Java和.Net互相使用RSA加密时的问题和处理方法
前言
我们产品是使用JAVA语言开发的,有个供第三方获取Token的接口,过程大概就是第三方先调一个注册接口,获取一个RSA公钥,然后用通过公钥加密后的一些认证信息调用获取Token的接口,如果信息无误,则发放Token。
前段时间就遇到了对方是使用.Net进行开发的系统,在第一步获取公钥时没用问题,加密后的信息传过来就怎么都解密不了的情况,后来了解到,C#的默认密钥格式上似乎是略有不同才导致的问题。
NET Framework中,的RSACryptoServiceProvider默认使用Microsoft的专有格式
Java 通常使用PKCS#8格式的私钥和X.509格式的公钥
解决方案
其实C#中转换一下就可以了
示例代码
RsaApi.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using Org.BouncyCastle.Asn1.Pkcs;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Pkcs;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.X509;
using System.Xml;
using System.Text;
using System.Security.Cryptography;
namespace RsaApi
{
public class RSAConvert
{
/// <summary>
/// RSA私钥格式转换,java->.net
/// </summary>
/// <param name="privateKey">java生成的RSA私钥</param>
/// <returns></returns>
public static string RSAPrivateKeyJava2DotNet(string privateKey)
{
RsaPrivateCrtKeyParameters privateKeyParam = (RsaPrivateCrtKeyParameters)PrivateKeyFactory.CreateKey(Convert.FromBase64String(privateKey));
return string.Format("<RSAKeyValue><Modulus>{0}</Modulus><Exponent>{1}</Exponent><P>{2}</P><Q>{3}</Q><DP>{4}</DP><DQ>{5}</DQ><InverseQ>{6}</InverseQ><D>{7}</D></RSAKeyValue>",
Convert.ToBase64String(privateKeyParam.Modulus.ToByteArrayUnsigned()),
Convert.ToBase64String(privateKeyParam.PublicExponent.ToByteArrayUnsigned()),
Convert.ToBase64String(privateKeyParam.P.ToByteArrayUnsigned()),
Convert.ToBase64String(privateKeyParam.Q.ToByteArrayUnsigned()),
Convert.ToBase64String(privateKeyParam.DP.ToByteArrayUnsigned()),
Convert.ToBase64String(privateKeyParam.DQ.ToByteArrayUnsigned()),
Convert.ToBase64String(privateKeyParam.QInv.ToByteArrayUnsigned()),
Convert.ToBase64String(privateKeyParam.Exponent.ToByteArrayUnsigned()));
}
/// <summary>
/// RSA私钥格式转换,.net->java
/// </summary>
/// <param name="privateKey">.net生成的私钥</param>
/// <returns></returns>
public static string RSAPrivateKeyDotNet2Java(string privateKey)
{
XmlDocument doc = new XmlDocument();
doc.LoadXml(privateKey);
BigInteger m = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Modulus")[0].InnerText));
BigInteger exp = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Exponent")[0].InnerText));
BigInteger d = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("D")[0].InnerText));
BigInteger p = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("P")[0].InnerText));
BigInteger q = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Q")[0].InnerText));
BigInteger dp = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("DP")[0].InnerText));
BigInteger dq = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("DQ")[0].InnerText));
BigInteger qinv = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("InverseQ")[0].InnerText));
RsaPrivateCrtKeyParameters privateKeyParam = new RsaPrivateCrtKeyParameters(m, exp, d, p, q, dp, dq, qinv);
PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateKeyParam);
byte[] serializedPrivateBytes = privateKeyInfo.ToAsn1Object().GetEncoded();
return Convert.ToBase64String(serializedPrivateBytes);
}
/// <summary>
/// RSA公钥格式转换,java->.net
/// </summary>
/// <param name="publicKey">java生成的公钥</param>
/// <returns></returns>
public static string RSAPublicKeyJava2DotNet(string publicKey)
{
RsaKeyParameters publicKeyParam = (RsaKeyParameters)PublicKeyFactory.CreateKey(Convert.FromBase64String(publicKey));
return string.Format("<RSAKeyValue><Modulus>{0}</Modulus><Exponent>{1}</Exponent></RSAKeyValue>",
Convert.ToBase64String(publicKeyParam.Modulus.ToByteArrayUnsigned()),
Convert.ToBase64String(publicKeyParam.Exponent.ToByteArrayUnsigned()));
}
/// <summary>
/// RSA公钥格式转换,.net->java
/// </summary>
/// <param name="publicKey">.net生成的公钥</param>
/// <returns></returns>
public static string RSAPublicKeyDotNet2Java(string publicKey)
{
XmlDocument doc = new XmlDocument();
doc.LoadXml(publicKey);
BigInteger m = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Modulus")[0].InnerText));
BigInteger p = new BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Exponent")[0].InnerText));
RsaKeyParameters pub = new RsaKeyParameters(false, m, p);
SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pub);
byte[] serializedPublicBytes = publicKeyInfo.ToAsn1Object().GetDerEncoded();
return Convert.ToBase64String(serializedPublicBytes);
}
/// <summary>
/// rsa加密
/// </summary>
/// <param name="xmlPublicKey"></param>
/// <param name="m_strEncryptString"></param>
/// <returns></returns>
public static string RSAEncrypt(string xmlPublicKey, string m_strEncryptString)
{
try
{
byte[] PlainTextBArray;
byte[] CypherTextBArray;
string Result;
System.Security.Cryptography.RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.FromXmlString(xmlPublicKey);
PlainTextBArray = (new UTF8Encoding()).GetBytes(m_strEncryptString);
CypherTextBArray = rsa.Encrypt(PlainTextBArray, false);
Result = Convert.ToBase64String(CypherTextBArray);
return Result;
}
catch (Exception ex)
{
throw ex;
}
}
}
}
Program.cs
using System.Security.Cryptography.X509Certificates;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Security.Cryptography;
using Org.BouncyCastle.Asn1.Pkcs;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto.Generators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Pkcs;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Crypto.Engines;
using Org.BouncyCastle.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Crypto.Encodings;
namespace Program
{
public class Program
{
private static Encoding Encoding_UTF8 = Encoding.UTF8;
public struct RSAKEY
{
public string PublicKey
{
get;
set;
}
public string PrivateKey
{
get;
set;
}
}
//// 测试主方法
static void Main(string[] args)
{
Program p =new Program();
RSAKEY rsa = p.GetKey();
string publickey = rsa.PublicKey;
string privateKey = rsa.PrivateKey;
string s = p.EncryptByPublicKey("2882e099-c705-43ed-93a3-02cb2cd67559","MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGlTbBJzXF1fVv/+cB37QUwC5bmlm+p5KIuPIMuPX4PrhXl63R3e2bCfwhootzUdOcmmFAX6f9fWBj1Bc4lQem+FvFvE3Y53tNvGUdlNakysfXAVF8Q1PnPyGrVqiEsTHt3WMq/8vD29XJQMQ1FRvHZfY60ptypvNvvzES9JxC66RYskPHmTnerIRFzmXAJ0GUavpT3smg+K+vM5aSgfYbnuoANJTb4RMh358GTkTt4dAXRn0qpbhO+7+xbxmfOzHH9jlJ66JQr7q+W2PawNXnE4xsdwQ/1D0hT78zniTTaFyvfxBOQzx/6o1MNTZAWyhuSw7niJXUNGySJRS87OJQIDAQAB");
Console.WriteLine(s);
}
public RSAKEY GetKey()
{
//RSA密钥对的构造器
RsaKeyPairGenerator keyGenerator = new RsaKeyPairGenerator();
//RSA密钥构造器的参数
RsaKeyGenerationParameters param = new RsaKeyGenerationParameters(
Org.BouncyCastle.Math.BigInteger.ValueOf(3),
new Org.BouncyCastle.Security.SecureRandom(),
1024, //密钥长度
25);
//用参数初始化密钥构造器
keyGenerator.Init(param);
//产生密钥对
AsymmetricCipherKeyPair keyPair = keyGenerator.GenerateKeyPair();
//获取公钥和密钥
AsymmetricKeyParameter publicKey = keyPair.Public;
AsymmetricKeyParameter privateKey = keyPair.Private;
SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);
PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateKey);
Asn1Object asn1ObjectPublic = subjectPublicKeyInfo.ToAsn1Object();
byte[] publicInfoByte = asn1ObjectPublic.GetEncoded("UTF-8");
Asn1Object asn1ObjectPrivate = privateKeyInfo.ToAsn1Object();
byte[] privateInfoByte = asn1ObjectPrivate.GetEncoded("UTF-8");
RSAKEY item = new RSAKEY()
{
PublicKey = Convert.ToBase64String(publicInfoByte),
PrivateKey = Convert.ToBase64String(privateInfoByte)
};
return item;
}
private AsymmetricKeyParameter GetPublicKeyParameter(string keyBase64)
{
keyBase64 = keyBase64.Replace("\r", "").Replace("\n", "").Replace(" ", "");
byte[] publicInfoByte = Convert.FromBase64String(keyBase64);
Asn1Object pubKeyObj = Asn1Object.FromByteArray(publicInfoByte);//这里也可以从流中读取,从本地导入
AsymmetricKeyParameter pubKey = PublicKeyFactory.CreateKey(publicInfoByte);
return pubKey;
}
private AsymmetricKeyParameter GetPrivateKeyParameter(string keyBase64)
{
keyBase64 = keyBase64.Replace("\r", "").Replace("\n", "").Replace(" ", "");
byte[] privateInfoByte = Convert.FromBase64String(keyBase64);
// Asn1Object priKeyObj = Asn1Object.FromByteArray(privateInfoByte);//这里也可以从流中读取,从本地导入
// PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateKey);
AsymmetricKeyParameter priKey = PrivateKeyFactory.CreateKey(privateInfoByte);
return priKey;
}
/// <summary>
/// 私钥加密
/// </summary>
/// <param name="data">加密内容</param>
/// <param name="privateKey">私钥(Base64后的)</param>
/// <returns>返回Base64内容</returns>
public string EncryptByPrivateKey(string data, string privateKey)
{
//非对称加密算法,加解密用
IAsymmetricBlockCipher engine = new Pkcs1Encoding(new RsaEngine());
//加密
try
{
engine.Init(true, GetPrivateKeyParameter(privateKey));
byte[] byteData = Encoding_UTF8.GetBytes(data);
var ResultData = engine.ProcessBlock(byteData, 0, byteData.Length);
return Convert.ToBase64String(ResultData);
}
catch (Exception ex)
{
throw ex;
}
}
/// <summary>
/// 私钥解密
/// </summary>
/// <param name="data">待解密的内容</param>
/// <param name="privateKey">私钥(Base64编码后的)</param>
/// <returns>返回明文</returns>
public string DecryptByPrivateKey(string data, string privateKey)
{
data = data.Replace("\r", "").Replace("\n", "").Replace(" ", "");
//非对称加密算法,加解密用
IAsymmetricBlockCipher engine = new Pkcs1Encoding(new RsaEngine());
//解密
try
{
engine.Init(false, GetPrivateKeyParameter(privateKey));
byte[] byteData = Convert.FromBase64String(data);
var ResultData = engine.ProcessBlock(byteData, 0, byteData.Length);
return Encoding_UTF8.GetString(ResultData);
}
catch (Exception ex)
{
throw ex;
}
}
/// <summary>
/// 公钥加密
/// </summary>
/// <param name="data">加密内容</param>
/// <param name="publicKey">公钥(Base64编码后的)</param>
/// <returns>返回Base64内容</returns>
public string EncryptByPublicKey(string data, string publicKey)
{
//非对称加密算法,加解密用
IAsymmetricBlockCipher engine = new Pkcs1Encoding(new RsaEngine());
//加密
try
{
engine.Init(true, GetPublicKeyParameter(publicKey));
byte[] byteData = Encoding_UTF8.GetBytes(data);
var ResultData = engine.ProcessBlock(byteData, 0, byteData.Length);
return Convert.ToBase64String(ResultData);
}
catch (Exception ex)
{
throw ex;
}
}
/// <summary>
/// 公钥解密
/// </summary>
/// <param name="data">待解密的内容</param>
/// <param name="publicKey">公钥(Base64编码后的)</param>
/// <returns>返回明文</returns>
public string DecryptByPublicKey(string data, string publicKey)
{
data = data.Replace("\r", "").Replace("\n", "").Replace(" ", "");
//非对称加密算法,加解密用
IAsymmetricBlockCipher engine = new Pkcs1Encoding(new RsaEngine());
//解密
try
{
engine.Init(false, GetPublicKeyParameter(publicKey));
byte[] byteData = Convert.FromBase64String(data);
var ResultData = engine.ProcessBlock(byteData, 0, byteData.Length);
return Encoding_UTF8.GetString(ResultData);
}
catch (Exception ex)
{
throw ex;
}
}
}
}
Java和.Net互相使用RSA加密时的问题和处理方法的更多相关文章
- 电信级的RSA加密后的密码的破解方法
一直以来,电信通过HTTP劫持推送广告的方式已经存在了很多年了,这种手段至今并未停止.这种手段月光博客曾经有多次曝光,见<电信级的网络弹出广告>.<获取了电信恶意弹出广告的罪证> ...
- Android MD5加密、RSA加密
现在公司做金融项目,需要考虑安全加密方面的问题.感谢大牛同事(冯哥) ,给我很大的帮助. 考虑到安全优化,我们把秘钥.加密步骤放到native中.考虑用到的技术:(1 )jni,(2 )OpenSSL ...
- RSA 加密解密使用实例
http://www.dtmao.cc/news_show_692109.shtml 本文不讨论RSA加密解密本身,只记录使用方法及遇到的坑,RSA原理及注意事项可在网上查找. 背景:公司的一个需求, ...
- C# Java间进行RSA加密解密交互(二)
原文:C# Java间进行RSA加密解密交互(二) 接着前面一篇文章C# Java间进行RSA加密解密交互,继续探讨这个问题. 在前面,虽然已经实现了C# Java间进行RSA加密解密交互,但是还是与 ...
- java和php实现RSA加密互通-b
java和PHP RSA加密实现互通 1:通过openssl 生成公钥和密钥文件(linux) (1) 生产私钥文件命令 openssl genrsa -out rsa_private_key.pe ...
- Java MD5加密与RSA加密
区别: MD5加密: 加密时通过原字符串加密成另一串字符串 解密时需要原加密字符串进行重新加密比较两次加密结果是否一致 T=RSA加密: 加密时通过原字符串生成密钥对(公钥+私钥) 解密时通过公钥和私 ...
- Java使用RSA加密解密签名及校验
RSA加密解密类: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 ...
- Java采用RSA加密及解密技术的有关Maven项目的配置流程:
第一步: 获得RSA公钥私钥(秘钥格式:PKCS#8 ,测试使用的是无私钥密码的) 公钥: -----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4G ...
- JAVA RSA加密AES加密
RSA加密: import sun.misc.BASE64Decoder; import sun.misc.BASE64Encoder; import javax.crypto.Cipher; imp ...
- Java & PHP & Javascript 通用 RSA 加密 解密 (长字符串)
系统与系统的数据交互中,有些敏感数据是不能直接明文传输的,所以在发送数据之前要进行加密,在接收到数据时进行解密处理:然而由于系统与系统之间的开发语言不同. 本次需求是生成二维码是通过java生成,由p ...
随机推荐
- Identity – Introduction & Scaffold
主要参考: Introduction to Identity on ASP.NET Core Start by command dotnet new webapp --auth Individual ...
- BOOST 定时器 stop探究
Asio是一个建立在Boost所提供的相关组件之上的异步的网络库,可以运行在Win/Linux/Unix等各种平台之上. 不过随着C++11的发布,其对Boost的依赖也越来越少,作者又做了一个不依赖 ...
- SXYZ-7.3训练赛
T1 房 啥啥啥,T1又又又爆了,整个人精神状态 良好. 解题思路 考虑数据保证任意两个房子不重合 建一个结构体存两边 最后判断一下 \(>t\) 加两个 \(==t\) 加一个 == 但是!! ...
- SpringCloud入门(四)Ribbon负载均衡
一.Ribbon负载均衡原理SpringCloud底层其实是利用了一个名为Ribbon的组件,来实现负载均衡功能的. SpringCloudRibbon的底层采用了一个拦截器,拦截了RestTempl ...
- DOM 的事件流
事件流分为三个阶段:捕获 ==>目标 ==>冒泡 1. 事件捕获阶段:事件传播由目标节点的祖先节点逐级传播到目标节点.先由文档的根 节点 document(window)开始触发对象,最后 ...
- Required request parameter ‘xxx‘ for method parameter type xxxx is not present 解决方式
我在controller层传实体参数时加了@RequestParam,结果报Required request parameter 'pointlist' for method parameter ty ...
- KubeSphere 3.1.0 GA:混合多云走向边缘,让应用无处不在
2021 年 4 月 29 日,KubeSphere 开源社区激动地向大家宣布,KubeSphere 3.1.0 正式发布!为了帮助企业最大化资源利用效率,KubeSphere 打造了一个以 Kube ...
- KubeSphere 使用 HTTPS 协议集成 Harbor 镜像仓库指南
作者:申红磊,青云科技容器解决方案架构师,开源项目爱好者,KubeSphere Member. 上面两篇文章讲了如何部署 HTTPS Harbor 和对接 HTTP 的 Harbor 镜像仓库:接下来 ...
- CF939 D
CF939 D 让你把区间分成 \(k\) 段, 段内用 \(xor\) 连接, 段之间用 \(or\) 连接,问你在结果不大于 \(x\) 的前提下, \(k\) 的最大值 \(1 \leq n \ ...
- 5.7 Linux Vim可视化模式
相信大家都使用过带图形界面的操作系统中的文字编辑器,用户可以使用鼠标来选择要操作的文本,非常方便.在 Vim 编辑器中也有类似的功能,但不是通过鼠标,而是通过键盘来选择要操作的文本. 在 Vim 中, ...