public RSAHelper(RSAType rsaType, string privateKey = null, string publicKey = null)
{
_encoding = Encoding.UTF8;
_privateKeyRsaProvider = CreateRsaProviderFromPrivateKey(privateKey ?? _privateKey);
_publicKeyRsaProvider = CreateRsaProviderFromPublicKey(publicKey ?? _publicKey);
_hashAlgorithmName = rsaType == RSAType.RSA ? HashAlgorithmName.SHA1 : HashAlgorithmName.SHA256;
}
/// <summary>
/// 实例化RSAHelper
/// </summary>
/// <param name="rsaType">加密算法类型 RSA SHA1;RSA2 SHA256 密钥长度至少为2048</param>
/// <param name="encoding">编码类型</param>
/// <param name="privateKey">私钥</param>
/// <param name="publicKey">公钥</param>
private static void InitRSADEncrypt(RSAType rsaType, Encoding encoding)
{
_encoding = encoding;
_privateKeyRsaProvider = CreateRsaProviderFromPrivateKey(_privateKey);
_publicKeyRsaProvider = CreateRsaProviderFromPublicKey(_publicKey);
_hashAlgorithmName = rsaType == RSAType.RSA ? HashAlgorithmName.SHA1 : HashAlgorithmName.SHA256;
}
/// <summary>
/// RSA工具类
/// </summary>
/// <param name="rsaType">加密算法类型 RSA SHA1;RSA2 SHA256</param>
/// <param name="encoding">编码类型</param>
/// <param name="privateKey">私钥</param>
/// <param name="publicKey">公钥</param>
public RSATool(RSAType rsaType, Encoding encoding, string privateKey, string publicKey)
{
_encoding = encoding;
_privateKeyRsaProvider = CreateRsaProviderFromPrivateKey(privateKey);
_publicKeyRsaProvider = CreateRsaProviderFromPublicKey(publicKey);
_hashAlgorithmName = rsaType == RSAType.RSA ? HashAlgorithmName.SHA1 : HashAlgorithmName.SHA256;
}
/// <summary>
/// 实例化RSAHelper
/// </summary>
/// <param name="rsaType">加密算法类型 RSA SHA1;RSA2 SHA256 密钥长度至少为2048</param>
/// <param name="encoding">编码类型</param>
/// <param name="privateKey">私钥</param>
/// <param name="publicKey">公钥</param>
public RSAHelper(RSAType rsaType, Encoding encoding, string privateKey, string publicKey = null)
{
_encoding = encoding;
if (!string.IsNullOrEmpty(privateKey))
{
_privateKeyRsaProvider = CreateRsaProviderFromPrivateKey(privateKey);
}
if (!string.IsNullOrEmpty(publicKey))
{
_publicKeyRsaProvider = CreateRsaProviderFromPublicKey(publicKey);
}
_hashAlgorithmName = HashAlgorithmName.SHA256;
if (rsaType == RSAType.RSA)
{
_hashAlgorithmName = HashAlgorithmName.SHA1;
}
if (rsaType == RSAType.RSA2)
{
_hashAlgorithmName = HashAlgorithmName.SHA256;
}
if (rsaType == RSAType.MD5)
{
_hashAlgorithmName = HashAlgorithmName.MD5;
}
}
private static string RsaSign(string value, string key, Encoding encoding, RSAType type)
{
if (string.IsNullOrWhiteSpace(value) || string.IsNullOrWhiteSpace(key))
return string.Empty;
var rsa = new RSAHelper(type, encoding, key);
return rsa.Sign(value);
}
/// <summary>
/// 实例化RSAHelper
/// </summary>
/// <param name="rsaType">加密算法类型 RSA SHA1;RSA2 SHA256 密钥长度至少为2048</param>
/// <param name="encoding">编码类型</param>
/// <param name="privateKey">私钥</param>
/// <param name="publicKey">公钥</param>
public RSAHelper(RSAType rsaType, Encoding encoding, string privateKey, string publicKey = null)
{
_encoding = encoding;
if (!string.IsNullOrEmpty(privateKey))
{
_privateKeyRsaProvider = DecodePemPrivateKey(privateKey);
}
if (!string.IsNullOrEmpty(publicKey))
{
_publicKeyRsaProvider = DecodePemPublicKey(publicKey);
}
#if NET45
if (rsaType == RSAType.RSA)
{
_sh = new SHA1CryptoServiceProvider();
}
else
{
_sh = new SHA256CryptoServiceProvider();
}
#endif
#if NETSTANDARD2_0
_hashAlgorithmName = rsaType == RSAType.RSA ? HashAlgorithmName.SHA1 : HashAlgorithmName.SHA256;
#endif
}
/// <summary>
/// 使用私钥签名
/// </summary>
/// <param name="data">原始数据</param>
/// <returns></returns>
public static byte[] RSASign(this byte[] dataBytes, byte[] privateKey, RSAType rsaType = RSAType.RSA2)
{
using (RSA rsa = CreateRsaFromPrivateKey(privateKey))
{
var encoding = Encoding.UTF8;
var hashAlgorithmName = rsaType == RSAType.RSA ? HashAlgorithmName.SHA1 : HashAlgorithmName.SHA256;
return(rsa.SignData(dataBytes, hashAlgorithmName, RSASignaturePadding.Pkcs1));
}
}
/// <summary>
/// 使用私钥签名
/// </summary>
/// <param name="rsaType">加密算法类型 RSA SHA1;RSA2 SHA256 密钥长度至少为2048</param>
/// <param name="privateKey">私钥</param>
/// <param name="data">签名数据</param>
/// <param name="encoding">编码类型</param>
/// <returns></returns>
public static string Sign(RSAType rsaType, string privateKey, string data, Encoding encoding)
{
byte[] dataBytes = encoding.GetBytes(data);
var privateKeyRsaProvider = CreateRsaProviderFromPrivateKey(privateKey);
var signatureBytes = privateKeyRsaProvider.SignData(dataBytes, rsaType == RSAType.RSA ? HashAlgorithmName.SHA1 : HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
return(Convert.ToBase64String(signatureBytes));
}
/// <summary>
/// Rsa加密
/// </summary>
private static string RsaSign(string value, string key, Encoding encoding, RSAType type)
{
if (string.IsNullOrWhiteSpace(value) || string.IsNullOrWhiteSpace(key))
{
return(string.Empty);
}
var rsa = new RsaOpenSSLHelper(type, encoding, key);
return(rsa.Sign(value));
}
/// <summary>
/// 签名
/// </summary>
/// <param name="str">需要签名的字符串</param>
/// <param name="privateKey">私钥</param>
/// <param name="type"></param>
/// <returns></returns>
public static string RSATrySign(this string str, string privateKey, RSAType type = RSAType.RSA2)
{
try
{
return(RSASign(str, privateKey, type));
}
catch (Exception)
{
return(null);
}
}
/// <summary>
/// RSA加密
/// </summary>
/// <param name="str">需要加密的内容</param>
/// <param name="publicKey">公钥</param>
/// <param name="type">类型(加密算法类型 RSA SHA1 长度不限制,推荐使用2048位以上;RSA2 SHA256 密钥长度至少为2048)</param>
/// <returns></returns>
public static string RSATryEncrypt(this string str, string publicKey, RSAType type = RSAType.RSA2)
{
try
{
return(RSAEncrypt(str, publicKey, type));
}
catch (Exception)
{
return(null);
}
}
/// <summary>
/// 公钥加密
/// </summary>
/// <param name="value"></param>
/// <param name="key"></param>
/// <param name="encoding"></param>
/// <param name="type"></param>
/// <returns></returns>
public static string RsaEncrypt(string value, string key, Encoding encoding, RSAType type)
{
if (string.IsNullOrWhiteSpace(value) || string.IsNullOrWhiteSpace(key))
{
return(string.Empty);
}
var rsa = new RsaOpenSSLHelper(type, Encoding.UTF8, "", key);
return(rsa.Encrypt(value));
}
/// <summary>
/// 使用公钥验证签名
/// </summary>
/// <param name="rsaType">加密算法类型 RSA SHA1;RSA2 SHA256 密钥长度至少为2048</param>
/// <param name="publicKey">公钥</param>
/// <param name="data">原始数据</param>
/// <param name="sign">签名</param>
/// <param name="encoding">编码类型</param>
/// <returns></returns>
public static bool Verify(RSAType rsaType, string publicKey, string data, string sign, Encoding encoding)
{
byte[] dataBytes = encoding.GetBytes(data);
byte[] signBytes = Convert.FromBase64String(sign);
var publicKeyRsaProvider = CreateRsaProviderFromPublicKey(publicKey);
var verify = publicKeyRsaProvider.VerifyData(dataBytes, signBytes, rsaType == RSAType.RSA ? HashAlgorithmName.SHA1 : HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
return(verify);
}
/// <summary>
/// 使用指定公钥验证解密得到的明文是否符合签名
/// </summary>
/// <param name="source">解密得到的明文</param>
/// <param name="signData">明文签名字符串</param>
/// <param name="publicKey">公钥</param>
/// <param name="encoding">编码类型</param>
/// <param name="outType">输出类型</param>
/// <param name="rsaType">算法类型</param>
/// <param name="keyType">密钥类型</param>
/// <returns></returns>
public static bool VerifyData(string source, string signData, string publicKey, Encoding encoding = null,
OutType outType = OutType.Base64, RSAType rsaType = RSAType.RSA, RSAKeyType keyType = RSAKeyType.Xml)
{
if (encoding == null)
{
encoding = Encoding.UTF8;
}
byte[] sourceBytes = encoding.GetBytes(source);
byte[] signBytes = signData.GetEncryptBytes(outType);
return(VerifyData(sourceBytes, signBytes, publicKey, rsaType, keyType));
}
/// <summary>
/// 实例化RSAHelper
/// </summary>
/// <param name="rsaType">加密算法类型 RSA SHA1;RSA2 SHA256 密钥长度至少为2048</param>
/// <param name="encoding">编码类型</param>
/// <param name="privateKey">私钥</param>
/// <param name="publicKey">公钥</param>
internal RsaHelper(RSAType rsaType, Encoding encoding, string privateKey, string publicKey = null)
{
_encoding = encoding;
if (!string.IsNullOrEmpty(privateKey))
{
_privateKeyRsaProvider = CreateRsaProviderFromPrivateKey(privateKey);
}
if (!string.IsNullOrEmpty(publicKey))
{
_publicKeyRsaProvider = CreateRsaProviderFromPublicKey(publicKey);
}
_hashAlgorithmName = rsaType == RSAType.SHA1 ? HashAlgorithmName.SHA1 : HashAlgorithmName.SHA256;
}
public RSA(RSAType rsaType, System.Text.Encoding encoding, string privateKey, string publicKey = null)
{
_encoding = encoding;
if (!string.IsNullOrEmpty(privateKey))
{
_privateKeyRsaProvider = CreateRsaProviderFromPrivateKey(privateKey);
}
if (!string.IsNullOrEmpty(publicKey))
{
_publicKeyRsaProvider = CreateRsaProviderFromPublicKey(publicKey);
}
_hashAlgorithmName = rsaType == RSAType.RSA ? HashAlgorithmName.SHA1 : HashAlgorithmName.SHA256;
}
public RSAEncryptionProvider(RSAType rsaType, Encoding encoding, IEncryptionKeyProvider keyProvider)
{
_encoding = encoding;
if (!string.IsNullOrEmpty(keyProvider.PrivateKey))
{
_privateKeyRsaProvider = CreateProviderFromPrivateKey(keyProvider.PrivateKey);
}
if (!string.IsNullOrEmpty(keyProvider.PublicKey))
{
_publicKeyRsaProvider = CreateProviderFromPublicKey(keyProvider.PublicKey);
}
_hashAlgorithmName = rsaType == RSAType.RSA ? HashAlgorithmName.SHA1 : HashAlgorithmName.SHA256;
}
/// <summary>
/// 实例化RSAHelper
/// </summary>
/// <param name="rsaType">加密算法类型 RSA SHA1;RSA2 SHA256 密钥长度至少为2048</param>
/// <param name="encoding">编码类型</param>
/// <param name="privateKey">私钥</param>
/// <param name="publicKey">公钥</param>
public RsaOpenSSLHelper(RSAType rsaType, Encoding encoding, string privateKey, string publicKey = null)
{
this.encoding = encoding;
if (!string.IsNullOrEmpty(privateKey))
{
privateKeyRsaProvider = CreateRsaProviderFromPrivateKey(privateKey);
}
if (!string.IsNullOrEmpty(publicKey))
{
publicKeyRsaProvider = CreateRsaProviderFromPublicKey(publicKey);
}
hashAlgorithmName = rsaType == RSAType.RSA ? HashAlgorithmName.SHA1 : HashAlgorithmName.SHA256;
}
public RsaUtils(string key, CertificateType certificateType, RSAType rsaType, Encoding encoding)
{
this._hashAlgorithmName = rsaType == RSAType.RSA ? HashAlgorithmName.SHA1 : HashAlgorithmName.SHA256;
this._encoding = encoding;
switch (certificateType)
{
case CertificateType.PublicKey:
_rsaInstance = CreateRsaByPublicKey(key);
break;
case CertificateType.PrivateKey:
_rsaInstance = CreateRsaByPrivateKey(key);
break;
}
}
/// <summary>
/// 实例化RSAHelper
/// </summary>
/// <param name="rsaType">加密算法类型 RSA SHA1;RSA2 SHA256 密钥长度至少为2048</param>
/// <param name="encoding">编码类型</param>
/// <param name="privateKey">私钥</param>
/// <param name="publicKey">公钥</param>
public RSAHelper(RSAType rsaType = RSAType.RSA2)
{
var rsakey = getkey();
_encoding = Encoding.UTF8;
if (!string.IsNullOrEmpty(rsakey.PrivateKey))
{
_privateKeyRsaProvider = CreateRsaProviderFromPrivateKey(rsakey.PrivateKey);
}
if (!string.IsNullOrEmpty(rsakey.PublicKey))
{
_publicKeyRsaProvider = CreateRsaProviderFromPublicKey(rsakey.PublicKey);
}
_hashAlgorithmName = rsaType == RSAType.RSA ? HashAlgorithmName.SHA1 : HashAlgorithmName.SHA256;
}
/// <summary>
/// RSA解密
/// </summary>
/// <param name="content">密文</param>
/// <param name="rsaKey">公钥</param>
/// <returns>明文</returns>
public static string RSADecryByType(string content, string rsaKey, RSAType type)
{
try
{
MemoryStream bufferStream = new MemoryStream();
byte[] bytData = Convert.FromBase64String(content);
int inputLength = bytData.Length;
AsymmetricKeyParameter key;
if (type == RSAType.公钥)
{
key = PublicKeyFactory.CreateKey(Convert.FromBase64String(rsaKey));
}
else
{
key = PrivateKeyFactory.CreateKey(Convert.FromBase64String(rsaKey));
}
IBufferedCipher cipher = CipherUtilities.GetCipher("RSA/ECB/PKCS1Padding");
cipher.Init(false, key);
int offSet = 0;
byte[] cache;
int i = 0;
while (inputLength - offSet > 0)
{
if (inputLength - offSet > 128)
{
cache = cipher.DoFinal(bytData, offSet, 128);
}
else
{
cache = cipher.DoFinal(bytData, offSet, inputLength - offSet);
}
bufferStream.Write(cache, 0, cache.Length);
i++;
offSet = i * 128;
}
byte[] decryptedData = bufferStream.ToArray();
bufferStream.Close();
return(Encoding.UTF8.GetString(bufferStream.ToArray()));
}
catch (Exception e)
{
return(e.Message);
}
}
/// <summary>
/// 使用私钥签名
/// </summary>
/// <param name="data"></param>
/// <param name="privateKey"></param>
/// <param name="rsaType"></param>
/// <param name="charset"></param>
/// <returns></returns>
public static string Sign(string data, string privateKey, RSAType rsaType = RSAType.MD5, string charset = "utf-8")
{
if (string.IsNullOrEmpty(privateKey))
{
throw new Exception("Private key can't be null.");
}
byte[] bt = Encoding.GetEncoding(charset).GetBytes(data);
using (RSA rsa = CreateRsaProviderFromPrivateKey(privateKey))
{
if (rsa == null)
{
throw new Exception("Private key is error");
}
var signatureBytes = rsa.SignData(bt, DicAlgorithmName[rsaType], RSASignaturePadding.Pkcs1);
return(Convert.ToBase64String(signatureBytes));
}
}
/// <summary>
/// 实例化RSAHelper
/// </summary>
/// <param name="rsaType">加密算法类型 RSA SHA1;RSA2 SHA256 密钥长度至少为2048</param>
/// <param name="encoding">编码类型</param>
/// <param name="privateKey">私钥</param>
/// <param name="publicKey">公钥</param>
/// <param name="appKey"></param>
/// <param name="splitStr"></param>
public RSAHelper(RSAType rsaType, Encoding encoding, string privateKey, string publicKey = null, string appKey = null, string splitStr = null)
{
_encoding = encoding;
if (!string.IsNullOrWhiteSpace(privateKey))
{
_privateKeyRsaProvider = CreateRsaProviderFromPrivateKey(privateKey);
}
if (!string.IsNullOrWhiteSpace(publicKey))
{
_publicKeyRsaProvider = CreateRsaProviderFromPublicKey(publicKey);
}
if (!string.IsNullOrWhiteSpace(appKey))
{
_publicAppKeyRsaProvider = CreateRsaProviderFromPublicKey(appKey);
}
_hashAlgorithmName = rsaType == RSAType.RSA ? HashAlgorithmName.SHA1 : HashAlgorithmName.SHA256;
_splitStr = splitStr;
}
/// <summary>
/// 使用指定密钥对明文进行签名,返回明文签名的字符串
/// </summary>
/// <param name="source">要签名的明文字符串</param>
/// <param name="privateKey">私钥</param>
/// <param name="encoding">编码类型</param>
/// <param name="outType">输出类型</param>
/// <param name="rsaType">算法类型</param>
/// <param name="keyType">密钥类型</param>
/// <returns></returns>
public static string SignData(string source, string privateKey, Encoding encoding = null,
OutType outType = OutType.Base64, RSAType rsaType = RSAType.RSA,
RSAKeyType keyType = RSAKeyType.Xml)
{
if (encoding == null)
{
encoding = Encoding.UTF8;
}
var result = SignData(encoding.GetBytes(source), privateKey, rsaType, keyType);
if (outType == OutType.Base64)
{
return(Convert.ToBase64String(result));
}
return(result.ToHexString());
}
/// <summary>
/// 实例化RSAHelper
/// </summary>
/// <param name="rsaType">加密算法类型 RSA SHA1;RSA2 SHA256 密钥长度至少为2048</param>
/// <param name="encoding">编码类型</param>
/// <param name="privateKey">私钥</param>
/// <param name="publicKey">公钥</param>
public RSAEncrypt(RSAType rsaType, Encoding encoding, string privateKeyFile, string publicKeyFile = null)
{
//密匙不能带BEGIN
_encoding = encoding;
if (!string.IsNullOrEmpty(privateKeyFile))
{
string sPrivateKeyPEM = File.ReadAllText(privateKeyFile);
_privateKeyRsaProvider = CreateRsaProviderFromPrivateKey(sPrivateKeyPEM);
}
if (!string.IsNullOrEmpty(publicKeyFile))
{
string sPublicKeyPEM = File.ReadAllText(publicKeyFile);
_publicKeyRsaProvider = CreateRsaProviderFromPublicKey(sPublicKeyPEM);
}
_hashAlgorithmName = rsaType == RSAType.RSA ? HashAlgorithmName.SHA1 : HashAlgorithmName.SHA256;
}
/// <summary>
/// 使用公钥验证签名
/// </summary>
/// <param name="data">原始数据</param>
/// <param name="sign">签名</param>
/// <returns></returns>
public static bool CheckSign(string data, string sign, string publicKey, RSAType rsaType = RSAType.MD5, string charset = "utf-8")
{
if (string.IsNullOrEmpty(publicKey))
{
throw new Exception("Public key can't be null.");
}
byte[] bt = Encoding.GetEncoding(charset).GetBytes(data);
byte[] signBytes = Convert.FromBase64String(sign);
using (RSA rsa = CreateRsaProviderFromPublicKey(publicKey))
{
if (rsa == null)
{
throw new Exception("Public key is error");
}
var verify = rsa.VerifyData(bt, signBytes, DicAlgorithmName[rsaType], RSASignaturePadding.Pkcs1);
return(verify);
}
}
/// <summary>
/// 实例化RSASystemHelper
/// </summary>
/// <param name="rsaType">加密算法类型</param>
/// <param name="encoding">编码类型</param>
/// <param name="privateKey">私钥</param>
/// <param name="publicKey">公钥</param>
public RSASystemHelper(RSAType rsaType, Encoding encoding, string privateKey = null, string publicKey = null)
{
_encoding = encoding ?? Encoding.UTF8;
if (!string.IsNullOrEmpty(privateKey))
{
IsBase64 = !JudgeBinary.IsHexadecimal(privateKey);
_privateKeyRsaProvider = CreateRsaProviderFromPrivateKey(privateKey);
}
if (!string.IsNullOrEmpty(publicKey))
{
IsBase64 = !JudgeBinary.IsHexadecimal(publicKey);
_publicKeyRsaProvider = CreateRsaProviderFromPublicKey(publicKey);
}
switch (rsaType)
{
case RSAType.MD5:
_hashAlgorithmName = HashAlgorithmName.MD5;
break;
case RSAType.SHA1:
_hashAlgorithmName = HashAlgorithmName.SHA1;
break;
case RSAType.SHA256:
_hashAlgorithmName = HashAlgorithmName.SHA256;
break;
case RSAType.SHA384:
_hashAlgorithmName = HashAlgorithmName.SHA384;
break;
case RSAType.SHA512:
_hashAlgorithmName = HashAlgorithmName.SHA512;
break;
default:
_hashAlgorithmName = HashAlgorithmName.MD5;
break;
}
}
/// <summary>
/// RSA加密
/// </summary>
/// <param name="content">加密明文</param>
/// <param name="rsaKey">公钥</param>
/// <returns>返回密文</returns>
public static string RSAEncryByType(string content, string rsaKey, RSAType type)
{
AsymmetricKeyParameter key;
if (type == RSAType.公钥)
{
key = PublicKeyFactory.CreateKey(Convert.FromBase64String(rsaKey));
}
else
{
key = PrivateKeyFactory.CreateKey(Convert.FromBase64String(rsaKey));
}
IBufferedCipher c = CipherUtilities.GetCipher("RSA/ECB/PKCS1Padding");
//私钥加密
c.Init(true, key);
byte[] byteData = Encoding.UTF8.GetBytes(content);
byteData = c.DoFinal(byteData, 0, byteData.Length);
return(Convert.ToBase64String(byteData));
}
/// <summary>
/// 使用指定私钥对明文进行签名,返回明文签名的字节数组
/// </summary>
/// <param name="source">要签名的明文字节数组</param>
/// <param name="privateKey">私钥</param>
/// <param name="rsaType">算法类型</param>
/// <param name="keyType">密钥类型</param>
/// <returns></returns>
public static byte[] SignData(byte[] source, string privateKey, RSAType rsaType = RSAType.RSA, RSAKeyType keyType = RSAKeyType.Xml)
{
using (var rsa = RSA.Create())
{
if (keyType == RSAKeyType.Xml)
{
rsa.FromExtXmlString(privateKey);
}
else if (keyType == RSAKeyType.Base64)
{
rsa.FromBase64StringByPrivateKey(privateKey);
}
else
{
rsa.FromJsonString(privateKey);
}
return(rsa.SignData(source, rsaType == RSAType.RSA ? HashAlgorithmName.SHA1 : HashAlgorithmName.SHA256,
RSASignaturePadding.Pkcs1));
}
}
/// <summary>
/// Rsa验签
/// </summary>
private static bool RsaVerify(string value, string publicKey, string sign, Encoding encoding, RSAType type)
{
if (string.IsNullOrWhiteSpace(value) || string.IsNullOrWhiteSpace(publicKey) || string.IsNullOrWhiteSpace(sign))
{
return(false);
}
var rsa = new RsaHelper(type, encoding, publicKey: publicKey);
return(rsa.Verify(value, sign));
}
