/*
* 1. 创建根证书私钥
* openssl genrsa -out root-key.key 1024
* 2. 创建根证书请求文件
* openssl req -new -out root-req.csr -key root-key.key -keyform PEM
* 3. 自签根证书
* openssl x509 -req -extfile d:\test\openssl.cnf -extensions v3_req -in root-req.csr -out root-cert.cer -signkey root-key.key -CAcreateserial -days 3650
* 4. 导出p12(pfx)格式证书(包含公、私钥) (p12:PKCS#12,PFX: Personal Information Exchange)
* openssl pkcs12 -export -clcerts -in root-cert.cer -inkey root-key.key -out root.p12
* 5. 从.p12文件中提取私钥
* X509Certificate2 x509 = new X509Certificate2(p12-file, password, X509KeyStorageFlags.Exportable);
* var publicKey = x509.PublicKey.Key.ToXmlString(false);
* var privateKey = x509.PrivateKey.ToXmlString(true);
* 6. RSA参数:Modulus、Exponent、P、Q、DP、DQ、InverseQ、D
* p, q [P = p, Q = q]
* n=p*q [Modulus = n]
* φ(n)=(p-1)*(q-1)
* ed = 1 mod φ(n) [Exponent = e, D = d][e称为指数,用作公钥;d是e模φ(n)的逆元,用作私钥][加密:c = m ^ e mod n,解密:c ^ d mod n]
* DP=d mod p-1
* DQ=d mod q-1
* q* InverseQ=1 mod p [InverseQ是q模p的逆元]
*
* RSA公钥:
* <RSAKeyValue>
* <Modulus>
* q/Yb0j6iQiF1Pu0b1+7/13Fz9iMaepwXmEXQScZbuVdf9VBQ50j5+gj5a+E7FuxQxHcSv86Hn2TCZY/pBOHlNwh/736zhMoqfacfjEtRbplKG2q9WvywUnQsrGzkFnL3OmG5YpvW2EmXh2cOFNtGroibSfWkWI9sNjCo++/gmJE=
* </Modulus>
* <Exponent>
* AQAB
* </Exponent>
* </RSAKeyValue>"
*
* RSA私钥:
* <RSAKeyValue>
* <Modulus>
* q/Yb0j6iQiF1Pu0b1+7/13Fz9iMaepwXmEXQScZbuVdf9VBQ50j5+gj5a+E7FuxQxHcSv86Hn2TCZY/pBOHlNwh/736zhMoqfacfjEtRbplKG2q9WvywUnQsrGzkFnL3OmG5YpvW2EmXh2cOFNtGroibSfWkWI9sNjCo++/gmJE=
* </Modulus>
* <Exponent>
* AQAB
* </Exponent>
* <P>
* 2bO1ztOmt1hn3Nl0O8Z8+F7KAe+xp5wJXBPuKs5wUypoGO52JGqW5U1003VsEQjXaJdGX3NJBK9Bb5ZD4zucWw==
* </P>
* <Q>
* yjZzxrDH45vhz77LwCcg+GbnV59WFewD8woQ8wGerS+2IpksBoSbtvsB2qhA7QAbIgroAkd9q5lK1bKeQaqigw==
* </Q>
* <DP>
* C3eH0Akd8vJZJizeDnf6BSsZANkbRnTVmWADX4XYLMlDCm0lE+35XMKjsK+yrYMFtaCiOEzeP7zreXE0yjdNmQ==
* </DP>
* <DQ>
* rS2rQ8vctQqofqHZn6wjKXn/wOQd9tJVo4zIbUXC3nGRG9pwgPiK30/jC5+zUwYXNrV+c41EjHTRSWka7gQz/w==
* </DQ>
* <InverseQ>
* QiprMadsDyt3w6CnO9xoJKaxH7xGsJkbLcqtlleJP4SfNB2XqRcT49ryoPGdVUWqbeGprxtkTqezPTXMJyIDQQ==
* </InverseQ>
* <D>
* b4cyKhzXTb63dTWBLn5izk9V31iLDuR35Rm6am7NBJsnsEoD/s1023bAlfhBQ6/G/nUf4ujHS1ilQAujHLiJ2SRAg1imYmQCapnc8GA5I5Z4MvarrfAzZQ0QxNSZ7+6k+SHIeMCBbRHHStg3i5WROYER9JHtFd+8GLOA45mi31U=
* </D>
* </RSAKeyValue>
*
*
*/
public static void Example()
{
//string original0 = "The quick brown fox jumps over a lazy dog.";
string original0 = "我是一片云,天空是我家,朝迎旭日升,暮送夕阳下。";
//xml格式、Base64编码、大端(低地址存放高数位,高地址存放低数位)
//string xmlPublicKey = "<RSAKeyValue><Modulus>q/Yb0j6iQiF1Pu0b1+7/13Fz9iMaepwXmEXQScZbuVdf9VBQ50j5+gj5a+E7FuxQxHcSv86Hn2TCZY/pBOHlNwh/736zhMoqfacfjEtRbplKG2q9WvywUnQsrGzkFnL3OmG5YpvW2EmXh2cOFNtGroibSfWkWI9sNjCo++/gmJE=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>";
//string xmlPrivateKey = "<RSAKeyValue><Modulus>q/Yb0j6iQiF1Pu0b1+7/13Fz9iMaepwXmEXQScZbuVdf9VBQ50j5+gj5a+E7FuxQxHcSv86Hn2TCZY/pBOHlNwh/736zhMoqfacfjEtRbplKG2q9WvywUnQsrGzkFnL3OmG5YpvW2EmXh2cOFNtGroibSfWkWI9sNjCo++/gmJE=</Modulus> <Exponent>AQAB</Exponent> <P>2bO1ztOmt1hn3Nl0O8Z8+F7KAe+xp5wJXBPuKs5wUypoGO52JGqW5U1003VsEQjXaJdGX3NJBK9Bb5ZD4zucWw==</P> <Q>yjZzxrDH45vhz77LwCcg+GbnV59WFewD8woQ8wGerS+2IpksBoSbtvsB2qhA7QAbIgroAkd9q5lK1bKeQaqigw==</Q> <DP>C3eH0Akd8vJZJizeDnf6BSsZANkbRnTVmWADX4XYLMlDCm0lE+35XMKjsK+yrYMFtaCiOEzeP7zreXE0yjdNmQ==</DP> <DQ>rS2rQ8vctQqofqHZn6wjKXn/wOQd9tJVo4zIbUXC3nGRG9pwgPiK30/jC5+zUwYXNrV+c41EjHTRSWka7gQz/w==</DQ> <InverseQ>QiprMadsDyt3w6CnO9xoJKaxH7xGsJkbLcqtlleJP4SfNB2XqRcT49ryoPGdVUWqbeGprxtkTqezPTXMJyIDQQ==</InverseQ> <D>b4cyKhzXTb63dTWBLn5izk9V31iLDuR35Rm6am7NBJsnsEoD/s1023bAlfhBQ6/G/nUf4ujHS1ilQAujHLiJ2SRAg1imYmQCapnc8GA5I5Z4MvarrfAzZQ0QxNSZ7+6k+SHIeMCBbRHHStg3i5WROYER9JHtFd+8GLOA45mi31U=</D> </RSAKeyValue>";
string xmlPublicKey = PublicKeyXmlFromCer("H:\\CA\\root-cert.cer", "");
string xmlPrivateKey = PrivateKeyXmlFromPKCS12("H:\\CA\\root.p12", "");
string encrypted = RsaHelper.Encrypt(original0, xmlPublicKey);
string decrypted = RsaHelper.Decrypt(encrypted, xmlPrivateKey);
string signature = RsaHelper.SenderHashAndSign(original0, xmlPrivateKey);
bool verifySig = RsaHelper.ReceiverVerifyHash(original0, signature, xmlPublicKey);
}
//RSA签名
public static string messagesign(string message)
{
string priKeyFile = "\\CA\\root.p12";//默认目录位置,私钥
string privateKyeXml = RsaHelper.PrivateKeyXmlFromPKCS12(priKeyFile, "");
if (privateKyeXml == null)
{
return("0");
}
string signvalue = RsaHelper.SenderHashAndSign(message, privateKyeXml);
if (signvalue == null)
{
return("0");
}
else
{
return(signvalue);
}
}
//RSA加密
public static string RSAEncry(string message)
{
string pubKeyFile = "\\CA\\root-cert.cer";//默认目录位置,公钥
string publicKeyXml = RsaHelper.PublicKeyXmlFromCer(pubKeyFile, "");
if (publicKeyXml == null)
{
return("0");
}
string rsaEncrypted = RsaHelper.Encrypt(message, publicKeyXml);
if (rsaEncrypted == null)
{
return("0");
}
else
{
return(rsaEncrypted);
}
}
//RSA验证签名
public static string messagesigncheck(string messagesign, string signvalue)
{
string pubKeyFile = "\\CA\\root-cert.cer";//默认目录位置,公钥
string publicKeyXml = RsaHelper.PublicKeyXmlFromCer(pubKeyFile, "");
if (publicKeyXml == null)
{
return("0");
}
bool checkresult = RsaHelper.ReceiverVerifyHash(messagesign, signvalue, publicKeyXml);
if (checkresult)
{
return("1");
}
else
{
return("0");
}
}
//RSA解密
public static string RSADecry(string message)
{
string priKeyFile = "\\CA\\root.p12";//默认目录位置,私钥
string privateKyeXml = RsaHelper.PrivateKeyXmlFromPKCS12(priKeyFile, "");
if (privateKyeXml == null)
{
return("0");
}
string rsaDecrypted = RsaHelper.Decrypt(message, privateKyeXml);
if (rsaDecrypted == null)
{
return("0");
}
else
{
return(rsaDecrypted);
}
return("1");
}