/// <summary>
/// 加密要发送的数据,包含签名,AES加密,RSA加密AES密钥等步骤
/// </summary>
/// <param name="data">要加密的正文明文数据</param>
/// <returns>已加密待发送的密文</returns>
public string EncryptData(string data)
{
data.CheckNotNull("data");
//获取正文摘要
string signData = RsaHelper.SignData(data, _ownPrivateKey);
data = new[] { data, signData }.ExpandAndToString(Separator);
//使用AES加密 正文+摘要
AesHelper aes = new AesHelper(true);
data = aes.Encrypt(data);
//RSA加密AES密钥
byte[] keyBytes = aes.Key.ToBytes();
string enDesKey = Convert.ToBase64String(RsaHelper.Encrypt(keyBytes, _facePublicKey));
return(new[] { enDesKey, data }.ExpandAndToString(Separator));
}
/// <summary>
/// 解密接收到的加密数据并验证完整性,如果验证通过返回明文
/// </summary>
/// <param name="data">接收到的加密数据</param>
/// <returns>解密并验证成功后,返回明文</returns>
public string DecryptAndVerifyData(string data)
{
data.CheckNotNullOrEmpty("data");
string[] separators = { Separator };
//0为AES密钥密文,1为 正文+摘要 的密文
string[] datas = data.Split(separators, StringSplitOptions.None);
//用接收端私钥RSA解密获取AES密钥
byte[] keyBytes = RsaHelper.Decrypt(Convert.FromBase64String(datas[0]), _ownPrivateKey);
string key = keyBytes.ToString2();
//AES解密获取 正文+摘要 的明文
data = new AesHelper(key, true).Decrypt(datas[1]);
//0为正文明文,1为摘要
datas = data.Split(separators, StringSplitOptions.None);
data = datas[0];
if (RsaHelper.VerifyData(data, datas[1], _facePublicKey))
{
return(data);
}
throw new CryptographicException("加密数据在进行解密时校验失败");
}