/// <summary>
/// 公钥加密
/// </summary>
/// <param name="data">加密数据</param>
/// <param name="publicKey"></param>
/// <param name="encoding"></param>
/// <returns></returns>
public static string Encrypt(string data, string publicKey, Encoding encoding)
{
if (string.IsNullOrWhiteSpace(data))
{
throw new ArgumentException("Value cannot be null or whitespace.", nameof(data));
}
if (string.IsNullOrWhiteSpace(publicKey))
{
throw new ArgumentException("Value cannot be null or whitespace.", nameof(publicKey));
}
// X509
if (publicKey.Contains("BEGIN CERTIFICATE"))
{
using var cer = RSAHelper.LoadX509FromPublicCertificate(publicKey);
return(((RSA)cer.PublicKey.Key).EncryptBigData(data, RSAEncryptionPadding.Pkcs1, encoding));
}
// rsa
else if (publicKey.Contains("BEGIN PUBLIC KEY"))
{
using var rsa = RSAHelper.FromPem(publicKey);
return(rsa.EncryptBigData(data, RSAEncryptionPadding.Pkcs1, encoding));
}
else
{
throw new ArgumentException(nameof(publicKey));
}
}
/// <summary>
/// 公钥验签
/// </summary>
/// <param name="data"></param>
/// <param name="publicKey"></param>
/// <param name="encoding"></param>
/// <param name="signature"></param>
/// <returns></returns>
public static bool Verify(string data, string signature, string publicKey, Encoding encoding)
{
if (string.IsNullOrWhiteSpace(data))
{
throw new ArgumentException("Value cannot be null or whitespace.", nameof(data));
}
if (string.IsNullOrWhiteSpace(publicKey))
{
throw new ArgumentException("Value cannot be null or whitespace.", nameof(publicKey));
}
// X509
if (publicKey.Contains("BEGIN CERTIFICATE"))
{
using var cer = RSAHelper.LoadX509FromPublicCertificate(publicKey);
return(((RSA)cer.PublicKey.Key)
.VerifySignData(
data,
signature,
HashAlgorithmName.MD5,
RSASignaturePadding.Pkcs1,
encoding
));
}
// rsa
else if (publicKey.Contains("BEGIN PUBLIC KEY"))
{
using var rsa = RSAHelper.FromPem(publicKey);
return(rsa.VerifySignData(
data,
signature,
HashAlgorithmName.MD5,
RSASignaturePadding.Pkcs1,
encoding
));
}
else
{
throw new ArgumentException(nameof(publicKey));
}
}
/// <summary>
/// 私钥签名
/// </summary>
/// <param name="data"></param>
/// <param name="privateKey"></param>
/// <param name="encoding"></param>
/// <returns></returns>
public static string Sign(string data, string privateKey, Encoding encoding)
{
if (string.IsNullOrWhiteSpace(data))
{
throw new ArgumentException("Value cannot be null or whitespace.", nameof(data));
}
if (string.IsNullOrWhiteSpace(privateKey))
{
throw new ArgumentException("Value cannot be null or whitespace.", nameof(privateKey));
}
if (!privateKey.Contains("PRIVATE KEY"))
{
var sb = new StringBuilder();
sb.AppendLine("-----BEGIN PRIVATE KEY-----");
sb.AppendLine(privateKey);
sb.AppendLine("-----END PRIVATE KEY-----");
privateKey = sb.ToString();
}
using var rsa = RSAHelper.FromPem(privateKey);
return(rsa.SignData(data, HashAlgorithmName.MD5, RSASignaturePadding.Pkcs1, encoding));
}
public void IntegrationTest()
{
var data = Guid.NewGuid().ToString();
{
var a1 = RSAHelper.LoadX509FromPublicCertificate(PublicKeyCer)
.GetRSAPublicKey().EncryptBigData(data, RSAEncryptionPadding.OaepSHA256);
var a2 = RSAHelper.FromPem(PublicKeyPem)
.EncryptBigData(data, RSAEncryptionPadding.OaepSHA256);
var a3 = RSAHelper.FromPem(PublicKeyPem)
.Encrypt(data, RSAEncryptionPadding.Pkcs1);
var a4 = RSAHelper.FromPem(PublicKeyPem)
.EncryptBigDataWithSplit(data, RSAEncryptionPadding.Pkcs1);
var d1 = RSAHelper.FromPem(PrivateKeyPkcs8)
.DecryptBigData(a1, RSAEncryptionPadding.OaepSHA256);
var d28 = RSAHelper.FromPem(PrivateKeyPkcs8)
.DecryptBigData(a2, RSAEncryptionPadding.OaepSHA256);
var d21 = RSAHelper.FromPem(PrivateKeyPkcs1)
.DecryptBigData(a1, RSAEncryptionPadding.OaepSHA256);
var d3 = RSAHelper.FromPem(PrivateKeyPkcs1)
.Decrypt(a3, RSAEncryptionPadding.Pkcs1);
var d4 = RSAHelper.FromPem(PrivateKeyPkcs1)
.DecryptBigDataWithSplit(a4, RSAEncryptionPadding.Pkcs1);
d1.ShouldBe(d28);
d1.ShouldBe(d21);
d1.ShouldBe(d3);
var signature = RSAHelper.FromPem(PrivateKeyPkcs8)
.SignData(data, HashAlgorithmName.SHA256, RSASignaturePadding.Pss);
var signature1 = RSAHelper.FromPem(PrivateKeyPkcs1)
.SignData(data, HashAlgorithmName.SHA256, RSASignaturePadding.Pss);
RSAHelper.LoadX509FromPublicCertificate(PublicKeyCer)
.GetRSAPublicKey().VerifySignData(data, signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pss)
.ShouldBe(true);
RSAHelper.FromPem(PublicKeyPem)
.VerifySignData(data, signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pss)
.ShouldBe(true);
RSAHelper.LoadX509FromPublicCertificate(PublicKeyCer)
.GetRSAPublicKey().VerifySignData(data, signature1, HashAlgorithmName.SHA256, RSASignaturePadding.Pss)
.ShouldBe(true);
RSAHelper.FromPem(PublicKeyPem)
.VerifySignData(data, signature1, HashAlgorithmName.SHA256, RSASignaturePadding.Pss)
.ShouldBe(true);
}
{
using var rsa = RSAHelper.FromPem(PublicKeyPem);
Should.Throw <Exception>(() => rsa.ToPem(true, true));
}
{
// xml 私钥导出测试
using var rsa = RSAHelper.FromPem(PrivateKeyPkcs8);
var encrypted = rsa.EncryptBigData(data, RSAEncryptionPadding.OaepSHA256);
var xml = rsa.ToXml(true);
_testOutputHelper.WriteLine("###############");
_testOutputHelper.WriteLine(xml);
using var rsa1 = RSAHelper.FromXml(xml);
rsa1.DecryptBigData(encrypted, RSAEncryptionPadding.OaepSHA256).ShouldBe(data);
}
{
// xml 公钥导出测试
using var rsa = RSAHelper.FromPem(PrivateKeyPkcs8);
var xml = rsa.ToXml(false);
_testOutputHelper.WriteLine("###############");
_testOutputHelper.WriteLine(xml);
using var rsa1 = RSAHelper.FromXml(xml);
var encrypted = rsa1.EncryptBigData(data, RSAEncryptionPadding.OaepSHA256);
rsa.DecryptBigData(encrypted, RSAEncryptionPadding.OaepSHA256).ShouldBe(data);
}
{
// pem pkcs1 导出导入测试
using var rsa = RSAHelper.FromPem(PrivateKeyPkcs8);
var encrypted = rsa.EncryptBigData(data, RSAEncryptionPadding.OaepSHA256);
var pem = rsa.ToPem(true, false);
_testOutputHelper.WriteLine("###############");
_testOutputHelper.WriteLine(pem);
using var rsa1 = RSAHelper.FromPem(pem);
rsa1.DecryptBigData(encrypted, RSAEncryptionPadding.OaepSHA256).ShouldBe(data);
}
{
// pem pkcs1 导出导入测试
using var rsa = RSAHelper.FromPem(PrivateKeyPkcs8);
var pem = rsa.ToPem(false, false);
_testOutputHelper.WriteLine("###############");
_testOutputHelper.WriteLine(pem);
using var rsa1 = RSAHelper.FromPem(pem);
var encrypted = rsa1.EncryptBigData(data, RSAEncryptionPadding.OaepSHA256);
rsa.DecryptBigData(encrypted, RSAEncryptionPadding.OaepSHA256).ShouldBe(data);
}
{
// pem pkcs8 导出导入测试
using var rsa = RSAHelper.FromPem(PrivateKeyPkcs8);
var encrypted = rsa.EncryptBigData(data, RSAEncryptionPadding.OaepSHA256);
var pem = rsa.ToPem(true, true);
_testOutputHelper.WriteLine("###############");
_testOutputHelper.WriteLine(pem);
using var rsa1 = RSAHelper.FromPem(pem);
rsa1.DecryptBigData(encrypted, RSAEncryptionPadding.OaepSHA256).ShouldBe(data);
}
{
// pem pkcs8 导出导入测试
using var rsa = RSAHelper.FromPem(PrivateKeyPkcs8);
var pem = rsa.ToPem(false, true);
_testOutputHelper.WriteLine("###############");
_testOutputHelper.WriteLine(pem);
using var rsa1 = RSAHelper.FromPem(pem);
var encrypted = rsa1.EncryptBigData(data, RSAEncryptionPadding.OaepSHA256);
rsa.DecryptBigData(encrypted, RSAEncryptionPadding.OaepSHA256).ShouldBe(data);
}
}