RSACryptoServiceProvider加密解密签名验签和DESCryptoServiceProvider加解密
原文:RSACryptoServiceProvider加密解密签名验签和DESCryptoServiceProvider加解密
C#在using System.Security.Cryptography下有 DESCryptoServiceProvider RSACryptoServiceProvider
DESCryptoServiceProvider 是用于对称加密 RSACryptoServiceProvider是用于非对称加密
对称加密的意思:有一个密钥 相当于加密算法,加密用它来加密,解密也需要用到它。因为加密解密都是用同一个密钥所以叫对称加密。 对称加密有一个坏处只要拥有密钥的人都可以解密。
非对称加密:就是有2个密钥,一个是公钥,一个是私钥,私钥是自己的,不能随便给人,公钥随便给,无所谓。一般是别人用你的公钥加密,然后把密文给你,你用你的私钥解密,这样一样加密和解密不是同一个密钥,所以叫非对称。 非对称的好处是假如没有私钥别人是无法解密的,就算加密的那个人他把数据加密了他也无法解密,加密者把密文和公钥随便给那个人都无法解密。
数字签名:数字签名的意义就是这些数据与原文数据比对是否修改过,这个解释有点麻烦,当初我也搞了好久才理解!一般是用自己的私钥对数据进行签名,然后用公钥去验证这个数据是否修改过
-
现在该说说DESCryptoServiceProvider 和RSACryptoServiceProvider 在C#中的具体怎么用:
-
1、用RSACryptoServiceProvider 加密解密
//加密解密用到的公钥与私钥
RSACryptoServiceProvider oRSA = new RSACryptoServiceProvider();
string privatekey=oRSA.ToXmlString(true);//私钥
string publickey=oRSA.ToXmlString(false);//公钥
//这两个密钥需要保存下来
byte[] messagebytes = Encoding.UTF8.GetBytes("luo罗"); //需要加密的数据
-
//公钥加密
RSACryptoServiceProvider oRSA1 = new RSACryptoServiceProvider();
oRSA1.FromXmlString(publickey); //加密要用到公钥所以导入公钥
byte[] AOutput = oRSA1.Encrypt(messagebytes ,false); //AOutput 加密以后的数据
-
//私钥解密
RSACryptoServiceProvider oRSA2 = new RSACryptoServiceProvider();
oRSA2.FromXmlString(privatekey);
byte[] AInput = oRSA2.Decrypt(AOutput, false);
string reslut=Encoding.ASCII.GetString(AInput)
2、用RSACryptoServiceProvider签名验签
byte[] messagebytes = Encoding.UTF8.GetBytes("luo罗");
RSACryptoServiceProvider oRSA = new RSACryptoServiceProvider();
string privatekey = oRSA.ToXmlString(true);
string publickey = oRSA.ToXmlString(false);
//私钥签名
RSACryptoServiceProvider oRSA3 = new RSACryptoServiceProvider();
oRSA3.FromXmlString(privatekey);
byte[] AOutput = oRSA3.SignData(messagebytes, "SHA1");
//公钥验证
RSACryptoServiceProvider oRSA4 = new RSACryptoServiceProvider();
oRSA4.FromXmlString(publickey);
bool bVerify = oRSA4.VerifyData(messagebytes, "SHA1", AOutput);
3、用证书进行签名
// 因为一般证书的私钥是不可以导出的所以所以用第2种方法导入私钥的来进行签名行不通
byte[] messagebytes = Encoding.UTF8.GetBytes("luo罗");
string Path = @"D:\Certificate\1.P12";
X509Certificate2 x509 = new X509Certificate2(Path, "");
SHA1 sha1 = new SHA1CryptoServiceProvider();
byte[] hashbytes = sha1.ComputeHash(messagebytes); //对要签名的数据进行哈希
RSAPKCS1SignatureFormatter signe = new RSAPKCS1SignatureFormatter();
signe.SetKey(x509.PrivateKey); //设置签名用到的私钥
signe.SetHashAlgorithm("SHA1"); //设置签名算法
byte[] reslut = signe.CreateSignature(hashbytes);
//验签:与第2方法相同
RSACryptoServiceProvider oRSA4 = new RSACryptoServiceProvider();
oRSA4.FromXmlString(x509.PublicKey.Key.ToXmlString(false));
bool bVerify = oRSA4.VerifyData(messagebytes, "SHA1", reslut);
4、用证书加密解密
string Path = @"D:\Certificate\1.P12";
X509Certificate2 x509 = new X509Certificate2(Path, "");
byte[] data = System.Text.Encoding.UTF8.GetBytes("cheshi罗");
-
//证书公钥加密
RSACryptoServiceProvider oRSA1 = new RSACryptoServiceProvider(); oRSA1.FromXmlString(x509.PublicKey.Key.ToXmlString(false));
-
byte[] AOutput = oRSA1.Encrypt(data, false);
-
//证书私钥解密
RSACryptoServiceProvider rsa2 = (RSACryptoServiceProvider)x509.PrivateKey;
byte[] plainbytes = rsa2.Decrypt(AOutput, false);
string reslut = Encoding.UTF8.GetString(plainbytes);
5用证书对文件加密解密,因为文件可能特别大 所以需要用流和buffer的方式来,鄙视把文件全部读到byte[]里进行加密的人,假如文件5G,那全部读到byte[]里崩溃掉
private void Form1_Load(object sender, EventArgs e)
{
x509=new X509Certificate2(Path, "");
RSACryptoServiceProvider oRSA1 = new RSACryptoServiceProvider();
Encrypt();
Decrypt();
}
private void Decrypt()
{
string FilePath = "2.txt";
string OutFile = "3.txt";
System.IO.FileStream picfs = new System.IO.FileStream(FilePath, System.IO.FileMode.Open);
System.IO.FileStream fs = new System.IO.FileStream(OutFile, System.IO.FileMode.OpenOrCreate);
oRSA1 = (RSACryptoServiceProvider)x509.PrivateKey;
int blocksize = oRSA1.KeySize/;
-
byte[] buffer, buffer1, encryblock;
bool Closed = true;
while (Closed)
{
buffer = null;
buffer = new byte[blocksize];
int k = picfs.Read(buffer, , buffer.Length);
if (k > )
{
if (blocksize == k)
{
encryblock = oRSA1.Decrypt(buffer, false);
fs.Write(encryblock, , encryblock.Length);
}
else
{
buffer1 = new byte[k];
for (int i = ; i < k; i++)
{
buffer1[i] = buffer[i];
}
encryblock = oRSA1.Decrypt(buffer1, false);
fs.Write(encryblock, , encryblock.Length);
}
}
else
{
picfs.Close();
fs.Close();
Closed = false;
}
}
-
}
private void Encrypt()
{
string FilePath = "1.txt";
string OutFile = "2.txt";
//证书公钥加密
-
oRSA1.FromXmlString(x509.PublicKey.Key.ToXmlString(false));
System.IO.FileStream picfs = new System.IO.FileStream(FilePath, System.IO.FileMode.Open);
System.IO.FileStream fs = new System.IO.FileStream(OutFile, System.IO.FileMode.OpenOrCreate);
int blocksize = ;
if (oRSA1.KeySize == )
{
blocksize = ;
}
else
{
blocksize = ;
}
byte[] buffer, buffer1, encryblock;
bool Closed = true;
while (Closed)
{
buffer = null;
buffer = new byte[blocksize];
int k = picfs.Read(buffer, , buffer.Length);
if (k > )
{
if (blocksize == k)
{
encryblock = oRSA1.Encrypt(buffer, false);
fs.Write(encryblock, , encryblock.Length);
}
else
{
buffer1 = new byte[k];
for (int i = ; i < k; i++)
{
buffer1[i] = buffer[i];
}
encryblock = oRSA1.Encrypt(buffer1, false);
fs.Write(encryblock, , encryblock.Length);
}
}
else
{
picfs.Close();
fs.Close();
Closed = false;
}
}
}
6用证书对文件进行签名验签,因为文件可能特别大 所以需要用流和buffer的方式来
private void Form1_Load(object sender, EventArgs e)
{
x509 = new X509Certificate2(Path, "");
SignFile("1.txt", "11.txt"); VerifyFile("1.txt", "11.txt");
}
private bool VerifyFile(string FileName, string SignedFileName)
{ bool reslut = true; System.IO.StreamReader objread = new System.IO.StreamReader(FileName);
System.IO.StreamReader objreadSigned = new System.IO.StreamReader(SignedFileName); RSACryptoServiceProvider VeryRsa = new RSACryptoServiceProvider();
VeryRsa.FromXmlString(x509.PublicKey.Key.ToXmlString(false)); int Inblocksize = ;
int Signedblocksize = ;
if (VeryRsa.KeySize == )
{
Inblocksize = ;
}
else
{
Inblocksize = ;
}
Signedblocksize = VeryRsa.KeySize / ; bool Closed = true;
byte[] Buffer; //原文缓存区
byte[] InBuffer;//原文缓存区
byte[] Buffer1;//签名文件缓存区
while (Closed)
{
Buffer = null;
Buffer = new byte[Inblocksize];
int k = objread.BaseStream.Read(Buffer, , Buffer.Length);
if (k > )
{
if (Inblocksize == k) //读出来的长度和缓存区一样大
{
Buffer1 = new byte[Signedblocksize];
objreadSigned.BaseStream.Read(Buffer1, , Buffer1.Length);
reslut = VeryRsa.VerifyData(Buffer,"SHA1",Buffer1);
if (!reslut)
{
Closed = false;
}
}
else
{ //意思是Buffer没满,只有k个字节,k字节后面全是空所以不需要验签
InBuffer = new byte[k];
for (int i = ; i < k; i++)
{
InBuffer[i] = Buffer[i];
}
Buffer1 = new byte[Signedblocksize];
objreadSigned.BaseStream.Read(Buffer1, , Buffer1.Length);
reslut = VeryRsa.VerifyData(InBuffer, "SHA1", Buffer1);
if (!reslut)
{
Closed = false;
}
}
}
else
{
//这里的意思是原文已经读完毕了,并且已经和签名文件对应验签成功,那么
//签名文件也必须读完毕了。
if (objreadSigned.BaseStream.Position!= objreadSigned.BaseStream.Length)
{
reslut = false;
}
objreadSigned.Close();
objread.Close();
Closed = false;
}
}
return reslut; }
private void SignFile(string InFileName,string OutFileName)
{
RSACryptoServiceProvider SignRsa = (RSACryptoServiceProvider)x509.PrivateKey; System.IO.StreamReader objread = new System.IO.StreamReader(InFileName);
System.IO.StreamWriter objwrite = new System.IO.StreamWriter(OutFileName, false); int blocksize = ;
if (SignRsa.KeySize == )
{
blocksize = ;
}
else
{
blocksize = ;
} bool Closed = true;
byte[] Buffer = new byte[blocksize];
byte[] buffer1, SignBytes;
while (Closed)
{
int k = objread.BaseStream.Read(Buffer, , Buffer.Length);
if (k > )
{
if (k == blocksize)
{
SignBytes = SignRsa.SignData(Buffer, "SHA1");
objwrite.BaseStream.Write(SignBytes, , SignBytes.Length);
}
else
{
buffer1 = new byte[k];
for (int i = ; i < k; i++)
{
buffer1[i] = Buffer[i];
}
SignBytes = SignRsa.SignData(buffer1, "SHA1");
objwrite.BaseStream.Write(SignBytes, , SignBytes.Length);
}
}
else
{
Closed = false;
objread.Close();
objwrite.Close();
}
} }
7、用DESCryptoServiceProvider 进行对称加密
byte[] messagebytes = Encoding.UTF8.GetBytes("LUO罗");
//需要用的对称密钥
DESCryptoServiceProvider Des = new DESCryptoServiceProvider();
byte[] key = Des.Key;
//加密
DESCryptoServiceProvider tdesProvider = new DESCryptoServiceProvider();
tdesProvider.Key = key;
tdesProvider.Mode = CipherMode.ECB;
byte[] encrypted = tdesProvider.CreateEncryptor().TransformFinalBlock(messagebytes, , messagebytes.Length);
//解密
DESCryptoServiceProvider tdesProvider2 = new DESCryptoServiceProvider();
tdesProvider.Key = key1;
tdesProvider.Mode = CipherMode.ECB;
byte[] outputdata = tdesProvider.CreateDecryptor().TransformFinalBlock(encrypted, , encrypted.Length);
string reslut = Encoding.UTF8.GetString(outputdata);
//7用DESCryptoServiceProvider 加解密 流
CryptoStream csDecrypt = new CryptoStream(Stream, Des.CreateEncryptor(), CryptoStreamMode.Write);
CryptoStream csDecrypt = new CryptoStream(Stream, Des.CreateDecryptor(), CryptoStreamMode.Write);
RSACryptoServiceProvider加密解密签名验签和DESCryptoServiceProvider加解密的更多相关文章
- C# RSA加解密与验签,AES加解密,以及与JAVA平台的密文加解密
前言: RSA算法是利用公钥与密钥对数据进行加密验证的一种算法.一般是拿私钥对数据进行签名,公钥发给友商,将数据及签名一同发给友商,友商利用公钥对签名进行验证.也可以使用公钥对数据加密,然后用私钥对数 ...
- C# RSACryptoServiceProvider加密解密签名验签和DESCryptoServic
C#在using System.Security.Cryptography下有 DESCryptoServiceProvider RSACryptoServiceProvider DESCryptoS ...
- js rsa sign使用笔记(加密,解密,签名,验签)
你将会收获: js如何加密, 解密 js如何签名, 验签 js和Java交互如何相互解密, 验签(重点) 通过谷歌, 发现jsrsasign库使用者较多. 查看api发现这个库功能很健全. 本文使用方 ...
- Java RSA 加密 解密 签名 验签
原文:http://gaofulai1988.iteye.com/blog/2262802 import java.io.FileInputStream; import java.io.FileOut ...
- [Python3] RSA的加解密和签名/验签实现 -- 使用pycrytodome
Crypto 包介绍: pycrypto,pycrytodome 和 crypto 是一个东西,crypto 在 python 上面的名字是 pycrypto 它是一个第三方库,但是已经停止更新,所以 ...
- RSA密钥生成、加密解密、签名验签
RSA 非对称加密公钥加密,私钥解密 私钥签名,公钥验签 下面是生成随机密钥对: //随机生成密钥对 KeyPairGenerator keyPairGen = null; try { keyPair ...
- 支付接口中常用的加密解密以及验签rsa,md5,sha
一.常用加密类型分类 1.对称加密:采用单钥对信息进行加密和解密,即同一个秘钥既可以对信息进行加密,也可以进行解密.此类型称之为对称加密.特点速度快,常用于对大量数据信息或文件加密时使用.常用例子:D ...
- 利用SHA-1算法和RSA秘钥进行签名验签(带注释)
背景介绍 1.SHA 安全散列算法SHA (Secure Hash Algorithm)是美国国家标准和技术局发布的国家标准FIPS PUB 180-1,一般称为SHA-1.其对长度不超过264二进制 ...
- 数据安全管理:RSA加密算法,签名验签流程详解
本文源码:GitHub·点这里 || GitEE·点这里 一.RSA算法简介 1.加密解密 RSA加密是一种非对称加密,在公开密钥加密和电子商业中RSA被广泛使用.可以在不直接传递密钥的情况下,完成加 ...
随机推荐
- 【u003】计算概率
Time Limit: 1 second Memory Limit: 128 MB [问题描述] 小明有n个长度不一的小木棍,这些木棍的长度都是正整数.小明的父亲想和小明做一个游戏.他规定一个整数长度 ...
- [CSS] Change the auto-placement behaviour of grid items with grid-auto-flow
We can change the automatic behaviour of what order our grid items appear. We can even re-order the ...
- 【iOS】自己定义TabBarController
一.自己定义的思路 iOS中的TabBarController确实已经非常强大了.大部分主流iOS应用都会採用. 可是往往也不能满足所有的需求,因此须要自己定义TabBar,自己定义须要对系统的Tab ...
- innodb_data_file_path参数误修改解决方法
如果innodb_data_file_path参数被修改乱了,不知道原来值的大小,这样启动是会报错的.知道原来大小方法: 方法一:操作系统下ls -l看到原来大小,直接用ls -l显示的大小,复制即可 ...
- Git Push问题remote: hooks/update:10 undefined method 'require_relative' for main:Object(NomethodError)
今天在提交代码时遇到到了一个非常蛋疼的问题,remote: hooks/update:10 undefined method 'require_relative' for main:Object(No ...
- URL传递中文参数,大坑一枚,Windows与Linux效果竟然不一致(两种解决方法)
下午,计划2个小时搞定,个人官网第6次升级,就可以干点轻松的事了,结果,下午多搞了2个小时,晚上又搞了2个小时,才搞定. 最后一个世界难题是,URL传递中文参数. 问题大致是这么出现的:我为" ...
- WPF入门(三)->几何图形之椭圆形(EllipseGeometry)
原文:WPF入门(三)->几何图形之椭圆形(EllipseGeometry) 我们可以使用EllipseGeometry 来绘制一个椭圆或者圆形的图形 EllipseGeometry类: 表示圆 ...
- Shell脚本实现在Linux系统中自动安装JDK
A:本脚本运行的机器,Linux B:待安装JDK的机器, Linux 首先在脚本运行的机器A上确定可以ssh无密码登录到待安装jdk的机器B上,然后就可以在A上运行本脚本: 复制代码 代码如下: $ ...
- AsyncTask下载图片
最近在看一个非常早期曾经写过代码,装上去召回.本文首先召回AsyncTask的基本使用. AsyncTask说简单点就是 开启一个线程.而且把结果提交给ui线程. Thread+Handler,只 ...
- MapReduce 切片机制源码分析
总体来说大概有以下2个大的步骤 1.连接集群(yarnrunner或者是localjobrunner) 2.submitter.submitJobInternal()在该方法中会创建提交路径,计算切片 ...