using Org.BouncyCastle.Math; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Security; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.X509; using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Pkcs; using System; using System.Security.Cryptography; using System.Text; using System.Xml; namespace UtilityHelper { /// <summary> /// RSA加密解密&数字签名 /// </summary> public sealed class RSA { #region RSA 加密解密 #region RSA 的密钥产生 /// <summary> /// RSA产生密钥 /// </summary> /// <param name="xmlKeys">私钥</param> /// <param name="xmlPublicKey">公钥</param> static public void RSAKey(out string xmlKeys, out string xmlPublicKey) { try { System.Security.Cryptography.RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); xmlKeys = rsa.ToXmlString(true); xmlPublicKey = rsa.ToXmlString(false); } catch (Exception ex) { throw ex; } } #endregion #region RSA加密函数 //############################################################################## //RSA 方式加密 //KEY必须是XML的形式,返回的是字符串 //该加密方式有长度限制的! //############################################################################## /// <summary> /// RSA的加密函数 /// </summary> /// <param name="xmlPublicKey">公钥</param> /// <param name="encryptString">待加密的字符串</param> /// <returns></returns> static public string RSAEncrypt(string xmlPublicKey, string encryptString) { try { byte[] PlainTextBArray; byte[] CypherTextBArray; string Result; System.Security.Cryptography.RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); rsa.FromXmlString(xmlPublicKey); PlainTextBArray = (new UTF8Encoding()).GetBytes(encryptString); CypherTextBArray = rsa.Encrypt(PlainTextBArray, false); Result = Convert.ToBase64String(CypherTextBArray); return Result; } catch (Exception ex) { throw ex; } } /// <summary> /// RSA的加密函数 /// </summary> /// <param name="xmlPublicKey">公钥</param> /// <param name="EncryptString">待加密的字节数组</param> /// <returns></returns> static public string RSAEncrypt(string xmlPublicKey, byte[] EncryptString) { try { byte[] CypherTextBArray; string Result; System.Security.Cryptography.RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); rsa.FromXmlString(xmlPublicKey); CypherTextBArray = rsa.Encrypt(EncryptString, false); Result = Convert.ToBase64String(CypherTextBArray); return Result; } catch (Exception ex) { throw ex; } } #endregion #region RSA解密函数 /// <summary> /// RSA的解密函数 /// </summary> /// <param name="xmlPrivateKey">私钥</param> /// <param name="decryptString">待解密的字符串</param> /// <returns></returns> static public string RSADecrypt(string xmlPrivateKey, string decryptString) { try { byte[] PlainTextBArray; byte[] DypherTextBArray; string Result; System.Security.Cryptography.RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); rsa.FromXmlString(xmlPrivateKey); PlainTextBArray = Convert.FromBase64String(decryptString); DypherTextBArray = rsa.Decrypt(PlainTextBArray, false); Result = (new UTF8Encoding()).GetString(DypherTextBArray); return Result; } catch (Exception ex) { throw ex; } } /// <summary> /// RSA的解密函数 /// </summary> /// <param name="xmlPrivateKey">私钥</param> /// <param name="DecryptString">待解密的字节数组</param> /// <returns></returns> static public string RSADecrypt(string xmlPrivateKey, byte[] DecryptString) { try { byte[] DypherTextBArray; string Result; System.Security.Cryptography.RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); rsa.FromXmlString(xmlPrivateKey); DypherTextBArray = rsa.Decrypt(DecryptString, false); Result = (new UnicodeEncoding()).GetString(DypherTextBArray); return Result; } catch (Exception ex) { throw ex; } } #endregion static public string EncryptRSA(string publickey, string plaintext) { //RSA的加解密过程: // 有 rsa1 和 rsa2 两个RSA对象。 // 现在要 rsa2 发送一段信息给 rsa1, 则先由 rsa1 发送“公钥”给 rsa2 // rsa2 获取得公钥之后,用来加密要发送的数据内容。 // rsa1 获取加密后的内容后,用自己的私钥解密,得出原始的数据内容。 RSACryptoServiceProvider rsa1 = new RSACryptoServiceProvider(); RSACryptoServiceProvider rsa2 = new RSACryptoServiceProvider(); publickey = rsa1.ToXmlString(false); //导出 rsa1 的公钥 rsa2.FromXmlString(publickey); //rsa2 导入 rsa1 的公钥,用于加密信息 //rsa2开始加密 byte[] cipherbytes; cipherbytes = rsa2.Encrypt(Encoding.UTF8.GetBytes(plaintext), false); string resut = string.Empty; for (int i = 0; i < cipherbytes.Length; i++) { resut += string.Format("{0:X2} ", cipherbytes[i]); } return resut; } public void DecryptRSA(string publickey, string plaintext) { ////RSA的加解密过程: //// 有 rsa1 和 rsa2 两个RSA对象。 //// 现在要 rsa2 发送一段信息给 rsa1, 则先由 rsa1 发送“公钥”给 rsa2 //// rsa2 获取得公钥之后,用来加密要发送的数据内容。 //// rsa1 获取加密后的内容后,用自己的私钥解密,得出原始的数据内容。 //RSACryptoServiceProvider rsa1 = new RSACryptoServiceProvider(); //RSACryptoServiceProvider rsa2 = new RSACryptoServiceProvider(); //publickey = rsa1.ToXmlString(false); //导出 rsa1 的公钥 //rsa2.FromXmlString(publickey); //rsa2 导入 rsa1 的公钥,用于加密信息 ////rsa2开始加密 //byte[] cipherbytes; //cipherbytes = rsa2.Encrypt(Encoding.UTF8.GetBytes(plaintext), false); //string resut = string.Empty; //for (int i = 0; i < cipherbytes.Length; i++) //{ // resut += string.Format("{0:X2} ", cipherbytes[i]); //} //return resut; ////rsa1开始解密 //byte[] plaintbytes; //plaintbytes = rsa1.Decrypt(cipherbytes, false); //Console.WriteLine("解密后的数据是:"); //Console.WriteLine(Encoding.UTF8.GetString(plaintbytes)); //Console.ReadLine(); } #endregion #region RSA 数字签名 #region 获取Hash描述表 /// <summary> /// 获取Hash描述表 /// </summary> /// <param name="strSource">待签名的字符串</param> /// <param name="HashData">Hash描述</param> /// <returns></returns> static public bool GetHash(string strSource, ref byte[] HashData) { try { byte[] Buffer; System.Security.Cryptography.HashAlgorithm MD5 = System.Security.Cryptography.HashAlgorithm.Create("MD5"); Buffer = System.Text.Encoding.GetEncoding("GB2312").GetBytes(strSource); HashData = MD5.ComputeHash(Buffer); return true; } catch (Exception ex) { throw ex; } } /// <summary> /// 获取Hash描述表 /// </summary> /// <param name="strSource">待签名的字符串</param> /// <param name="strHashData">Hash描述</param> /// <returns></returns> static public bool GetHash(string strSource, ref string strHashData) { try { //从字符串中取得Hash描述 byte[] Buffer; byte[] HashData; System.Security.Cryptography.HashAlgorithm MD5 = System.Security.Cryptography.HashAlgorithm.Create("MD5"); Buffer = System.Text.Encoding.GetEncoding("GB2312").GetBytes(strSource); HashData = MD5.ComputeHash(Buffer); strHashData = Convert.ToBase64String(HashData); return true; } catch (Exception ex) { throw ex; } } /// <summary> /// 获取Hash描述表 /// </summary> /// <param name="objFile">待签名的文件</param> /// <param name="HashData">Hash描述</param> /// <returns></returns> static public bool GetHash(System.IO.FileStream objFile, ref byte[] HashData) { try { //从文件中取得Hash描述 System.Security.Cryptography.HashAlgorithm MD5 = System.Security.Cryptography.HashAlgorithm.Create("MD5"); HashData = MD5.ComputeHash(objFile); objFile.Close(); return true; } catch (Exception ex) { throw ex; } } /// <summary> /// 获取Hash描述表 /// </summary> /// <param name="objFile">待签名的文件</param> /// <param name="strHashData">Hash描述</param> /// <returns></returns> static public bool GetHash(System.IO.FileStream objFile, ref string strHashData) { try { //从文件中取得Hash描述 byte[] HashData; System.Security.Cryptography.HashAlgorithm MD5 = System.Security.Cryptography.HashAlgorithm.Create("MD5"); HashData = MD5.ComputeHash(objFile); objFile.Close(); strHashData = Convert.ToBase64String(HashData); return true; } catch (Exception ex) { throw ex; } } #endregion #region RSA签名 /// <summary> /// RSA签名 /// </summary> /// <param name="strKeyPrivate">私钥</param> /// <param name="HashbyteSignature">待签名Hash描述</param> /// <param name="EncryptedSignatureData">签名后的结果</param> /// <returns></returns> static public bool SignatureFormatter(string strKeyPrivate, byte[] HashbyteSignature, ref byte[] EncryptedSignatureData) { try { System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider(); RSA.FromXmlString(strKeyPrivate); System.Security.Cryptography.RSAPKCS1SignatureFormatter RSAFormatter = new System.Security.Cryptography.RSAPKCS1SignatureFormatter(RSA); //设置签名的算法为MD5 RSAFormatter.SetHashAlgorithm("MD5"); //执行签名 EncryptedSignatureData = RSAFormatter.CreateSignature(HashbyteSignature); return true; } catch (Exception ex) { throw ex; } } /// <summary> /// RSA签名 /// </summary> /// <param name="strKeyPrivate">私钥</param> /// <param name="HashbyteSignature">待签名Hash描述</param> /// <param name="m_strEncryptedSignatureData">签名后的结果</param> /// <returns></returns> static public bool SignatureFormatter(string strKeyPrivate, byte[] HashbyteSignature, ref string strEncryptedSignatureData) { try { byte[] EncryptedSignatureData; System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider(); RSA.FromXmlString(strKeyPrivate); System.Security.Cryptography.RSAPKCS1SignatureFormatter RSAFormatter = new System.Security.Cryptography.RSAPKCS1SignatureFormatter(RSA); //设置签名的算法为MD5 RSAFormatter.SetHashAlgorithm("MD5"); //执行签名 EncryptedSignatureData = RSAFormatter.CreateSignature(HashbyteSignature); strEncryptedSignatureData = Convert.ToBase64String(EncryptedSignatureData); return true; } catch (Exception ex) { throw ex; } } /// <summary> /// RSA签名 /// </summary> /// <param name="strKeyPrivate">私钥</param> /// <param name="strHashbyteSignature">待签名Hash描述</param> /// <param name="EncryptedSignatureData">签名后的结果</param> /// <returns></returns> static public bool SignatureFormatter(string strKeyPrivate, string strHashbyteSignature, ref byte[] EncryptedSignatureData) { try { byte[] HashbyteSignature; HashbyteSignature = Convert.FromBase64String(strHashbyteSignature); System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider(); RSA.FromXmlString(strKeyPrivate); System.Security.Cryptography.RSAPKCS1SignatureFormatter RSAFormatter = new System.Security.Cryptography.RSAPKCS1SignatureFormatter(RSA); //设置签名的算法为MD5 RSAFormatter.SetHashAlgorithm("MD5"); //执行签名 EncryptedSignatureData = RSAFormatter.CreateSignature(HashbyteSignature); return true; } catch (Exception ex) { throw ex; } } /// <summary> /// RSA签名 /// </summary> /// <param name="strKeyPrivate">私钥</param> /// <param name="strHashbyteSignature">待签名Hash描述</param> /// <param name="strEncryptedSignatureData">签名后的结果</param> /// <returns></returns> static public bool SignatureFormatter(string strKeyPrivate, string strHashbyteSignature, ref string strEncryptedSignatureData) { try { byte[] HashbyteSignature; byte[] EncryptedSignatureData; HashbyteSignature = Convert.FromBase64String(strHashbyteSignature); System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider(); RSA.FromXmlString(strKeyPrivate); System.Security.Cryptography.RSAPKCS1SignatureFormatter RSAFormatter = new System.Security.Cryptography.RSAPKCS1SignatureFormatter(RSA); //设置签名的算法为MD5 RSAFormatter.SetHashAlgorithm("MD5"); //执行签名 EncryptedSignatureData = RSAFormatter.CreateSignature(HashbyteSignature); strEncryptedSignatureData = Convert.ToBase64String(EncryptedSignatureData); return true; } catch (Exception ex) { throw ex; } } #endregion #region RSA 签名验证 /// <summary> /// RSA签名验证 /// </summary> /// <param name="strKeyPublic">公钥</param> /// <param name="HashbyteDeformatter">Hash描述</param> /// <param name="DeformatterData">签名后的结果</param> /// <returns></returns> static public bool SignatureDeformatter(string strKeyPublic, byte[] HashbyteDeformatter, byte[] DeformatterData) { try { System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider(); RSA.FromXmlString(strKeyPublic); System.Security.Cryptography.RSAPKCS1SignatureDeformatter RSADeformatter = new System.Security.Cryptography.RSAPKCS1SignatureDeformatter(RSA); //指定解密的时候HASH算法为MD5 RSADeformatter.SetHashAlgorithm("MD5"); if (RSADeformatter.VerifySignature(HashbyteDeformatter, DeformatterData)) { return true; } else { return false; } } catch (Exception ex) { throw ex; } } /// <summary> /// RSA签名验证 /// </summary> /// <param name="strKeyPublic">公钥</param> /// <param name="strHashbyteDeformatter">Hash描述</param> /// <param name="DeformatterData">签名后的结果</param> /// <returns></returns> static public bool SignatureDeformatter(string strKeyPublic, string strHashbyteDeformatter, byte[] DeformatterData) { try { byte[] HashbyteDeformatter; HashbyteDeformatter = Convert.FromBase64String(strHashbyteDeformatter); System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider(); RSA.FromXmlString(strKeyPublic); System.Security.Cryptography.RSAPKCS1SignatureDeformatter RSADeformatter = new System.Security.Cryptography.RSAPKCS1SignatureDeformatter(RSA); //指定解密的时候HASH算法为MD5 RSADeformatter.SetHashAlgorithm("MD5"); if (RSADeformatter.VerifySignature(HashbyteDeformatter, DeformatterData)) { return true; } else { return false; } } catch (Exception ex) { throw ex; } } /// <summary> /// RSA签名验证 /// </summary> /// <param name="strKeyPublic">公钥</param> /// <param name="HashbyteDeformatter">Hash描述</param> /// <param name="strDeformatterData">签名后的结果</param> /// <returns></returns> static public bool SignatureDeformatter(string strKeyPublic, byte[] HashbyteDeformatter, string strDeformatterData) { try { byte[] DeformatterData; System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider(); RSA.FromXmlString(strKeyPublic); System.Security.Cryptography.RSAPKCS1SignatureDeformatter RSADeformatter = new System.Security.Cryptography.RSAPKCS1SignatureDeformatter(RSA); //指定解密的时候HASH算法为MD5 RSADeformatter.SetHashAlgorithm("MD5"); DeformatterData = Convert.FromBase64String(strDeformatterData); if (RSADeformatter.VerifySignature(HashbyteDeformatter, DeformatterData)) { return true; } else { return false; } } catch (Exception ex) { throw ex; } } /// <summary> /// RSA签名验证 /// </summary> /// <param name="strKeyPublic">公钥</param> /// <param name="strHashbyteDeformatter">Hash描述</param> /// <param name="strDeformatterData">签名后的结果</param> /// <returns></returns> static public bool SignatureDeformatter(string strKeyPublic, string strHashbyteDeformatter, string strDeformatterData) { try { byte[] DeformatterData; byte[] HashbyteDeformatter; HashbyteDeformatter = Convert.FromBase64String(strHashbyteDeformatter); System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider(); RSA.FromXmlString(strKeyPublic); System.Security.Cryptography.RSAPKCS1SignatureDeformatter RSADeformatter = new System.Security.Cryptography.RSAPKCS1SignatureDeformatter(RSA); //指定解密的时候HASH算法为MD5 RSADeformatter.SetHashAlgorithm("MD5"); DeformatterData = Convert.FromBase64String(strDeformatterData); if (RSADeformatter.VerifySignature(HashbyteDeformatter, DeformatterData)) { return true; } else { return false; } } catch (Exception ex) { throw ex; } } #endregion #endregion #region 公钥私钥DotNet和Java互转 /// <summary> /// RSA私钥格式转换,java->.net /// </summary> /// <param name="privateKey">java生成的RSA私钥</param> /// <returns></returns> public static string RSAPrivateKeyJava2DotNet(string privateKey) { RsaPrivateCrtKeyParameters privateKeyParam = (RsaPrivateCrtKeyParameters)PrivateKeyFactory.CreateKey(Convert.FromBase64String(privateKey)); return string.Format("<RSAKeyValue><Modulus>{0}</Modulus><Exponent>{1}</Exponent><P>{2}</P><Q>{3}</Q><DP>{4}</DP><DQ>{5}</DQ><InverseQ>{6}</InverseQ><D>{7}</D></RSAKeyValue>", Convert.ToBase64String(privateKeyParam.Modulus.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.PublicExponent.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.P.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.Q.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.DP.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.DQ.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.QInv.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.Exponent.ToByteArrayUnsigned())); } /// <summary> /// RSA私钥格式转换,.net->java /// </summary> /// <param name="privateKey">.net生成的私钥</param> /// <returns></returns> public static string RSAPrivateKeyDotNet2Java(string privateKey) { XmlDocument doc = new XmlDocument(); doc.LoadXml(privateKey); BigInteger m = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Modulus")[0].InnerText)); BigInteger exp = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Exponent")[0].InnerText)); BigInteger d = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("D")[0].InnerText)); BigInteger p = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("P")[0].InnerText)); BigInteger q = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Q")[0].InnerText)); BigInteger dp = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("DP")[0].InnerText)); BigInteger dq = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("DQ")[0].InnerText)); BigInteger qinv = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("InverseQ")[0].InnerText)); RsaPrivateCrtKeyParameters privateKeyParam = new RsaPrivateCrtKeyParameters(m, exp, d, p, q, dp, dq, qinv); PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateKeyParam); byte[] serializedPrivateBytes = privateKeyInfo.ToAsn1Object().GetEncoded(); return Convert.ToBase64String(serializedPrivateBytes); } /// <summary> /// RSA公钥格式转换,java->.net /// </summary> /// <param name="publicKey">java生成的公钥</param> /// <returns></returns> public static string RSAPublicKeyJava2DotNet(string publicKey) { RsaKeyParameters publicKeyParam = (RsaKeyParameters)PublicKeyFactory.CreateKey(Convert.FromBase64String(publicKey)); return string.Format("<RSAKeyValue><Modulus>{0}</Modulus><Exponent>{1}</Exponent></RSAKeyValue>", Convert.ToBase64String(publicKeyParam.Modulus.ToByteArrayUnsigned()), Convert.ToBase64String(publicKeyParam.Exponent.ToByteArrayUnsigned())); } /// <summary> /// RSA公钥格式转换,.net->java /// </summary> /// <param name="publicKey">.net生成的公钥</param> /// <returns></returns> public static string RSAPublicKeyDotNet2Java(string publicKey) { XmlDocument doc = new XmlDocument(); doc.LoadXml(publicKey); BigInteger m = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Modulus")[0].InnerText)); BigInteger p = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Exponent")[0].InnerText)); RsaKeyParameters pub = new RsaKeyParameters(false, m, p); SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pub); byte[] serializedPublicBytes = publicKeyInfo.ToAsn1Object().GetDerEncoded(); return Convert.ToBase64String(serializedPublicBytes); } #endregion } }