey.ToXmlString(true); tbPublicKey.Text = cer.PublicKey.Key.ToXmlString(false);
完整测试代码:
WPF前端:
![](https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif)
<Window x:Class="Security.MainWindow" xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:d="http://schemas.microsoft.com/expression/blend/2008" xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:local="clr-namespace:Security" mc:Ignorable="d" Title="MainWindow" Height="700" Width="1200"> <Grid> <Grid.RowDefinitions> <RowDefinition Height="auto"></RowDefinition> <RowDefinition Height="auto"></RowDefinition> <RowDefinition Height="auto"></RowDefinition> <RowDefinition Height="auto"></RowDefinition> <RowDefinition Height="auto"></RowDefinition> <RowDefinition Height="auto"></RowDefinition> <RowDefinition Height="auto"></RowDefinition> <RowDefinition Height="auto"></RowDefinition> <RowDefinition Height="auto"></RowDefinition> </Grid.RowDefinitions> <StackPanel Margin="3" Orientation="Horizontal" HorizontalAlignment="Left"> <Button Margin="3" Name="GenerateKeys" Click="GenerateKeys_Click">生成Key</Button> <Button Margin="3" Name="Encrypt" Click="Encrypt_Click">公钥加密</Button> <Button Margin="3" Name="Decrypt" Click="Decrypt_Click">私钥解密</Button> <Button Margin="3" Name="GetHash" Click="GetHash_Click">获取Hash</Button> <Button Margin="3" Name="Sign" Click="Sign_Click">私钥签名</Button> <Button Margin="3" Name="ValidateSign" Click="ValidateSign_Click">签名验证</Button> <Button Margin="3" Name="InputPfx" Click="InputPfx_Click">导入证书</Button> <Button Margin="3" Name="EcryptByPrivateKey" Click="EcryptByPrivateKey_Click">私钥加密</Button> <Button Margin="3" Name="DcryptByPrivateKey" Click="DcryptByPrivateKey_Click">公钥解密</Button> </StackPanel> <StackPanel Grid.Row="1" Margin="3"> <TextBlock Margin="3">公钥:</TextBlock> <TextBox Name="tbPublicKey" TextWrapping="Wrap" MinLines="2" Margin="3"></TextBox> </StackPanel> <StackPanel Grid.Row="2" Margin="3"> <TextBlock Margin="3">私钥:</TextBlock> <TextBox Name="tbPrivateKey" TextWrapping="Wrap" MinLines="5" Margin="3"></TextBox> </StackPanel> <StackPanel Grid.Row="3" Margin="3"> <TextBlock Margin="3">待加密内容:</TextBlock> <TextBox Name="tbContent" TextWrapping="Wrap" MinLines="3" Margin="3">i am cypher</TextBox> </StackPanel> <StackPanel Grid.Row="4" Margin="3"> <TextBlock Margin="3">公钥加密后内容:</TextBlock> <TextBox Name="tbEncryptContent" TextWrapping="Wrap" MinLines="2" Margin="3"></TextBox> </StackPanel> <StackPanel Grid.Row="5" Margin="3"> <TextBlock Margin="3">私钥解密后内容:</TextBlock> <TextBox Name="tbDecryptContent" TextWrapping="Wrap" Margin="3"></TextBox> </StackPanel> <StackPanel Grid.Row="6" Margin="3"> <TextBlock Margin="3">Hash:</TextBlock> <TextBox Name="tbHash" Margin="3"></TextBox> </StackPanel> <StackPanel Grid.Row="7" Margin="3"> <TextBlock Margin="3">私钥签名后内容:</TextBlock> <TextBox Name="tbSign" TextWrapping="Wrap" MinLines="2" Margin="3"></TextBox> </StackPanel> <StackPanel Grid.Row="8" Margin="3"> <TextBlock Margin="3">公钥签名验证:</TextBlock> <TextBox Name="tbValidateSign" TextWrapping="Wrap" Margin="3"></TextBox> </StackPanel> </Grid> </Window>
后端:
![](https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif)
public partial class MainWindow : Window { public MainWindow() { InitializeComponent(); } private void GenerateKeys_Click(object sender, RoutedEventArgs e) { string privateKey = ""; string publicKey = ""; RSACryption.GenerateKey(out privateKey, out publicKey); tbPrivateKey.Text = privateKey; tbPublicKey.Text = publicKey; } private void Encrypt_Click(object sender, RoutedEventArgs e) { tbEncryptContent.Text = RSACryption.RSAEncrypt(tbPublicKey.Text, tbContent.Text); } private void Decrypt_Click(object sender, RoutedEventArgs e) { tbDecryptContent.Text = RSACryption.RSADecrypt(tbPrivateKey.Text, tbEncryptContent.Text); } private void Sign_Click(object sender, RoutedEventArgs e) { tbSign.Text = RSACryption.GetSignature(tbPrivateKey.Text, tbHash.Text); } private void GetHash_Click(object sender, RoutedEventArgs e) { tbHash.Text = RSACryption.GetHash(tbContent.Text); } private void ValidateSign_Click(object sender, RoutedEventArgs e) { tbValidateSign.Text = RSACryption.ValidateSignature(tbPublicKey.Text, tbHash.Text, tbSign.Text).ToString(); } private void InputPfx_Click(object sender, RoutedEventArgs e) { var cer= RSACryption.GetCertificateFromPfxFile(@"D:my.pfx", "123456"); tbPrivateKey.Text = cer.PrivateKey.ToXmlString(true); tbPublicKey.Text = cer.PublicKey.Key.ToXmlString(false); } private void EcryptByPrivateKey_Click(object sender, RoutedEventArgs e) { tbEncryptContent.Text = RSACryption.RSAEncrypt(tbPrivateKey.Text, tbContent.Text); } private void DcryptByPrivateKey_Click(object sender, RoutedEventArgs e) { tbDecryptContent.Text = RSACryption.RSADecrypt(tbPublicKey.Text, tbEncryptContent.Text); } }
附上转自飛雲若雪的代码:
![](https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif)
class RSACryption { #region RSA 加密解密 #region RSA 的密钥产生 /// <summary> /// RSA产生密钥 /// </summary> /// <param name="xmlKeys">私钥</param> /// <param name="xmlPublicKey">公钥</param> public void RSAKey(out string xmlKeys, out string xmlPublicKey) { try { System.Security.Cryptography.RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); xmlKeys = rsa.ToXmlString(true); xmlPublicKey = rsa.ToXmlString(false); } catch (Exception ex) { throw ex; } } #endregion #region RSA加密函数 //############################################################################## //RSA 方式加密 //KEY必须是XML的形式,返回的是字符串 //该加密方式有长度限制的! //############################################################################## /// <summary> /// RSA的加密函数 /// </summary> /// <param name="xmlPublicKey">公钥</param> /// <param name="encryptString">待加密的字符串</param> /// <returns></returns> public string RSAEncrypt(string xmlPublicKey, string encryptString) { try { byte[] PlainTextBArray; byte[] CypherTextBArray; string Result; System.Security.Cryptography.RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); rsa.FromXmlString(xmlPublicKey); PlainTextBArray = (new UnicodeEncoding()).GetBytes(encryptString); CypherTextBArray = rsa.Encrypt(PlainTextBArray, false); Result = Convert.ToBase64String(CypherTextBArray); return Result; } catch (Exception ex) { throw ex; } } /// <summary> /// RSA的加密函数 /// </summary> /// <param name="xmlPublicKey">公钥</param> /// <param name="EncryptString">待加密的字节数组</param> /// <returns></returns> public string RSAEncrypt(string xmlPublicKey, byte[] EncryptString) { try { byte[] CypherTextBArray; string Result; System.Security.Cryptography.RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); rsa.FromXmlString(xmlPublicKey); CypherTextBArray = rsa.Encrypt(EncryptString, false); Result = Convert.ToBase64String(CypherTextBArray); return Result; } catch (Exception ex) { throw ex; } } #endregion #region RSA的解密函数 /// <summary> /// RSA的解密函数 /// </summary> /// <param name="xmlPrivateKey">私钥</param> /// <param name="decryptString">待解密的字符串</param> /// <returns></returns> public string RSADecrypt(string xmlPrivateKey, string decryptString) { try { byte[] PlainTextBArray; byte[] DypherTextBArray; string Result; System.Security.Cryptography.RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); rsa.FromXmlString(xmlPrivateKey); PlainTextBArray = Convert.FromBase64String(decryptString); DypherTextBArray = rsa.Decrypt(PlainTextBArray, false); Result = (new UnicodeEncoding()).GetString(DypherTextBArray); return Result; } catch (Exception ex) { throw ex; } } /// <summary> /// RSA的解密函数 /// </summary> /// <param name="xmlPrivateKey">私钥</param> /// <param name="DecryptString">待解密的字节数组</param> /// <returns></returns> public string RSADecrypt(string xmlPrivateKey, byte[] DecryptString) { try { byte[] DypherTextBArray; string Result; System.Security.Cryptography.RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); rsa.FromXmlString(xmlPrivateKey); DypherTextBArray = rsa.Decrypt(DecryptString, false); Result = (new UnicodeEncoding()).GetString(DypherTextBArray); return Result; } catch (Exception ex) { throw ex; } } #endregion #endregion #region RSA数字签名 #region 获取Hash描述表 /// <summary> /// 获取Hash描述表 /// </summary> /// <param name="strSource">待签名的字符串</param> /// <param name="HashData">Hash描述</param> /// <returns></returns> public bool GetHash(string strSource, ref byte[] HashData) { try { byte[] Buffer; System.Security.Cryptography.HashAlgorithm MD5 = System.Security.Cryptography.HashAlgorithm.Create("MD5"); Buffer = System.Text.Encoding.GetEncoding("GB2312").GetBytes(strSource); HashData = MD5.ComputeHash(Buffer); return true; } catch (Exception ex) { throw ex; } } /// <summary> /// 获取Hash描述表 /// </summary> /// <param name="strSource">待签名的字符串</param> /// <param name="strHashData">Hash描述</param> /// <returns></returns> public bool GetHash(string strSource, ref string strHashData) { try { //从字符串中取得Hash描述 byte[] Buffer; byte[] HashData; System.Security.Cryptography.HashAlgorithm MD5 = System.Security.Cryptography.HashAlgorithm.Create("MD5"); Buffer = System.Text.Encoding.GetEncoding("GB2312").GetBytes(strSource); HashData = MD5.ComputeHash(Buffer); strHashData = Convert.ToBase64String(HashData); return true; } catch (Exception ex) { throw ex; } } /// <summary> /// 获取Hash描述表 /// </summary> /// <param name="objFile">待签名的文件</param> /// <param name="HashData">Hash描述</param> /// <returns></returns> public bool GetHash(System.IO.FileStream objFile, ref byte[] HashData) { try { //从文件中取得Hash描述 System.Security.Cryptography.HashAlgorithm MD5 = System.Security.Cryptography.HashAlgorithm.Create("MD5"); HashData = MD5.ComputeHash(objFile); objFile.Close(); return true; } catch (Exception ex) { throw ex; } } /// <summary> /// 获取Hash描述表 /// </summary> /// <param name="objFile">待签名的文件</param> /// <param name="strHashData">Hash描述</param> /// <returns></returns> public bool GetHash(System.IO.FileStream objFile, ref string strHashData) { try { //从文件中取得Hash描述 byte[] HashData; System.Security.Cryptography.HashAlgorithm MD5 = System.Security.Cryptography.HashAlgorithm.Create("MD5"); HashData = MD5.ComputeHash(objFile); objFile.Close(); strHashData = Convert.ToBase64String(HashData); return true; } catch (Exception ex) { throw ex; } } #endregion #region RSA签名 /// <summary> /// RSA签名 /// </summary> /// <param name="strKeyPrivate">私钥</param> /// <param name="HashbyteSignature">待签名Hash描述</param> /// <param name="EncryptedSignatureData">签名后的结果</param> /// <returns></returns> public bool SignatureFormatter(string strKeyPrivate, byte[] HashbyteSignature, ref byte[] EncryptedSignatureData) { try { System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider(); RSA.FromXmlString(strKeyPrivate); System.Security.Cryptography.RSAPKCS1SignatureFormatter RSAFormatter = new System.Security.Cryptography.RSAPKCS1SignatureFormatter(RSA); //设置签名的算法为MD5 RSAFormatter.SetHashAlgorithm("MD5"); //执行签名 EncryptedSignatureData = RSAFormatter.CreateSignature(HashbyteSignature); return true; } catch (Exception ex) { throw ex; } } /// <summary> /// RSA签名 /// </summary> /// <param name="strKeyPrivate">私钥</param> /// <param name="HashbyteSignature">待签名Hash描述</param> /// <param name="m_strEncryptedSignatureData">签名后的结果</param> /// <returns></returns> public bool SignatureFormatter(string strKeyPrivate, byte[] HashbyteSignature, ref string strEncryptedSignatureData) { try { byte[] EncryptedSignatureData; System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider(); RSA.FromXmlString(strKeyPrivate); System.Security.Cryptography.RSAPKCS1SignatureFormatter RSAFormatter = new System.Security.Cryptography.RSAPKCS1SignatureFormatter(RSA); //设置签名的算法为MD5 RSAFormatter.SetHashAlgorithm("MD5"); //执行签名 EncryptedSignatureData = RSAFormatter.CreateSignature(HashbyteSignature); strEncryptedSignatureData = Convert.ToBase64String(EncryptedSignatureData); return true; } catch (Exception ex) { throw ex; } } /// <summary> /// RSA签名 /// </summary> /// <param name="strKeyPrivate">私钥</param> /// <param name="strHashbyteSignature">待签名Hash描述</param> /// <param name="EncryptedSignatureData">签名后的结果</param> /// <returns></returns> public bool SignatureFormatter(string strKeyPrivate, string strHashbyteSignature, ref byte[] EncryptedSignatureData) { try { byte[] HashbyteSignature; HashbyteSignature = Convert.FromBase64String(strHashbyteSignature); System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider(); RSA.FromXmlString(strKeyPrivate); System.Security.Cryptography.RSAPKCS1SignatureFormatter RSAFormatter = new System.Security.Cryptography.RSAPKCS1SignatureFormatter(RSA); //设置签名的算法为MD5 RSAFormatter.SetHashAlgorithm("MD5"); //执行签名 EncryptedSignatureData = RSAFormatter.CreateSignature(HashbyteSignature); return true; } catch (Exception ex) { throw ex; } } /// <summary> /// RSA签名 /// </summary> /// <param name="strKeyPrivate">私钥</param> /// <param name="strHashbyteSignature">待签名Hash描述</param> /// <param name="strEncryptedSignatureData">签名后的结果</param> /// <returns></returns> public bool SignatureFormatter(string strKeyPrivate, string strHashbyteSignature, ref string strEncryptedSignatureData) { try { byte[] HashbyteSignature; byte[] EncryptedSignatureData; HashbyteSignature = Convert.FromBase64String(strHashbyteSignature); System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider(); RSA.FromXmlString(strKeyPrivate); System.Security.Cryptography.RSAPKCS1SignatureFormatter RSAFormatter = new System.Security.Cryptography.RSAPKCS1SignatureFormatter(RSA); //设置签名的算法为MD5 RSAFormatter.SetHashAlgorithm("MD5"); //执行签名 EncryptedSignatureData = RSAFormatter.CreateSignature(HashbyteSignature); strEncryptedSignatureData = Convert.ToBase64String(EncryptedSignatureData); return true; } catch (Exception ex) { throw ex; } } #endregion #region RSA 签名验证 /// <summary> /// RSA签名验证 /// </summary> /// <param name="strKeyPublic">公钥</param> /// <param name="HashbyteDeformatter">Hash描述</param> /// <param name="DeformatterData">签名后的结果</param> /// <returns></returns> public bool SignatureDeformatter(string strKeyPublic, byte[] HashbyteDeformatter, byte[] DeformatterData) { try { System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider(); RSA.FromXmlString(strKeyPublic); System.Security.Cryptography.RSAPKCS1SignatureDeformatter RSADeformatter = new System.Security.Cryptography.RSAPKCS1SignatureDeformatter(RSA); //指定解密的时候HASH算法为MD5 RSADeformatter.SetHashAlgorithm("MD5"); if (RSADeformatter.VerifySignature(HashbyteDeformatter, DeformatterData)) { return true; } else { return false; } } catch (Exception ex) { throw ex; } } /// <summary> /// RSA签名验证 /// </summary> /// <param name="strKeyPublic">公钥</param> /// <param name="strHashbyteDeformatter">Hash描述</param> /// <param name="DeformatterData">签名后的结果</param> /// <returns></returns> public bool SignatureDeformatter(string strKeyPublic, string strHashbyteDeformatter, byte[] DeformatterData) { try { byte[] HashbyteDeformatter; HashbyteDeformatter = Convert.FromBase64String(strHashbyteDeformatter); System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider(); RSA.FromXmlString(strKeyPublic); System.Security.Cryptography.RSAPKCS1SignatureDeformatter RSADeformatter = new System.Security.Cryptography.RSAPKCS1SignatureDeformatter(RSA); //指定解密的时候HASH算法为MD5 RSADeformatter.SetHashAlgorithm("MD5"); if (RSADeformatter.VerifySignature(HashbyteDeformatter, DeformatterData)) { return true; } else { return false; } } catch (Exception ex) { throw ex; } } /// <summary> /// RSA签名验证 /// </summary> /// <param name="strKeyPublic">公钥</param> /// <param name="HashbyteDeformatter">Hash描述</param> /// <param name="strDeformatterData">签名后的结果</param> /// <returns></returns> public bool SignatureDeformatter(string strKeyPublic, byte[] HashbyteDeformatter, string strDeformatterData) { try { byte[] DeformatterData; System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider(); RSA.FromXmlString(strKeyPublic); System.Security.Cryptography.RSAPKCS1SignatureDeformatter RSADeformatter = new System.Security.Cryptography.RSAPKCS1SignatureDeformatter(RSA); //指定解密的时候HASH算法为MD5 RSADeformatter.SetHashAlgorithm("MD5"); DeformatterData = Convert.FromBase64String(strDeformatterData); if (RSADeformatter.VerifySignature(HashbyteDeformatter, DeformatterData)) { return true; } else { return false; } } catch (Exception ex) { throw ex; } } /// <summary> /// RSA签名验证 /// </summary> /// <param name="strKeyPublic">公钥</param> /// <param name="strHashbyteDeformatter">Hash描述</param> /// <param name="strDeformatterData">签名后的结果</param> /// <returns></returns> public bool SignatureDeformatter(string strKeyPublic, string strHashbyteDeformatter, string strDeformatterData) { try { byte[] DeformatterData; byte[] HashbyteDeformatter; HashbyteDeformatter = Convert.FromBase64String(strHashbyteDeformatter); System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider(); RSA.FromXmlString(strKeyPublic); System.Security.Cryptography.RSAPKCS1SignatureDeformatter RSADeformatter = new System.Security.Cryptography.RSAPKCS1SignatureDeformatter(RSA); //指定解密的时候HASH算法为MD5 RSADeformatter.SetHashAlgorithm("MD5"); DeformatterData = Convert.FromBase64String(strDeformatterData); if (RSADeformatter.VerifySignature(HashbyteDeformatter, DeformatterData)) { return true; } else { return false; } } catch (Exception ex) { throw ex; } } #endregion #endregion }
What is "found.000" ? How to deal with it?
install Mac OS on Vmware
字符串数组全排列
Hadoop开发相关问题
String直接赋值和使用new的区别
输入两个递增排序的链表,合并这两个链表并使新链表中的结点仍然是按照递增排序的
括号匹配问题
预编译语句
两个有序单链表合并成一个有序单链表的java实现
- 最新文章
-
php-fpm-运行原理(转)
MySQL 权限管理
编译安装Apache
编译安装php
Go Web --- 创建一个Article的增删改查
Golang开发工具LiteIDE使用方法整理
beego 各种形式的路由实例
beego 自定义控制器与路由
初次使用beego框架
自然语言交流系统 phxnet团队 创新实训 项目博客 (七)
- 热门文章
-
How to revert your file&folder by "FOUND.000"
磁盘映射: between 宿主机 and 客户机
How Vmware snapshots works
使用VMware将Linux装在物理硬盘上,开机即可进入Linux (转)
vmrun命令
启动LINUX系统后,进入图形化界面的命令
命令行模式启动VMWare虚拟机
Ubuntu下允许Root用户的操作 (图形界面登录、su切换……)
“System Volume Information”文件夹里的NTFS木马(安全问题)
How to deal with "Could not find component on update server. Contact VMware Support or your system administrator." in Vmware.