最近因为项目需要通过RSA加密来保证客户端与服务端的通信安全。但是C#自带的RSA算法类RSACryptoServiceProvider只支持公钥加密私钥解密,即数字证书的使用。
所以参考了一些网上的资料写了一个RSA的算法实现。算法实现是基于网上提供的一个大整数类。
一、密钥管理
取得密钥主要是通过2种方式
一种是通过RSACryptoServiceProvider取得:
/// <summary> /// RSA算法对象,此处主要用于获取密钥对 /// </summary> private RSACryptoServiceProvider RSA;
/// <summary> /// 取得密钥 /// </summary> /// <param name="includPrivateKey">true:包含私钥 false:不包含私钥</param> /// <returns></returns> public string ToXmlString(bool includPrivateKey) { if (includPrivateKey) { return RSA.ToXmlString(true); } else { return RSA.ToXmlString(false); } }
/// <summary> /// 通过密钥初始化RSA对象 /// </summary> /// <param name="xmlString">XML格式的密钥信息</param> public void FromXmlString(string xmlString) { RSA.FromXmlString(xmlString); }
一种是通过BigInteger中的获取大素数的方法
/// <summary> /// 取得密钥对 /// </summary> /// <param name="n">大整数</param> /// <param name="e">公钥</param> /// <param name="d">密钥</param> public void GetKey(out string n,out string e,out string d ) { byte[] pseudoPrime1 = { (byte)0x85, (byte)0x84, (byte)0x64, (byte)0xFD, (byte)0x70, (byte)0x6A, (byte)0x9F, (byte)0xF0, (byte)0x94, (byte)0x0C, (byte)0x3E, (byte)0x2C, (byte)0x74, (byte)0x34, (byte)0x05, (byte)0xC9, (byte)0x55, (byte)0xB3, (byte)0x85, (byte)0x32, (byte)0x98, (byte)0x71, (byte)0xF9, (byte)0x41, (byte)0x21, (byte)0x5F, (byte)0x02, (byte)0x9E, (byte)0xEA, (byte)0x56, (byte)0x8D, (byte)0x8C, (byte)0x44, (byte)0xCC, (byte)0xEE, (byte)0xEE, (byte)0x3D, (byte)0x2C, (byte)0x9D, (byte)0x2C, (byte)0x12, (byte)0x41, (byte)0x1E, (byte)0xF1, (byte)0xC5, (byte)0x32, (byte)0xC3, (byte)0xAA, (byte)0x31, (byte)0x4A, (byte)0x52, (byte)0xD8, (byte)0xE8, (byte)0xAF, (byte)0x42, (byte)0xF4, (byte)0x72, (byte)0xA1, (byte)0x2A, (byte)0x0D, (byte)0x97, (byte)0xB1, (byte)0x31, (byte)0xB3, };
byte[] pseudoPrime2 = { (byte)0x99, (byte)0x98, (byte)0xCA, (byte)0xB8, (byte)0x5E, (byte)0xD7, (byte)0xE5, (byte)0xDC, (byte)0x28, (byte)0x5C, (byte)0x6F, (byte)0x0E, (byte)0x15, (byte)0x09, (byte)0x59, (byte)0x6E, (byte)0x84, (byte)0xF3, (byte)0x81, (byte)0xCD, (byte)0xDE, (byte)0x42, (byte)0xDC, (byte)0x93, (byte)0xC2, (byte)0x7A, (byte)0x62, (byte)0xAC, (byte)0x6C, (byte)0xAF, (byte)0xDE, (byte)0x74, (byte)0xE3, (byte)0xCB, (byte)0x60, (byte)0x20, (byte)0x38, (byte)0x9C, (byte)0x21, (byte)0xC3, (byte)0xDC, (byte)0xC8, (byte)0xA2, (byte)0x4D, (byte)0xC6, (byte)0x2A, (byte)0x35, (byte)0x7F, (byte)0xF3, (byte)0xA9, (byte)0xE8, (byte)0x1D, (byte)0x7B, (byte)0x2C, (byte)0x78, (byte)0xFA, (byte)0xB8, (byte)0x02, (byte)0x55, (byte)0x80, (byte)0x9B, (byte)0xC2, (byte)0xA5, (byte)0xCB, };
BigInteger bi_p = new BigInteger(pseudoPrime1); BigInteger bi_q = new BigInteger(pseudoPrime2); BigInteger bi_pq = (bi_p - 1) * (bi_q - 1); BigInteger bi_n = bi_p * bi_q; Random rand = new Random(); BigInteger bi_e = bi_pq.genCoPrime(512, rand); BigInteger bi_d = bi_e.modInverse(bi_pq); n = bi_n.ToHexString(); e = bi_e.ToHexString(); d = bi_d.ToHexString(); }
二、加密处理(分别对应两种密钥取得方式)
公钥加密
/// <summary> /// 通过公钥加密 /// </summary> /// <param name="dataStr">待加密字符串</param> /// <returns>加密结果</returns> public byte[] EncryptByPublicKey(string dataStr) { //取得公钥参数 RSAParameters rsaparameters = RSA.ExportParameters(false); byte[] keyN = rsaparameters.Modulus; byte[] keyE = rsaparameters.Exponent; //大整数N BigInteger biN = new BigInteger(keyN); //公钥大素数 BigInteger biE = new BigInteger(keyE); //加密 return EncryptString(dataStr, biE, biN); }
/// <summary> /// 通过公钥加密 /// </summary> /// <param name="dataStr">待加密字符串</param> /// <param name="n">大整数n</param> /// <param name="e">公钥</param> /// <returns>加密结果</returns> public byte[] EncryptByPublicKey(string dataStr,string n,string e) { //大整数N BigInteger biN = new BigInteger(n,16); //公钥大素数 BigInteger biE = new BigInteger(e,16); //加密 return EncryptString(dataStr, biE, biN); }
私钥解密
/// <summary> /// 通过私钥解密 /// </summary> /// <param name="dataBytes">待解密字符数组</param> /// <returns>解密结果</returns> public string DecryptByPrivateKey(byte[] dataBytes) { //取得私钥参数 RSAParameters rsaparameters = RSA.ExportParameters(true); byte[] keyN = rsaparameters.Modulus; byte[] keyD = rsaparameters.D; //大整数N BigInteger biN = new BigInteger(keyN); //私钥大素数 BigInteger biD = new BigInteger(keyD); //解密 return DecryptBytes(dataBytes, biD, biN); }
/// <summary> /// 通过私钥解密 /// </summary> /// <param name="dataBytes">待解密字符数组</param> /// <param name="n">大整数n</param> /// <param name="d">私钥</param> /// <returns>解密结果</returns> public string DecryptByPrivateKey(byte[] dataBytes,string n,string d) { //大整数N BigInteger biN = new BigInteger(n,16); //私钥大素数 BigInteger biD = new BigInteger(d,16); //解密 return DecryptBytes(dataBytes, biD, biN); }
私钥加密
/// <summary> /// 通过私钥加密 /// </summary> /// <param name="dataStr">待加密字符串</param> /// <returns>加密结果</returns> public byte[] EncryptByPrivateKey(string dataStr) { //取得私钥参数 RSAParameters rsaparameters = RSA.ExportParameters(true); byte[] keyN = rsaparameters.Modulus; byte[] keyD = rsaparameters.D; //大整数N BigInteger biN = new BigInteger(keyN); //私钥大素数 BigInteger biD = new BigInteger(keyD); //加密 return EncryptString(dataStr, biD, biN); }
/// <summary> /// 通过私钥加密 /// </summary> /// <param name="dataStr">待加密字符串</param> /// <param name="n">大整数n</param> /// <param name="d">私钥</param> /// <returns>加密结果</returns> public byte[] EncryptByPrivateKey(string dataStr,string n,string d) { //大整数N BigInteger biN = new BigInteger(n, 16); //私钥大素数 BigInteger biD = new BigInteger(d, 16); //加密 return EncryptString(dataStr, biD, biN); }
公钥解密
/// <summary> /// 通过公钥解密 /// </summary> /// <param name="dataBytes">待解密字符数组</param> /// <returns>解密结果</returns> public string DecryptByPublicKey(byte[] dataBytes) { //取得公钥参数 RSAParameters rsaparameters = RSA.ExportParameters(false); byte[] keyN = rsaparameters.Modulus; byte[] keyE = rsaparameters.Exponent; //大整数N BigInteger biN = new BigInteger(keyN); //公钥大素数 BigInteger biE = new BigInteger(keyE); //解密 return DecryptBytes(dataBytes, biE, biN); }
/// <summary> /// 通过公钥解密 /// </summary> /// <param name="dataBytes">待加密字符串</param> /// <param name="n">大整数n</param> /// <param name="e">公钥</param> /// <returns>解密结果</returns> public string DecryptByPublicKey(byte[] dataBytes,string n,string e) { //大整数N BigInteger biN = new BigInteger(n,16); //公钥大素数 BigInteger biE = new BigInteger(e,16); //解密 return DecryptBytes(dataBytes, biE, biN); }
三、算法实现
加密
/// <summary> /// 加密字符串 /// </summary> /// <param name="dataStr">待加密字符串</param> /// <param name="keyNmu">密钥大素数</param> /// <param name="nNum">大整数N</param> /// <returns>加密结果</returns> private byte[] EncryptString(string dataStr, BigInteger keyNum, BigInteger nNum) { byte[] bytes = System.Text.Encoding.UTF8.GetBytes(dataStr); int len = bytes.Length; int len1 = 0; int blockLen = 0; if ((len % 120) == 0) len1 = len / 120; else len1 = len / 120 + 1; List<byte> tempbytes = new List<byte>(); for (int i = 0; i < len1; i++) { if (len >= 120) { blockLen = 120; } else { blockLen = len; } byte[] oText = new byte[blockLen]; Array.Copy(bytes, i * 120, oText, 0, blockLen); string res = Encoding.UTF8.GetString(oText); BigInteger biText = new BigInteger(oText); BigInteger biEnText = biText.modPow(keyNum, nNum); //补位 byte[] testbyte = null; string resultStr = biEnText.ToHexString(); if (resultStr.Length < 256) { while (resultStr.Length != 256) { resultStr = "0" + resultStr; } } byte[] returnBytes = new byte[128]; for (int j = 0; j < returnBytes.Length; j++) returnBytes[j] = Convert.ToByte(resultStr.Substring(j * 2, 2), 16); tempbytes.AddRange(returnBytes); len -= blockLen; } return tempbytes.ToArray(); }
注:分块大小最大理论值是128位。但是考虑到实际使用中可能会有位溢出的情况,所以此处使用120
将biginteger对象转为byte数组时,原本采用的是BigIneger类提供的GetBytes()方法,但是实际使用中发现,此方法取得的byte数组有一定的几率会出现偏差。所以改成使用ToHexString()方法取得16进制字符串再转成byte数组。
为了解密时byte数组块长度固定,补位操作必须执行。
解密
/// <summary> /// 解密字符数组 /// </summary> /// <param name="dataBytes">待解密字符数组</param> /// <param name="KeyNum">密钥大素数</param> /// <param name="nNum">大整数N</param> /// <returns>解密结果</returns> private string DecryptBytes(byte[] dataBytes, BigInteger KeyNum, BigInteger nNum) { int len = dataBytes.Length; int len1 = 0; int blockLen = 0; if (len % 128 == 0) { len1 = len / 128; } else { len1 = len / 128 + 1; } List<byte> tempbytes = new List<byte>(); for (int i = 0; i < len1; i++) { if (len >= 128) { blockLen = 128; } else { blockLen = len; } byte[] oText = new byte[blockLen]; Array.Copy(dataBytes, i * 128, oText, 0, blockLen); BigInteger biText = new BigInteger(oText); BigInteger biEnText = biText.modPow(KeyNum, nNum); byte[] testbyte= biEnText.getBytes(); string str = Encoding.UTF8.GetString(testbyte); tempbytes.AddRange(testbyte); len -= blockLen; } return System.Text.Encoding.UTF8.GetString(tempbytes.ToArray()); }
基本算法就是这样,经过10000次测试,没有误差出现。下面是算法实现的类和在网上找到的大整数类。
|
请发表评论