private static void Rsa() { var text = "Hello World!"; // 加密解密 var provider = new RsaProvider(RsaType.RSA2, Encoding.UTF8); var enc = provider.Encrypt(text); var dec = provider.Decrypt(enc); Console.WriteLine($"Enc: {enc}"); Console.WriteLine($"Dec: {dec}"); // 签名验证 provider = new RsaProvider(RsaType.RSA2, Encoding.UTF8, Const.RSAPrivateKey, Const.RSAPublicKey); var sig = provider.Sign(text); var ver = provider.Verify(text, sig); Console.WriteLine(sig); Console.WriteLine(ver); //var prik = Const.RSAPrivateKey; //var pubk = Const.RSAPublicKey; //var sign = RsaVerify.Sign(text, prik); //var verify = RsaVerify.SignCheck(text, sign, pubk); //Console.WriteLine(sign); //Console.WriteLine(verify); }
/// <summary> /// RSA encrypt /// </summary> /// <param name="publicKey">public key</param> /// <param name="srcString">src string</param> /// <param name="padding">rsa encryptPadding <see cref="RSAEncryptionPadding"/> RSAEncryptionPadding.Pkcs1 for linux/mac openssl </param> /// <param name="isPemKey">set key is pem format,default is false</param> /// <returns>encrypted string</returns> public static string RSADecrypt(string privateKey, string srcString, RSAEncryptionPadding padding, bool isPemKey = false) { Check.Argument.IsNotEmpty(privateKey, nameof(privateKey)); Check.Argument.IsNotEmpty(srcString, nameof(srcString)); Check.Argument.IsNotNull(padding, nameof(padding)); RSA rsa; if (isPemKey) { rsa = RsaProvider.FromPem(privateKey); } else { rsa = RSA.Create(); rsa.FromJsonString(privateKey); } using (rsa) { byte[] srcBytes = srcString.ToBytes(); byte[] decryptBytes = rsa.Decrypt(srcBytes, padding); return(Encoding.UTF8.GetString(decryptBytes)); } }
public void RsaTest() { var text = "Hello NStandard."; var data = text.Bytes(); var encryptRsa = new RsaProvider(); encryptRsa.FromXmlString(@"<RSAKeyValue> <Modulus>wyL0Tl0oPhililRHagPFIlKjWotnDKeK84p9sMjCPUfQqTb9zTne/K7KdpNnHSE5zmjUNWPGFSFxkdec/XVrLz0ZD0euTJo8ZN7Wx1eVYGczh5seLIOazf6zMgEW5jqwVx69Zs0K39alJDPqOYF7Q/2bBD9/BWvhRymkfKlSI5Z9LNi0i5ZRzuXqz6RcvPR35O/FdzWypKQsuRU73szDEwStkwu1ZgsSdyV50RoMAWodnvPDhJnVNdLtpeE6d2EDXKSnmmh+64h4HAK753UlCgjPuJ/jBxSiveSO6yOp18Hs1/tLHfZblgz8BM3tzMPgrPU3xNE3CHXujYSVKi4zsQ==</Modulus> <Exponent>AQAB</Exponent> <P>6gZc6Zm7gt1nvEqwU5/HdDIZGx0hYwa5OIOL1J72km35JVwYrheC/40MtwLOBt6cnuVeVWy5Q/LaJOeRs3k3dZjo15CeUZ59jvg3JzkHdk2hgDN/Cw9JamM1fEanAdgVKzU70fvbZ5K+gqcNkbacV/hh7cyOwBZUpxIqld9UVe8=</P> <Q>1XXFALNiLtSE24/k7PQK6yriaf4T/obVZh8oJbB9z8Af+FdfT3NeNdwHrl6GcQHYVPHLNudD3XCLIzhWkysKaITKKx2JZgRFffb8wh5eyRvPWa0ymiZ1R6Ye2A36BeNXno1pT9f2OkbuUgkavZ3KcSlTvFXzHpYGFjEBmPwSsF8=</Q> <DP>3fg1Dnj7Ss/YAddR0a9+Ti7qczY5IaUR75GOApjYROE8bHwjCJVScjOF+NwXMJrbMTdbN2lNfC6PTGu8Xd++g7MKPtRz5fSPIRk7rt8/va06Xs/5UzMnrln1NDALXgtnYLk4SR46581fF6t9ilULi8ESmavpRjaoCmOHsunGI08=</DP> <DQ>k9850fpyka53OwK7u8pzpeXXY0W35CLTwiLjVPimrzyQ6SDdzdRF91mtmIWy7KYyjuXRuP8MbGKCgKuOjfTLCQy0YJndjOZ4nYJ0JqWTVA4H3j+1RkROCoxx4YoNIfcTw6qCweUBle19OydDdwfQLgRLFbUU7qNPJCBe0vQMnlE=</DQ> <InverseQ>DE+NWEF21QkpVCJRPbjq01Vy7gHfy0WnpMDW+NEVBEJCbBfza+h6/FsO+c5RtVT3QN0stP+EfhDzeZSqNG/0Pf5GKhDKF7YsxFB8yHs3kUf0fN8PuoIFFqPwRXB4PytmvKg9h5e/aSbA7P3W2iDt5gH+IVUODF5cKfPvilk7izc=</InverseQ> <D>hawGK0BJdvAvRikhmo/mlPKDEF16RALpfpeaLmX4GT5+w8v15IYGKJYb/0pOUngWPz00UTZ91K/KOpu24TF0MTHrXro9vh/Ry0+TVY67twQ7GmO6McgdXYtieZihdSky7xsRp8BB+L/y9G/TvXzjUdoCPNC6VJ5n/fWaxgK/T7xujQVKWa0MEY0BtPma0tqWb1t0UxGseuG7Kb2JyYZDKc3sCr4ILkvpL9+nXkG8jS8kZcYyNEzEKhwOTU4SyMcHHq0tyuE9Iq6KEnHDcAekaXRvZnG/Sw1SDH7Yg44NOtdfZxhUxIOP8Gj1yFiDy/QJUsxAW7V60+2UwFb6DnEGuQ==</D> </RSAKeyValue>"); var cipher = encryptRsa.Encrypt(data); var signature = encryptRsa.SignData(data, HashAlgorithmName.SHA1); var hash = Sha1Hasher.Hash(data); var hashSignature = encryptRsa.SignHash(hash, HashAlgorithmName.SHA1); var decryptRsa = new RsaProvider(); decryptRsa.FromPemString(@"-----BEGIN PRIVATE KEY----- MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDDIvROXSg+GKWK VEdqA8UiUqNai2cMp4rzin2wyMI9R9CpNv3NOd78rsp2k2cdITnOaNQ1Y8YVIXGR 15z9dWsvPRkPR65Mmjxk3tbHV5VgZzOHmx4sg5rN/rMyARbmOrBXHr1mzQrf1qUk M+o5gXtD/ZsEP38Fa+FHKaR8qVIjln0s2LSLllHO5erPpFy89Hfk78V3NbKkpCy5 FTvezMMTBK2TC7VmCxJ3JXnRGgwBah2e88OEmdU10u2l4Tp3YQNcpKeaaH7riHgc ArvndSUKCM+4n+MHFKK95I7rI6nXwezX+0sd9luWDPwEze3Mw+Cs9TfE0TcIde6N hJUqLjOxAgMBAAECggEBAIWsBitASXbwL0YpIZqP5pTygxBdekQC6X6Xmi5l+Bk+ fsPL9eSGBiiWG/9KTlJ4Fj89NFE2fdSvyjqbtuExdDEx6166Pb4f0ctPk1WOu7cE OxpjujHIHV2LYnmYoXUpMu8bEafAQfi/8vRv071841HaAjzQulSeZ/31msYCv0+8 bo0FSlmtDBGNAbT5mtLalm9bdFMRrHrhuym9icmGQynN7Aq+CC5L6S/fp15BvI0v JGXGMjRMxCocDk1OEsjHBx6tLcrhPSKuihJxw3AHpGl0b2Zxv0sNUgx+2IOODTrX X2cYVMSDj/Bo9chYg8v0CVLMQFu1etPtlMBW+g5xBrkCgYEA6gZc6Zm7gt1nvEqw U5/HdDIZGx0hYwa5OIOL1J72km35JVwYrheC/40MtwLOBt6cnuVeVWy5Q/LaJOeR s3k3dZjo15CeUZ59jvg3JzkHdk2hgDN/Cw9JamM1fEanAdgVKzU70fvbZ5K+gqcN kbacV/hh7cyOwBZUpxIqld9UVe8CgYEA1XXFALNiLtSE24/k7PQK6yriaf4T/obV Zh8oJbB9z8Af+FdfT3NeNdwHrl6GcQHYVPHLNudD3XCLIzhWkysKaITKKx2JZgRF ffb8wh5eyRvPWa0ymiZ1R6Ye2A36BeNXno1pT9f2OkbuUgkavZ3KcSlTvFXzHpYG FjEBmPwSsF8CgYEA3fg1Dnj7Ss/YAddR0a9+Ti7qczY5IaUR75GOApjYROE8bHwj CJVScjOF+NwXMJrbMTdbN2lNfC6PTGu8Xd++g7MKPtRz5fSPIRk7rt8/va06Xs/5 UzMnrln1NDALXgtnYLk4SR46581fF6t9ilULi8ESmavpRjaoCmOHsunGI08CgYEA k9850fpyka53OwK7u8pzpeXXY0W35CLTwiLjVPimrzyQ6SDdzdRF91mtmIWy7KYy juXRuP8MbGKCgKuOjfTLCQy0YJndjOZ4nYJ0JqWTVA4H3j+1RkROCoxx4YoNIfcT w6qCweUBle19OydDdwfQLgRLFbUU7qNPJCBe0vQMnlECgYAMT41YQXbVCSlUIlE9 uOrTVXLuAd/LRaekwNb40RUEQkJsF/Nr6Hr8Ww75zlG1VPdA3Sy0/4R+EPN5lKo0 b/Q9/kYqEMoXtizEUHzIezeRR/R83w+6ggUWo/BFcHg/K2a8qD2Hl79pJsDs/dba IO3mAf4hVQ4MXlwp8++KWTuLNw== -----END PRIVATE KEY-----"); var decipher = decryptRsa.Decrypt(cipher).String(); Assert.Equal(text, decipher); Assert.True(encryptRsa.VerifyData(data, signature, HashAlgorithmName.SHA1)); Assert.True(encryptRsa.VerifyHash(hash, hashSignature, HashAlgorithmName.SHA1)); Assert.True(encryptRsa.ToXmlString(true) == decryptRsa.ToXmlString(true)); Assert.True(encryptRsa.ToPemString(true) == decryptRsa.ToPemString(true)); }
public bool Delete() { try { // if a rsaprovider exists, make non persistent, clear it and nullify --> the key is deleted if (RsaProvider.IsAssigned()) { // Delete the key entry in the container. RsaProvider.PersistKeyInCsp = false; // Call Clear to release resources and delete the key from the container. RsaProvider.Clear(); RsaProvider = null; return(true); } return(false); } catch (CryptographicException e) { Debug.WriteLine("Encryption: UtilHelper.DeleteKeyFromContainer(...) unable to delete key - " + e.Message); return(false); } }
/// <summary> /// RSA encrypt /// </summary> /// <param name="publicKey">public key</param> /// <param name="srcString">src string</param> /// <param name="padding">rsa encryptPadding <see cref="RSAEncryptionPadding"/> RSAEncryptionPadding.Pkcs1 for linux/mac openssl </param> /// <param name="isPemKey">set key is pem format,default is false</param> /// <returns>encrypted string</returns> public static string RSAEncrypt(string publicKey, string srcString, RSAEncryptionPadding padding, bool isPemKey = false) { Check.Argument.IsNotEmpty(publicKey, nameof(publicKey)); Check.Argument.IsNotEmpty(srcString, nameof(srcString)); Check.Argument.IsNotNull(padding, nameof(padding)); RSA rsa; if (isPemKey) { rsa = RsaProvider.FromPem(publicKey); } else { rsa = RSA.Create(); rsa.FromJsonString(publicKey); } using (rsa) { var maxLength = GetMaxRsaEncryptLength(rsa, padding); var rawBytes = Encoding.UTF8.GetBytes(srcString); if (rawBytes.Length > maxLength) { throw new OutofMaxlengthException($"'{srcString}' is out of max encrypt length {maxLength}", maxLength, rsa.KeySize, padding); } byte[] encryptBytes = rsa.Encrypt(rawBytes, padding); return(encryptBytes.ToHexString()); } }
/// <summary> /// RSA encrypt /// </summary> /// <param name="publicKey">public key</param> /// <param name="data">src string</param> /// <param name="padding">rsa encryptPadding <see cref="RSAEncryptionPadding"/> RSAEncryptionPadding.Pkcs1 for linux/mac openssl </param> /// <param name="isPemKey">set key is pem format,default is false</param> /// <returns>encrypted string</returns> public static byte[] RSADecrypt(string privateKey, byte[] data, RSAEncryptionPadding padding, bool isPemKey = false) { Check.Argument.IsNotEmpty(privateKey, nameof(privateKey)); Check.Argument.IsNotNull(data, nameof(data)); Check.Argument.IsNotNull(padding, nameof(padding)); RSA rsa; if (isPemKey) { rsa = RsaProvider.FromPem(privateKey); } else { rsa = RSA.Create(); rsa.FromJsonString(privateKey); } using (rsa) { byte[] srcBytes = data; byte[] decryptBytes = rsa.Decrypt(srcBytes, padding); return(decryptBytes); } }
/// <summary> /// RSA公玥加密 /// </summary> /// <param name="publicKey"></param> /// <param name="text"></param> /// <returns></returns> public static string RsaEncrypt(string publicKey, string text) { byte[] dataBytes = Encoding.UTF8.GetBytes(text); //对普通的文字操作,用Encoding.UTF8.GetBytes() using (RSA publicKeyRsaProvider = RsaProvider.CreateRsaProviderFromPublicKey(publicKey)) { return(Convert.ToBase64String(publicKeyRsaProvider.Encrypt(dataBytes, RSAEncryptionPadding.Pkcs1))); } }
/// <summary> /// RSA私玥解密 /// </summary> /// <param name="privateKey"></param> /// <param name="cipherText"></param> /// <returns></returns> public static string RsaDecrypt(string privateKey, string cipherText) { byte[] dataBytes = Convert.FromBase64String(cipherText); //对加密方法返回的byte[],用Convert.ToBase64String,普通的文字并不是 base 64 编码的,不能使用 FromBase64String 转换成 byte[] using (RSA privateKeyRsaProvider = RsaProvider.CreateRsaProviderFromPrivateKey(privateKey)) { return(Encoding.UTF8.GetString(privateKeyRsaProvider.Decrypt(dataBytes, RSAEncryptionPadding.Pkcs1))); } }
/// <summary> /// Decrypts data with the System.Security.Cryptography.RSA algorithm. /// </summary> /// <param name="base64Text">The data to be decrypted.</param> /// <returns>The decrypted data, which is the original plain text before encryption.</returns> public string RsaDecrypt(string base64Text) { byte[] bytes = System.Convert.FromBase64String(base64Text); byte[] decrypted; lock (RsaProviderLock) { decrypted = RsaProvider.Decrypt(bytes, false); } return(System.Text.Encoding.UTF8.GetString(decrypted)); }
/// <summary> /// 使用私钥签名 /// </summary> /// <param name="data">原始数据</param> /// <returns></returns> public static string RsaSign(string privateKey, string data) { byte[] dataBytes = Encoding.UTF8.GetBytes(data); using (RSA privateKeyRsaProvider = RsaProvider.CreateRsaProviderFromPrivateKey(privateKey)) { var signatureBytes = privateKeyRsaProvider.SignData(dataBytes, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1); return(Convert.ToBase64String(signatureBytes)); } }
private static void RSA2048Decrypt() { var rsaHelper = new RsaProvider(RsaType.RSA2, Encoding.UTF8); ConsoleHelper.LoopProcessInputUntil(input => { var dec = rsaHelper.Decrypt(input); Console.WriteLine($" Input: {input}"); Console.WriteLine($"Decrypt: {dec}"); }, "$End"); }
/// <summary> /// Decrypts data with the System.Security.Cryptography.RSA algorithm. /// </summary> /// <param name="base64Text">The data to be decrypted.</param> /// <returns>The decrypted data, which is the original plain text before encryption.</returns> public string RsaDecrypt(string base64Text) { byte[] bytes = System.Convert.FromBase64String(base64Text); byte[] decrypted; lock (RsaProviderLock) { // Enable OAEP padding for better security. // Disable for compatibility. decrypted = RsaProvider.Decrypt(bytes, RsaUseOaepValue); } return(System.Text.Encoding.UTF8.GetString(decrypted)); }
/// <summary> /// 使用公钥验证签名 /// </summary> /// <param name="data">原始数据</param> /// <param name="sign">签名</param> /// <returns></returns> public static bool RsaVerify(string publicKey, string data, string sign) { byte[] dataBytes = Encoding.UTF8.GetBytes(data); byte[] signBytes = Convert.FromBase64String(sign); using (RSA publicKeyRsaProvider = RsaProvider.CreateRsaProviderFromPublicKey(publicKey)) { var verify = publicKeyRsaProvider.VerifyData(dataBytes, signBytes, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1); return(verify); } }
protected virtual void Dispose(bool disposing) { if (!_disposed) { if (RsaProvider.IsAssigned()) { RsaProvider.Clear(); // resources vrijgeven. RsaProvider = null; } } _disposed = true; }
/// <summary> /// Private RSA key is required to sign data. /// </summary> /// <param name="bytes"></param> /// <returns></returns> /// <remarks>Private RSA key is required to sign data.</remarks> string RsaGenerateSignature(byte[] bytes) { //byte[] hash = RsaSignatureHashAlgorithm.ComputeHash(bytes); //byte[] sign = RsaProvider.SignHash(hash, System.Security.Cryptography.CryptoConfig.MapNameToOID("SHA1")); byte[] sign; lock (RsaProviderLock) { sign = RsaProvider.SignData(bytes, RsaSignatureHashAlgorithm); } string signature = System.Convert.ToBase64String(sign); return(signature); }
/// <summary> /// RSA Converter to pem /// </summary> /// <param name="isPKCS8"></param> /// <returns></returns> public static (string publicPem, string privatePem) RSAToPem(bool isPKCS8) { var rsaKey = CreateRsaKey(); using (RSA rsa = RSA.Create()) { rsa.FromJsonString(rsaKey.PrivateKey); var publicPem = RsaProvider.ToPem(rsa, false, isPKCS8); var privatePem = RsaProvider.ToPem(rsa, true, isPKCS8); return(publicPem, privatePem); } }
/// <summary> /// Configures services /// </summary> /// <param name="services">services</param> public void ConfigureServices(IServiceCollection services) { services.AddMvc() .SetCompatibilityVersion(CompatibilityVersion.Version_2_2); services.AddScoped <IUserRepository, UserRepository>(); services.AddIdentityServer() .AddSigningCredential(RsaProvider.GenerateSigningCredential()) .AddInMemoryIdentityResources(Config.GetIdentityResources()) .AddInMemoryApiResources(Config.GetApiResources()) .AddInMemoryClients(Config.GetClients()) .AddProfileService <ProfileService>(); services.AddTransient <IResourceOwnerPasswordValidator, ResourceOwnerPasswordValidator>(); services.AddTransient <IProfileService, ProfileService>(); services.AddTransient <IPersistedGrantStore, PersistedGrantStore>(); }
/// <summary> /// Constructor /// </summary> public MainWindow() { InitializeComponent(); this.Rsa = new RsaProvider(RsaProvider.BitLength.RSA512); }
public void ReadKey([NotNull] string key) { RsaProvider.FromXmlString(key); _maxBytesServer = RsaProvider.KeySize / 8; }
/// <summary> /// RSA From pem /// </summary> /// <param name="pem"></param> /// <returns></returns> public static System.Security.Cryptography.RSA RSAFromPem(string pem) { Check.Argument.IsNotEmpty(pem, nameof(pem)); return(RsaProvider.FromPem(pem)); }
private void GetKeyContainer(string containerName) { // - if this is a clientsize Encryption determine maximum keysize // - get the serviceprovider // - if the serviceprovider allready exists, with the wrong keysize, delete the serviceprovider // - get a new serviceprovider if deleted // - if the Encryption is temporary, make sure it is not persistend try { var cp = GetCspParameters(containerName); if (!RsaProvider.IsAssigned()) { try { RsaProvider = new RSACryptoServiceProvider(_maxBytesServer * 8, cp); } catch (CryptographicException e) { if (RsaProvider.IsAssigned()) { Delete(); } throw new Exception("create: " + e.Message, e); } } if (_maxBytesServer > 0 && RsaProvider.KeySize != _maxBytesServer * 8) { try { try { Delete(); } catch (CryptographicException e) { { throw new Exception("delete: " + e.Message, e); } } if (!RsaProvider.IsAssigned()) { RsaProvider = new RSACryptoServiceProvider(_maxBytesServer * 8, cp); } } catch (CryptographicException e) { { throw new Exception("replace: " + e.Message, e); } } } } catch (CryptographicException e) { Debug.WriteLine("Encryption: Utilhelper.GetKeyContainer(...) unexpected exception - " + e.Message); throw new Exception("most outer: " + e.Message, e); } }
/// <summary> /// RSA From pem /// </summary> /// <param name="pem"></param> /// <returns></returns> public static RSA RSAFromPem(string pem) { Check.Argument.IsNotEmpty(pem, nameof(pem)); return(RsaProvider.FromPem(pem)); }