RSA:非对称加密(公钥加密)
用途:
- 数据加密:公钥加密,私钥解密。私钥不用来加密的原因在于,公钥是公开的,私钥加密公钥解密时没有必要的。加密的明文和密文长度有限制。
- 数字签名:对数据摘要信息进行签名,以保证来源数据的正确性。实现上数据摘要一般是数据的hash值,MD5、SHA1等。
可见RSA一般很少用于较大数据的加密
密钥生成(公钥、私钥)
static void RSAGenKey(out string publicKey, out string privateKey)
{
try
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
publicKey = rsa.ToXmlString(false);
privateKey = rsa.ToXmlString(true);
}
catch (Exception e)
{
throw e;
}
}
数据加密
加密的明文和密文长度有限制,加密明文长度有限制,加密明文长度有限制!
/// <summary>
/// 公钥加密
/// </summary>
/// <param name="str"></param>
/// <param name="publicKey"></param>
/// <returns></returns>
static string RSAEncrypt(string str, string publicKey)
{
try
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.FromXmlString(publicKey);
byte[] bytes = Encoding.UTF8.GetBytes(str);
byte[] result = rsa.Encrypt(bytes, false);
return Convert.ToBase64String(result);
}
catch (Exception e) {
throw e;
}
}
/// <summary>
/// 私钥解密
/// </summary>
/// <param name="str"></param>
/// <param name="privateKey"></param>
/// <returns></returns>
static string RSADecrypt(string str, string privateKey)
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.FromXmlString(privateKey);
byte[] bytes = Convert.FromBase64String(str);
byte[] result = rsa.Decrypt(bytes, false);
return Encoding.UTF8.GetString(result);
}
数据签名
/// <summary>
/// 密钥对数据进行签名并返回
/// </summary>
/// <param name="str"></param>
/// <param name="privateKey"></param>
/// <returns></returns>
static string RSASign(string str, string privateKey)
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.FromXmlString(privateKey);
HashAlgorithm algrithm = new MD5CryptoServiceProvider();
var result = rsa.SignData(Encoding.UTF8.GetBytes(str), algrithm);
return Convert.ToBase64String(result);
}
/// <summary>
/// 公钥对对数据及签名进行验证
/// </summary>
/// <param name="str"></param>
/// <param name="publicKey"></param>
/// <returns></returns>
static bool RSAVerify(string str, string publicKey, string key)
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.FromXmlString(publicKey);
HashAlgorithm algrithm = new MD5CryptoServiceProvider();
return rsa.VerifyData(Encoding.UTF8.GetBytes(str), algrithm, Convert.FromBase64String(key));
}