private X509Certificate2 GetCertificateWithPublicKeyForIdentity(string email)
{
var user = _applicationDbContext.Users.First(user => user.Email == email);
var cert = _importExportCertificate.PemImportCertificate(user.PemPublicKey);
return(cert);
}
private X509Certificate2 GetCertificateWithPrivateKeyForIdentity()
{
var user = _applicationDbContext.Users.First(user => user.Email == User.Identity.Name);
var cert = _importExportCertificate.PemImportCertificate(user.PemPrivateKey,
_configuration["PemPasswordExportImport"]);
return(cert);
}
public IActionResult Index()
{
var identityRsaCert3072 = CreateRsaCertificates.CreateRsaCertificate(_createCertificates, 3072);
var publicKeyPem = _importExportCertificate.PemExportPublicKeyCertificate(identityRsaCert3072);
var privateKeyPem = _importExportCertificate.PemExportRsaPrivateKey(identityRsaCert3072);
var dicEntity = new EncryptDemo();
dicEntity.PublicKey = publicKeyPem;
dicEntity.PrivateKey = privateKeyPem;
Mock.dics.Add("demo", dicEntity);
//string temp = $"public key:{publicKeyPem}, private key:{privateKeyPem}";
#region 加密
var(Key, IVBase64) = _symmetricEncryptDecrypt.InitSymmetricEncryptionKeyIV();
var encryptedText = _symmetricEncryptDecrypt.Encrypt(_origin, IVBase64, Key);
var targetUserPublicCertificate = _importExportCertificate.PemImportCertificate(publicKeyPem);
var encryptedKey = _asymmetricEncryptDecrypt.Encrypt(Key,
Utils.CreateRsaPublicKey(targetUserPublicCertificate));
var encryptedIV = _asymmetricEncryptDecrypt.Encrypt(IVBase64,
Utils.CreateRsaPublicKey(targetUserPublicCertificate));
var encryptedDto = new EncryptedDto
{
EncryptedText = encryptedText,
Key = encryptedKey,
IV = encryptedIV
};
#endregion
#region 解密
var certWithPublicKey = _importExportCertificate.PemImportCertificate(publicKeyPem);
var privateKey = _importExportCertificate.PemImportPrivateKey(privateKeyPem);
var cert = _importExportCertificate.CreateCertificateWithPrivateKey(
certWithPublicKey, privateKey);
var key = _asymmetricEncryptDecrypt.Decrypt(encryptedDto.Key,
Utils.CreateRsaPrivateKey(cert));
var IV = _asymmetricEncryptDecrypt.Decrypt(encryptedDto.IV,
Utils.CreateRsaPrivateKey(cert));
var text = _symmetricEncryptDecrypt.Decrypt(encryptedDto.EncryptedText, IV, key);
#endregion
return(Content(text));
}
private X509Certificate2 GetCertificateWithPrivateKeyForIdentity()
{
var user = _applicationDbContext.Users.First(user => user.Email == User.Identity.Name);
var certWithPublicKey = _importExportCertificate.PemImportCertificate(user.PemPublicKey);
var privateKey = _importExportCertificate.PemImportPrivateKey(user.PemPrivateKey);
var cert = _importExportCertificate.CreateCertificateWithPrivateKey(
certWithPublicKey, privateKey);
return(cert);
}