/// <summary> /// 数据签名 /// </summary> /// <param name="data">待签名数据</param> /// <param name="privateKey">私钥</param> /// <param name="keyFormat">格式,默认PKCS1</param> /// <param name="signaturePadding">签名类型</param> /// <param name="hashAlgorithmName">哈希算法</param> /// <param name="encode">编码</param> /// <returns></returns> public static string SignDataAsBase64(string data, string privateKey, RSAKeyFormat keyFormat = RSAKeyFormat.PKCS1, RSASignaturePadding signaturePadding = null, HashAlgorithmName hashAlgorithmName = default, string encode = "utf-8") { var buffer = Encoding.GetEncoding(encode).GetBytes(data); var signedData = SignData(buffer, privateKey, keyFormat, signaturePadding, hashAlgorithmName); return(Convert.ToBase64String(signedData)); }
/// <summary>生成RSA密钥对(带有头尾的Pem密钥格式) /// </summary> /// <param name="format">格式,PKCS1还是PKCS8</param> /// <param name="keySize">密钥长度,512,1024,1536,2048...</param> /// <returns>公钥,私钥</returns> public static RsaKeyPair GenerateFormatKeyPair(RSAKeyFormat format = RSAKeyFormat.PKCS1, int keySize = 1024) { var rsaKeyPair = GenerateKeyPair(format, keySize); return(new RsaKeyPair() { PublicKey = FormatPublicKey(rsaKeyPair.PublicKey, format), PrivateKey = FormatPrivateKey(rsaKeyPair.PrivateKey, format) }); }
/// <summary> /// 生成RSA密钥对(Pem密钥格式) /// </summary> /// <param name="format">格式,PKCS1或者PKCS8</param> /// <param name="keySize">512,1024,1536,2048</param> /// <returns>公钥,私钥</returns> public static RSAKeyPair GenerateKeyPair(RSAKeyFormat format = RSAKeyFormat.PKCS1, int keySize = 1024) { using var rsa = RSA.Create(); rsa.KeySize = keySize; var publicParameters = rsa.ExportParameters(false); var privateParameters = rsa.ExportParameters(true); string publicKey = ExportPublicKey(publicParameters); string privateKey = format == RSAKeyFormat.PKCS1 ? ExportPrivateKeyPKCS1(privateParameters) : ExportPrivateKeyPKCS8(privateParameters); return(new RSAKeyPair(publicKey, privateKey)); }
/// <summary> /// 生成密钥对 /// </summary> /// <param name="format"></param> /// <param name="keySize"></param> /// <param name="subjectPublicKey"></param> /// <returns></returns> public static RSAKeyPair GenerateKeyPair(RSAKeyFormat format = RSAKeyFormat.PKCS1, int keySize = 2048, bool subjectPublicKey = true) { using var rsa = RSA.Create(); rsa.KeySize = keySize; var privateKeyBuffer = format == RSAKeyFormat.PKCS1 ? rsa.ExportRSAPrivateKey() : rsa.ExportPkcs8PrivateKey(); var privateKey = Convert.ToBase64String(privateKeyBuffer); var publicKeyBuffer = subjectPublicKey ? rsa.ExportSubjectPublicKeyInfo() : rsa.ExportRSAPublicKey(); var publicKey = Convert.ToBase64String(publicKeyBuffer); return(new RSAKeyPair(publicKey, privateKey)); }
/// <summary>格式化私钥,带上头部与底部 /// </summary> /// <param name="privateKey">私钥</param> /// <param name="format">私钥格式</param> /// <returns></returns> public static string FormatPrivateKey(string privateKey, RSAKeyFormat format = RSAKeyFormat.PKCS1) { var header = "-----BEGIN RSA PRIVATE KEY-----"; var footer = "-----END RSA PRIVATE KEY-----"; if (format == RSAKeyFormat.PKCS8) { header = "-----BEGIN PRIVATE KEY-----"; footer = "-----END PRIVATE KEY-----"; } var formatKey = new StringBuilder(); formatKey.AppendLine(header); formatKey.AppendLine(privateKey); formatKey.Append(footer); return(formatKey.ToString()); }
/// <summary>格式化公钥,带上头部与底部 /// </summary> /// <param name="publicKey">公钥</param> /// <param name="format">密钥格式</param> /// <returns></returns> public static string FormatPublicKey(string publicKey, RSAKeyFormat format = RSAKeyFormat.PKCS1) { var header = "-----BEGIN RSA PUBLIC KEY-----"; var footer = "-----END RSA PUBLIC KEY-----"; if (format == RSAKeyFormat.PKCS8) { header = "-----BEGIN PUBLIC KEY-----"; footer = "-----END PUBLIC KEY-----"; } var formatKey = new StringBuilder(); //formatKey.AppendFormat(@"{0}\r\n{1}\r\n{2}", header, publicKey, footer); formatKey.AppendLine(header); formatKey.AppendLine(publicKey); formatKey.Append(footer); return(formatKey.ToString()); }
/// <summary> /// 解密 /// </summary> /// <param name="data">待解密数据</param> /// <param name="privateKey">私钥</param> /// <param name="keyFormat">密钥格式</param> /// <param name="encryptionPadding">算法</param> /// <returns></returns> public static byte[] Decrypt(byte[] data, string privateKey, RSAKeyFormat keyFormat = RSAKeyFormat.PKCS1, RSAEncryptionPadding encryptionPadding = null) { using var rsa = RSA.Create(); var privateKeyBuffer = Convert.FromBase64String(privateKey); if (keyFormat == RSAKeyFormat.PKCS1) { rsa.ImportRSAPrivateKey(privateKeyBuffer, out int _); } else { rsa.ImportPkcs8PrivateKey(privateKeyBuffer, out int _); } encryptionPadding ??= RSAEncryptionPadding.Pkcs1; var decryptedData = rsa.Decrypt(data, encryptionPadding); return(decryptedData); }
/// <summary> /// 数据签名 /// </summary> /// <param name="data">待签名数据</param> /// <param name="privateKey">私钥</param> /// <param name="keyFormat">格式,默认PKCS1</param> /// <param name="signaturePadding">签名类型</param> /// <param name="hashAlgorithmName">哈希算法</param> /// <returns></returns> public static byte[] SignData(byte[] data, string privateKey, RSAKeyFormat keyFormat = RSAKeyFormat.PKCS1, RSASignaturePadding signaturePadding = null, HashAlgorithmName hashAlgorithmName = default) { using var rsa = RSA.Create(); var privateKeyBuffer = Convert.FromBase64String(privateKey); if (keyFormat == RSAKeyFormat.PKCS1) { rsa.ImportRSAPrivateKey(privateKeyBuffer, out int _); } else { rsa.ImportPkcs8PrivateKey(privateKeyBuffer, out int _); } signaturePadding ??= RSASignaturePadding.Pkcs1; if (hashAlgorithmName == null || hashAlgorithmName == default) { hashAlgorithmName = HashAlgorithmName.SHA256; } var signedData = rsa.SignData(data, hashAlgorithmName, signaturePadding); return(signedData); }
/// <summary> /// 解密 /// </summary> /// <param name="data">原数据</param> /// <param name="privateKey">私钥</param> /// <param name="keyFormat">密钥格式</param> /// <param name="encryptionPadding">算法</param> /// <param name="encode">编码</param> /// <returns></returns> public static string DecryptFromBase64(string data, string privateKey, RSAKeyFormat keyFormat = RSAKeyFormat.PKCS1, RSAEncryptionPadding encryptionPadding = null, string encode = "utf-8") { var decryptedData = Decrypt(Convert.FromBase64String(data), privateKey, keyFormat, encryptionPadding); return(Encoding.GetEncoding(encode).GetString(decryptedData)); }