/// <summary>
/// 数据签名
/// </summary>
/// <param name="data">待签名数据</param>
/// <param name="privateKey">私钥</param>
/// <param name="keyFormat">格式,默认PKCS1</param>
/// <param name="signaturePadding">签名类型</param>
/// <param name="hashAlgorithmName">哈希算法</param>
/// <param name="encode">编码</param>
/// <returns></returns>
public static string SignDataAsBase64(string data, string privateKey, RSAKeyFormat keyFormat = RSAKeyFormat.PKCS1, RSASignaturePadding signaturePadding = null, HashAlgorithmName hashAlgorithmName = default, string encode = "utf-8")
{
var buffer = Encoding.GetEncoding(encode).GetBytes(data);
var signedData = SignData(buffer, privateKey, keyFormat, signaturePadding, hashAlgorithmName);
return(Convert.ToBase64String(signedData));
}
/// <summary>生成RSA密钥对(带有头尾的Pem密钥格式)
/// </summary>
/// <param name="format">格式,PKCS1还是PKCS8</param>
/// <param name="keySize">密钥长度,512,1024,1536,2048...</param>
/// <returns>公钥,私钥</returns>
public static RsaKeyPair GenerateFormatKeyPair(RSAKeyFormat format = RSAKeyFormat.PKCS1, int keySize = 1024)
{
var rsaKeyPair = GenerateKeyPair(format, keySize);
return(new RsaKeyPair()
{
PublicKey = FormatPublicKey(rsaKeyPair.PublicKey, format),
PrivateKey = FormatPrivateKey(rsaKeyPair.PrivateKey, format)
});
}
/// <summary>
/// 生成RSA密钥对(Pem密钥格式)
/// </summary>
/// <param name="format">格式,PKCS1或者PKCS8</param>
/// <param name="keySize">512,1024,1536,2048</param>
/// <returns>公钥,私钥</returns>
public static RSAKeyPair GenerateKeyPair(RSAKeyFormat format = RSAKeyFormat.PKCS1, int keySize = 1024)
{
using var rsa = RSA.Create();
rsa.KeySize = keySize;
var publicParameters = rsa.ExportParameters(false);
var privateParameters = rsa.ExportParameters(true);
string publicKey = ExportPublicKey(publicParameters);
string privateKey = format == RSAKeyFormat.PKCS1 ? ExportPrivateKeyPKCS1(privateParameters) : ExportPrivateKeyPKCS8(privateParameters);
return(new RSAKeyPair(publicKey, privateKey));
}
/// <summary>
/// 生成密钥对
/// </summary>
/// <param name="format"></param>
/// <param name="keySize"></param>
/// <param name="subjectPublicKey"></param>
/// <returns></returns>
public static RSAKeyPair GenerateKeyPair(RSAKeyFormat format = RSAKeyFormat.PKCS1, int keySize = 2048, bool subjectPublicKey = true)
{
using var rsa = RSA.Create();
rsa.KeySize = keySize;
var privateKeyBuffer = format == RSAKeyFormat.PKCS1 ? rsa.ExportRSAPrivateKey() : rsa.ExportPkcs8PrivateKey();
var privateKey = Convert.ToBase64String(privateKeyBuffer);
var publicKeyBuffer = subjectPublicKey ? rsa.ExportSubjectPublicKeyInfo() : rsa.ExportRSAPublicKey();
var publicKey = Convert.ToBase64String(publicKeyBuffer);
return(new RSAKeyPair(publicKey, privateKey));
}
/// <summary>格式化私钥,带上头部与底部
/// </summary>
/// <param name="privateKey">私钥</param>
/// <param name="format">私钥格式</param>
/// <returns></returns>
public static string FormatPrivateKey(string privateKey, RSAKeyFormat format = RSAKeyFormat.PKCS1)
{
var header = "-----BEGIN RSA PRIVATE KEY-----";
var footer = "-----END RSA PRIVATE KEY-----";
if (format == RSAKeyFormat.PKCS8)
{
header = "-----BEGIN PRIVATE KEY-----";
footer = "-----END PRIVATE KEY-----";
}
var formatKey = new StringBuilder();
formatKey.AppendLine(header);
formatKey.AppendLine(privateKey);
formatKey.Append(footer);
return(formatKey.ToString());
}
/// <summary>格式化公钥,带上头部与底部
/// </summary>
/// <param name="publicKey">公钥</param>
/// <param name="format">密钥格式</param>
/// <returns></returns>
public static string FormatPublicKey(string publicKey, RSAKeyFormat format = RSAKeyFormat.PKCS1)
{
var header = "-----BEGIN RSA PUBLIC KEY-----";
var footer = "-----END RSA PUBLIC KEY-----";
if (format == RSAKeyFormat.PKCS8)
{
header = "-----BEGIN PUBLIC KEY-----";
footer = "-----END PUBLIC KEY-----";
}
var formatKey = new StringBuilder();
//formatKey.AppendFormat(@"{0}\r\n{1}\r\n{2}", header, publicKey, footer);
formatKey.AppendLine(header);
formatKey.AppendLine(publicKey);
formatKey.Append(footer);
return(formatKey.ToString());
}
/// <summary>
/// 解密
/// </summary>
/// <param name="data">待解密数据</param>
/// <param name="privateKey">私钥</param>
/// <param name="keyFormat">密钥格式</param>
/// <param name="encryptionPadding">算法</param>
/// <returns></returns>
public static byte[] Decrypt(byte[] data, string privateKey, RSAKeyFormat keyFormat = RSAKeyFormat.PKCS1, RSAEncryptionPadding encryptionPadding = null)
{
using var rsa = RSA.Create();
var privateKeyBuffer = Convert.FromBase64String(privateKey);
if (keyFormat == RSAKeyFormat.PKCS1)
{
rsa.ImportRSAPrivateKey(privateKeyBuffer, out int _);
}
else
{
rsa.ImportPkcs8PrivateKey(privateKeyBuffer, out int _);
}
encryptionPadding ??= RSAEncryptionPadding.Pkcs1;
var decryptedData = rsa.Decrypt(data, encryptionPadding);
return(decryptedData);
}
/// <summary>
/// 数据签名
/// </summary>
/// <param name="data">待签名数据</param>
/// <param name="privateKey">私钥</param>
/// <param name="keyFormat">格式,默认PKCS1</param>
/// <param name="signaturePadding">签名类型</param>
/// <param name="hashAlgorithmName">哈希算法</param>
/// <returns></returns>
public static byte[] SignData(byte[] data, string privateKey, RSAKeyFormat keyFormat = RSAKeyFormat.PKCS1, RSASignaturePadding signaturePadding = null, HashAlgorithmName hashAlgorithmName = default)
{
using var rsa = RSA.Create();
var privateKeyBuffer = Convert.FromBase64String(privateKey);
if (keyFormat == RSAKeyFormat.PKCS1)
{
rsa.ImportRSAPrivateKey(privateKeyBuffer, out int _);
}
else
{
rsa.ImportPkcs8PrivateKey(privateKeyBuffer, out int _);
}
signaturePadding ??= RSASignaturePadding.Pkcs1;
if (hashAlgorithmName == null || hashAlgorithmName == default)
{
hashAlgorithmName = HashAlgorithmName.SHA256;
}
var signedData = rsa.SignData(data, hashAlgorithmName, signaturePadding);
return(signedData);
}
/// <summary>
/// 解密
/// </summary>
/// <param name="data">原数据</param>
/// <param name="privateKey">私钥</param>
/// <param name="keyFormat">密钥格式</param>
/// <param name="encryptionPadding">算法</param>
/// <param name="encode">编码</param>
/// <returns></returns>
public static string DecryptFromBase64(string data, string privateKey, RSAKeyFormat keyFormat = RSAKeyFormat.PKCS1, RSAEncryptionPadding encryptionPadding = null, string encode = "utf-8")
{
var decryptedData = Decrypt(Convert.FromBase64String(data), privateKey, keyFormat, encryptionPadding);
return(Encoding.GetEncoding(encode).GetString(decryptedData));
}
