/// <summary>
/// 公钥分段加密
/// </summary>
public static string EncrytByPublic(string data)
{
///后续静态化
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
RsaPkcs8Util m_pPublicRsaPkcs8Util = new RsaPkcs8Util(Encoding.GetEncoding(m_cConfigConstants.SYSTEM_ENCODING), m_cConfigConstants.PUBLIC_KEY);
rsa.ImportParameters(m_pPublicRsaPkcs8Util.PublicRsa.ExportParameters(false));
///分段解密
byte[] encryContent = null;
int bufferSize = (rsa.KeySize / 8) - 11;
byte[] buffer = new byte[bufferSize];
using (MemoryStream input = new MemoryStream(Encoding.UTF8.GetBytes(data)))
using (MemoryStream ouput = new MemoryStream())
{
while (true)
{
int readLine = input.Read(buffer, 0, bufferSize);
if (readLine <= 0)
{
break;
}
byte[] temp = new byte[readLine];
Array.Copy(buffer, 0, temp, 0, readLine);
byte[] encrypt = rsa.Encrypt(temp, false);
ouput.Write(encrypt, 0, encrypt.Length);
}
encryContent = ouput.ToArray();
}
return(Convert.ToBase64String(encryContent));
}
/// <summary>
/// JavaRsa私钥签名RSAWithSHA256
/// </summary>
/// <param name="text"></param>
/// <param name="privateKey"></param>
/// <param name="signFormat"></param>
/// <returns></returns>
public static string JavaRsaSign(string text, string privateKey, RsaSignFormat signFormat = RsaSignFormat.Base64)
{
var rsaProvider = new RsaPkcs8Util(Encoding.UTF8, string.Empty, privateKey);
var sign = rsaProvider.SignDataGetBytes(text, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
return((signFormat == RsaSignFormat.Base64) ? Convert.ToBase64String(sign) : ToHexString(sign));
}
//签名
public static string getSign(string data)
{
RsaPkcs8Util m_pPrivateRsaPkcs8Util = new RsaPkcs8Util(Encoding.GetEncoding(m_cConfigConstants.SYSTEM_ENCODING), null, m_cConfigConstants.PRIVATE_KEY);
string m_sPrivateSignBase64String = m_pPrivateRsaPkcs8Util.SignData(digest(data), HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
return(m_sPrivateSignBase64String);
}
/// <summary>
/// 加密请求的信息进行RSA解密
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
private ResponseModel GetRequestRsaData(AppLyInfo applyInfo, string sign)
{
//请求头信息验证未通过
var resultobj = new ResponseModel(ResponseCode.BadRequest, "RSA解密失败");
string decrypt_timestamp = "";
try
{
//校验签名,(RSA加密请求时间戳生成)
//签名运算,ANS密钥对
RSAUtilBase rSAUtil = new RsaPkcs8Util(Encoding.UTF8, applyInfo.公钥, applyInfo.私钥);
//lock (lockobj)
//{
// RSAEncryptionPaddingMode.Pkcs1
decrypt_timestamp = rSAUtil.Decrypt(sign, RSAEncryptionPadding.Pkcs1);
//}
//请求验签信息解密成功
resultobj.code = ResponseCode.Success.ToInt32();
resultobj.data = decrypt_timestamp;
}
catch (Exception ex)
{
Logger.Instance.Error("RSA解密发生异常", ex);
resultobj.msg = "请求参数签名不合法";
}
return(resultobj);
}
public static string Encrypt(string data, string publicKey)
{
RsaPkcs8Util rsa = new RsaPkcs8Util(Encoding.UTF8, publicKey);
var result = rsa.Encrypt(data, RSAEncryptionPadding.Pkcs1);
return(result);
}
public static string Decrypt(string utf8Data, string privateKey)
{
RsaPkcs8Util rsa = new RsaPkcs8Util(Encoding.UTF8, null, privateKey);
var result = rsa.Encrypt(utf8Data, RSAEncryptionPadding.Pkcs1);
return(result);
}
public IdentityService(UsersDbOperator users, JwtManager jwt, RsaPkcs8Util rsa, ILogger <IdentityService> logger)
{
_users = users;
_jwt = jwt;
_rsa = rsa;
_logger = logger;
}
/// <summary>
/// 私钥分段解密
/// </summary>
public static string DecryptByPrivate(string data)
{
///后续静态化
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
RsaPkcs8Util m_pPrivateRsaPkcs8Util = new RsaPkcs8Util(Encoding.GetEncoding(m_cConfigConstants.SYSTEM_ENCODING), null, m_cConfigConstants.PRIVATE_KEY);
rsa.ImportParameters(m_pPrivateRsaPkcs8Util.PrivateRsa.ExportParameters(true));
///分段解密
byte[] dencryContent = null;
int keySize = rsa.KeySize / 8;
byte[] buffer = new byte[keySize];
using (MemoryStream input = new MemoryStream(Convert.FromBase64String(data)))
using (MemoryStream output = new MemoryStream())
{
while (true)
{
int readLine = input.Read(buffer, 0, keySize);
if (readLine <= 0)
{
break;
}
byte[] temp = new byte[readLine];
Array.Copy(buffer, 0, temp, 0, readLine);
byte[] decrypt = rsa.Decrypt(temp, false);
output.Write(decrypt, 0, decrypt.Length);
}
dencryContent = output.ToArray();
}
return(Encoding.UTF8.GetString(dencryContent));
}
public static string Decrypt(string str, string publicKey, string privateKey, int keySize)
{
using (var rsa = new RsaPkcs8Util(Encoding.UTF8, publicKey, privateKey, keySize))
{
return(rsa.Decrypt(str, RSAEncryptionPadding.Pkcs1));
}
}
/// <summary>
/// Sign with private key
/// </summary>
/// <param name="privateKey">Private key</param>
/// <param name="data">Data</param>
/// <returns></returns>
public async Task <string> SignSignatureAsync(string privateKey, string data)
{
using (var rsaUtil = new RsaPkcs8Util(this.encoding, string.Empty, privateKey, this.keySize))
{
var isOk = rsaUtil.SignData(data, HashAlgorithmName.SHA256, this.signaturePadding);
return(await Task.FromResult(isOk));
}
}
/// <summary>
/// Decrypt
/// </summary>
/// <param name="key">CipherKey object</param>
/// <param name="cipherData">Encrypted data</param>
/// <returns>Decrypted data</returns>
public async Task <string> DecryptAsync(string privateKey, string cipherData)
{
using (var rsaUtil = new RsaPkcs8Util(this.encoding, string.Empty, privateKey))
{
var text = rsaUtil.DecryptByDataSize(this.maxDataSize, cipherData, this.encryptionPadding);
return(await Task.FromResult(text));
}
}
/// <summary>
/// Encrypt
/// </summary>
/// <param name="key">CipherKey object</param>
/// <param name="data">Input data</param>
/// <returns>Encrypted data</returns>
public async Task <string> EncryptAsync(string publicKey, string data)
{
using (var rsaUtil = new RsaPkcs8Util(this.encoding, publicKey))
{
var cipher = rsaUtil.EncryptByDataSize(this.maxDataSize, data, this.encryptionPadding);
return(await Task.FromResult(cipher));
}
}
/// <summary>
/// Verify signature with public key
/// </summary>
/// <param name="publicKey">Public key</param>
/// <param name="data">Original data</param>
/// <param name="signature">Signed data (Signature)</param>
/// <returns>True(Verify OK)/False(Verify NG)</returns>
public async Task <bool> VerifySignatureAsync(string publicKey, string data, string signature)
{
using (var rsaUtil = new RsaPkcs8Util(this.encoding, publicKey, string.Empty, this.keySize))
{
var isOk = rsaUtil.VerifyData(data, signature, this.hashAlgorithm, this.signaturePadding);
return(await Task.FromResult(isOk));
}
}
/// <summary>
/// JavaRsa私钥解密
/// </summary>
/// <param name="text"></param>
/// <param name="privateKey"></param>
/// <param name="signFormat"></param>
/// <returns></returns>
public static string JavaRsaDecrypt(string text, string privateKey, RsaSignFormat signFormat = RsaSignFormat.Base64)
{
var rsaProvider = new RsaPkcs8Util(Encoding.UTF8, string.Empty, privateKey);
if (signFormat == RsaSignFormat.Hex) // => byte => base64
{
text = Convert.ToBase64String(FromHexString(text));
}
return(rsaProvider.Decrypt(text, RSAEncryptionPadding.Pkcs1));
}
/// <summary>
/// JavaRsa公钥签名验证RSAWithSHA256
/// </summary>
/// <param name="text">源数据</param>
/// <param name="sign">签名</param>
/// <param name="publicKey">java pem公钥</param>
/// <param name="signFormat">base64/hex</param>
public static bool JavaRsaSignVerify(string text, string sign, string publicKey, RsaSignFormat signFormat = RsaSignFormat.Base64)
{
var rsaProvider = new RsaPkcs8Util(Encoding.UTF8, publicKey);
if (signFormat == RsaSignFormat.Hex) // => byte => base64
{
sign = Convert.ToBase64String(FromHexString(sign));
}
return(rsaProvider.VerifyData(text, sign, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1));
}
/// <summary>
/// JavaRsa公钥加密,SHA256,字符长度不能大于公钥长度
/// </summary>
/// <param name="text"></param>
/// <param name="publicKey"></param>
/// <param name="signFormat"></param>
/// <returns></returns>
public static string JavaRsaEncrypt(string text, string publicKey, RsaSignFormat signFormat = RsaSignFormat.Base64)
{
var rsaProvider = new RsaPkcs8Util(Encoding.UTF8, publicKey);
var encryptData = rsaProvider.Encrypt(text, RSAEncryptionPadding.Pkcs1);
if (signFormat == RsaSignFormat.Hex) // => byte => hex
{
encryptData = ToHexString(Convert.FromBase64String(encryptData));
}
return(encryptData);
}
//验签
public static bool verifySign(string data, string sign)
{
try
{
RsaPkcs8Util m_pPublicRsaPkcs8Util = new RsaPkcs8Util(Encoding.GetEncoding(m_cConfigConstants.SYSTEM_ENCODING), m_cConfigConstants.PUBLIC_KEY);
return(m_pPublicRsaPkcs8Util.VerifyData(digest(data), sign, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1));
}
catch (Exception ex)
{
Log.Instance.Debug(ex);
return(false);
}
}
/// <summary>
/// RSA 加密,解密,签名和验签
/// </summary>
public static void RSASignFunc(string privateKey, string publicKey, EnumUserType enumUserType)
{
Encoding.RegisterProvider(CodePagesEncodingProvider.Instance);
switch (enumUserType)
{
case EnumUserType.xml:
RsaXmlUtil rsaXmlUtil = new RsaXmlUtil(Encoding.UTF8, publicKey, privateKey);
var encrypt = rsaXmlUtil.Encrypt("123456789", RSAEncryptionPadding.Pkcs1);
var encryptInput = rsaXmlUtil.Decrypt(encrypt, RSAEncryptionPadding.Pkcs1);
Console.Write("XML加解密是否成功:");
Console.WriteLine(encryptInput is "123456789");
var sign = rsaXmlUtil.SignData("987654321", HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
var verifyData = rsaXmlUtil.VerifyData("987654321", sign, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
Console.Write("XML签名是否成功");
Console.WriteLine(verifyData);
break;
case EnumUserType.pkcs1:
RsaPkcs1Util rsaPkcs1Util = new RsaPkcs1Util(Encoding.UTF8, publicKey, privateKey);
var encrypt2 = rsaPkcs1Util.Encrypt("123456789", RSAEncryptionPadding.Pkcs1);
var encryptInput2 = rsaPkcs1Util.Decrypt(encrypt2, RSAEncryptionPadding.Pkcs1);
Console.Write("PKCS1加解密是否成功:");
Console.WriteLine(encryptInput2 is "123456789");
var sign2 = rsaPkcs1Util.SignData("987654321", HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
var verifyData2 = rsaPkcs1Util.VerifyData("987654321", sign2, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
Console.Write("PKCS1签名是否成功");
Console.WriteLine(verifyData2);
break;
default:
RsaPkcs8Util rsaPkcs8Util = new RsaPkcs8Util(Encoding.UTF8, publicKey, privateKey);
var encrypt3 = rsaPkcs8Util.Encrypt("123456789", RSAEncryptionPadding.Pkcs1);
var encryptInput3 = rsaPkcs8Util.Decrypt(encrypt3, RSAEncryptionPadding.Pkcs1);
Console.Write("PKCS8加解密是否成功:");
Console.WriteLine(encryptInput3 is "123456789");
var sign3 = rsaPkcs8Util.SignData("987654321", HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
var verifyData3 = rsaPkcs8Util.VerifyData("987654321", sign3, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
Console.Write("PKCS8签名是否成功");
Console.WriteLine(verifyData3);
break;
}
}
public static string PublicKeyDecrypt(string xmlPublicKey, string data)
{
///加载公钥
RSACryptoServiceProvider publicRsa = new RSACryptoServiceProvider();
RsaPkcs8Util m_pPublicRsaPkcs8Util = new RsaPkcs8Util(Encoding.GetEncoding(m_cConfigConstants.SYSTEM_ENCODING), m_cConfigConstants.PUBLIC_KEY);
publicRsa.ImportParameters(m_pPublicRsaPkcs8Util.PublicRsa.ExportParameters(false));
RSAParameters rp = publicRsa.ExportParameters(false);
///转换密钥
AsymmetricKeyParameter pbk = DotNetUtilities.GetRsaPublicKey(rp);
///第一个参数为true表示加密,为false表示解密;第二个参数表示密钥
IBufferedCipher cipher = CipherUtilities.GetCipher("RSA/ECB/PKCS1Padding");
cipher.Init(false, pbk);
///分段解密
byte[] outBytes = null;
byte[] dataToDecrypt = Convert.FromBase64String(data);
int keySize = publicRsa.KeySize / 8;
byte[] buffer = new byte[keySize];
using (MemoryStream input = new MemoryStream(dataToDecrypt))
using (MemoryStream output = new MemoryStream())
{
while (true)
{
int readLine = input.Read(buffer, 0, keySize);
if (readLine <= 0)
{
break;
}
byte[] temp = new byte[readLine];
Array.Copy(buffer, 0, temp, 0, readLine);
byte[] decrypt = cipher.DoFinal(temp);
output.Write(decrypt, 0, decrypt.Length);
}
outBytes = output.ToArray();
}
return(Encoding.UTF8.GetString(outBytes));
}
public static void getSign()
{
//var extReserved = HttpUtility.UrlEncode("Here to fill in the Merchant reservation information", Encoding.UTF8);
//var sysReserved = HttpUtility.UrlEncode("on2k0wSrVHUWcx-Bn66rGwlEp0pw", Encoding.UTF8);
var extReserved = "Here to fill in the Merchant reservation information";
var sysReserved = "on2k0wSrVHUWcx-Bn66rGwlEp0pw";
string data = "accessMode=0&amount=0.01&bankId=¤cy=&extReserved=" + extReserved + "¬ifyTime=1591930286051&orderId=WXd095362b5bb24bb4fa08239118c402&orderTime=2020-06-12 10:51:15&payType=17&productName=测试商品&requestId=dd957ade-c4d2-4c03-a2e1-abd800b2dad2&result=0&spending=0.00&sysReserved=" + sysReserved + "&timeOffset=&tradeTime=2020-06-12 10:51:25&userName=890086000300106484";
var rightSign = "c+0xqmQDApR3P6qn1wBhUP7dZ0mU+Nghmg9ddtI4V8Vd0QOvFGDItR2rEERbf00EjGONjhhCoEtSja6ezTbPjnKdDNfjgwbvTZ0ljneR1BrT3UjJvyilfRLxDPmu1I2ag5AYCfI5Bnb0TGgfFjDsLzNg+Mwpa8sJmddaF2xUynNA6o92IHeczr4WJwMtFFXKCtu2esmgNlyPfN5eT/8mZzKGiuR3QgZ7FHkcmHn0cFrv12pr7W1/LwnQW4gBJhm+mDXmWCGQpKGx5hYykX7VIwYoqtG1q4idTqHfUwh4zMYgLwnPb2xE1yDw0Pgj7fRbG45/3aKVFeALN3w5MjJrUQ==";
var publicKey = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqTS1Jw8CS4w2Mb9Dp1TmQjnYvYpqj6ExZ7R/xzFwwEJXXUdak9WgNd13nWK7IBfNjHNTYVVaeY4BRn9uak5L3UuCaSMdpQZ4QMPMqfNoHr5oh5qOc3v23x9UEUg0ZybehI7serCa2tVro34hRKgHNSQTucWUHA61L6NAKieUP7lmUMwnbG6Q/KLvfAXX919CgFWRLDj8UjbyyId5cpM7nHI3RPbmI7+0MphrepG/h2MHKM3HKX03zEFhdS/ZslocJINipwLyO8kbt4DWfzdOjFI7TUxaJcZGkKAzZ4/+zmiHa/snt5i10QcZwri8wMQxlNquRu1cmYiXxVVxGqugwIDAQAB";
//rsa256
var b = new RsaPkcs8Util(Encoding.UTF8, publicKey);
var ok = b.VerifyData(data, rightSign, System.Security.Cryptography.HashAlgorithmName.SHA256, System.Security.Cryptography.RSASignaturePadding.Pkcs1);
Console.WriteLine(ok.ToString());
}
public static string PrivateKeyEncrypt(string data)
{
///加载私钥
RSACryptoServiceProvider privateRsa = new RSACryptoServiceProvider();
RsaPkcs8Util m_pPrivateRsaPkcs8Util = new RsaPkcs8Util(Encoding.GetEncoding(m_cConfigConstants.SYSTEM_ENCODING), null, m_cConfigConstants.PRIVATE_KEY);
privateRsa.ImportParameters(m_pPrivateRsaPkcs8Util.PrivateRsa.ExportParameters(false));
///转换密钥
AsymmetricCipherKeyPair keyPair = DotNetUtilities.GetKeyPair(privateRsa);
///使用RSA/ECB/PKCS1Padding格式
///第一个参数为true表示加密,为false表示解密;第二个参数表示密钥
IBufferedCipher cipher = CipherUtilities.GetCipher("RSA/ECB/PKCS1Padding");
///分段加密
cipher.Init(true, keyPair.Private);
byte[] dataToEncrypt = Encoding.UTF8.GetBytes(data);
int bufferSize = (privateRsa.KeySize / 8) - 11;
byte[] buffer = new byte[bufferSize];
byte[] outBytes = null;
using (MemoryStream input = new MemoryStream(dataToEncrypt))
using (MemoryStream ouput = new MemoryStream())
{
while (true)
{
int readLine = input.Read(buffer, 0, bufferSize);
if (readLine <= 0)
{
break;
}
byte[] temp = new byte[readLine];
Array.Copy(buffer, 0, temp, 0, readLine);
byte[] encrypt = cipher.DoFinal(temp);
ouput.Write(encrypt, 0, encrypt.Length);
}
outBytes = ouput.ToArray();
}
return(Convert.ToBase64String(outBytes));
}
public RSA2SignAlgorithm(string privateKey)
{
rsaUtil = new RsaPkcs8Util(Encoding.UTF8, null, privateKey);
}
public RSA2CheckSignAlgorithm(string publicKey)
{
rsaUtil = new RsaPkcs8Util(Encoding.UTF8, publicKey);
}
