摘要:RSA算法生成公钥私钥对,发送方用RSA公钥加密,接收方用RSA私钥解密。文件内容签名和验证用DSA算法,用于验证文件内容没有被修改过。发送方除了发送加密后的密文,还要发送签名信息;接收方解密密文,还要验证接收的内容是否与原始发送的内容一致,即确保没有被篡改。
using System.Security.Cryptography;
private static readonly int CurrentBitStrength = 1024;
1. 生成公钥私钥对
/// <summary>
/// 生成公钥私钥对
/// </summary>
private void GenerateKeys()
{
RSACryptoServiceProvider rsaProvider = new RSACryptoServiceProvider(CurrentBitStrength);
string publicPrivateKeysContent = rsaProvider.ToXmlString(true);
string publicOnlyKeysContent = rsaProvider.ToXmlString(false);
ViewData["public-private"] = Session["public-private"] = publicPrivateKeysContent;
ViewData["public-only"] = Session["public-only"] = publicOnlyKeysContent;
DSACryptoServiceProvider dsaProvider = new DSACryptoServiceProvider();
Session["dsa-public-private"] = dsaProvider.ToXmlString(true);
Session["dsa-public-only"] = dsaProvider.ToXmlString(false);
}
2. 加密
/// <summary>
/// 加密
/// </summary>
/// <param name="txtInput"></param>
/// <returns></returns>
private string EncryptContent(string txtInput)
{
int bitStrength = CurrentBitStrength;
string publicOnlyKeys = Session["public-only"].ToString();
RSACryptoServiceProvider rsaProvider = new RSACryptoServiceProvider(bitStrength);
byte[] plainBytes = System.Text.Encoding.UTF8.GetBytes(txtInput);
//发送方RSA公钥加密
rsaProvider.FromXmlString(publicOnlyKeys);
byte[] cipherBytes = rsaProvider.Encrypt(plainBytes, false);
//发送方DSA签名
DSACryptoServiceProvider dsaProvider = new DSACryptoServiceProvider(CurrentBitStrength);
dsaProvider.FromXmlString(Session["dsa-public-private"].ToString());
byte[] signedBytes = dsaProvider.SignData(plainBytes);
Session["DSA-Signed-Digest"] = signedBytes;
return Convert.ToBase64String(cipherBytes);
}
3. 解密
/// <summary>
/// 解密
/// </summary>
/// <param name="txtEncryted"></param>
/// <returns></returns>
private string DecryptContent(string txtEncryted)
{
int bitStrength = CurrentBitStrength;
string publicPrivateKeys = Session["public-Private"].ToString();
RSACryptoServiceProvider rsaProvider = new RSACryptoServiceProvider(bitStrength);
rsaProvider.FromXmlString(publicPrivateKeys);
//接收方RSA私钥解密
byte[] encryptedBytes = Convert.FromBase64String(txtEncryted);
byte[] plainBytes = rsaProvider.Decrypt(encryptedBytes, false);
//接收方DSA验证签名
byte[] signedBytes = (byte[])Session["DSA-Signed-Digest"];
DSACryptoServiceProvider dsaProvider = new DSACryptoServiceProvider();
dsaProvider.FromXmlString(Session["dsa-public-private"].ToString());
bool isSigned = dsaProvider.VerifyData(plainBytes, signedBytes);
return System.Text.Encoding.UTF8.GetString(plainBytes);
}
备注:
此代码经过asp.net mvc调试环境验证,此处贴出核心部分代码,供参考。