使用证书来做RSA非对称式加密
本示例中使用了WSE(Web Service Enhancement)中对证书相关操作的功能,本文中所使用的WSE版本为2.0TP。基于.net framework 1.1
using System;
using System.Security.Cryptography;
using X509=Microsoft.Web.Services.Security.X509;
namespace Util
{
/// <summary>
/// EncryptionWithRSA 的摘要说明。
/// </summary>
public class EncryptionWithRSA
{
/// <summary>
/// CertificateName的内部变量
/// </summary>
private string _CertificateName="";
/// <summary>
/// 构造函数
/// </summary>
public EncryptionWithRSA()
{
}
/// <summary>
/// 构造函数
/// </summary>
/// <param name="CertificateName">证书名称</param>
public EncryptionWithRSA(string CertificateName)
{
this._CertificateName=CertificateName;
}
/// <summary>
/// 证书名称
/// </summary>
public string CertificateName
{
get
{
return _CertificateName;
}
set
{
_CertificateName=value;
}
}
/// <summary>
/// 使用WSE的功能来查找证书
/// </summary>
/// <returns>X509Certificate</returns>
private X509.X509Certificate GetCertificate(X509.X509CertificateStore store)
{
X509.X509CertificateStore store;
X509.X509CertificateCollection certs;
X509.X509Certificate cert;
store=X509.X509CertificateStore.CurrentUserStore(store.MyStore);
if(!store.Open())
throw new System.Exception("CertificateStore can't open!");
certs=store.FindCertificateBySubjectString(this._CertificateName);
if(certs.Count==0)
throw new System.Exception("Can not find certificate");
cert=certs[0];
return cert;
}
/// <summary>
/// 获取证书的密钥信息以XML的形式返回
/// </summary>
/// <param name="cert">Certificate证书</param>
/// <param name="PrivateKey">是否获取私钥信息</param>
/// <returns>密钥信息</returns>
private string GetRSAParameters(X509.X509Certificate cert,bool PrivateKey)
{
AsymmetricAlgorithm _key;
string xml="";
if(!PrivateKey)
{
_key=cert.PublicKey;
xml=_key.ToXmlString(false);
}
else
{
_key=cert.Key;
xml=_key.ToXmlString(true);
}
return xml;
}
/// <summary>
/// 加密数据
/// </summary>
/// <param name="data">待加密的数据</param>
/// <returns>加密后的数据</returns>
public string EncryptionData(byte[] data)
{
X509.X509Certificate cert;
byte[] output;
string msg;
cert=GetCertificate(X509.X509CertificateStore.CAStore);
string xml=this.GetRSAParameters(cert,false);
RSACryptoServiceProvider rsa=new RSACryptoServiceProvider(1024);
rsa.FromXmlString(xml);
output=rsa.Encrypt(data,false);
msg=Convert.ToBase64String(output);
return msg;
}
/// <summary>
/// 解密数据
/// </summary>
/// <param name="EncodeData">待解密的数据</param>
/// <returns>解密后的数据</returns>
public byte[] DecryptionData(string EncodeData)
{
X509.X509Certificate cert;
byte[] output,btencode;
cert=GetCertificate(X509.X509CertificateStore.MyStore);
string xml=this.GetRSAParameters(cert,true);
btencode=Convert.FromBase64String(EncodeData);
RSACryptoServiceProvider rsa=new RSACryptoServiceProvider(1024);
rsa.FromXmlString(xml);
output=rsa.Decrypt(btencode,false);
return output;
}
}
}
using System.Security.Cryptography;
using X509=Microsoft.Web.Services.Security.X509;
namespace Util
{
/// <summary>
/// EncryptionWithRSA 的摘要说明。
/// </summary>
public class EncryptionWithRSA
{
/// <summary>
/// CertificateName的内部变量
/// </summary>
private string _CertificateName="";
/// <summary>
/// 构造函数
/// </summary>
public EncryptionWithRSA()
{
}
/// <summary>
/// 构造函数
/// </summary>
/// <param name="CertificateName">证书名称</param>
public EncryptionWithRSA(string CertificateName)
{
this._CertificateName=CertificateName;
}
/// <summary>
/// 证书名称
/// </summary>
public string CertificateName
{
get
{
return _CertificateName;
}
set
{
_CertificateName=value;
}
}
/// <summary>
/// 使用WSE的功能来查找证书
/// </summary>
/// <returns>X509Certificate</returns>
private X509.X509Certificate GetCertificate(X509.X509CertificateStore store)
{
X509.X509CertificateStore store;
X509.X509CertificateCollection certs;
X509.X509Certificate cert;
store=X509.X509CertificateStore.CurrentUserStore(store.MyStore);
if(!store.Open())
throw new System.Exception("CertificateStore can't open!");
certs=store.FindCertificateBySubjectString(this._CertificateName);
if(certs.Count==0)
throw new System.Exception("Can not find certificate");
cert=certs[0];
return cert;
}
/// <summary>
/// 获取证书的密钥信息以XML的形式返回
/// </summary>
/// <param name="cert">Certificate证书</param>
/// <param name="PrivateKey">是否获取私钥信息</param>
/// <returns>密钥信息</returns>
private string GetRSAParameters(X509.X509Certificate cert,bool PrivateKey)
{
AsymmetricAlgorithm _key;
string xml="";
if(!PrivateKey)
{
_key=cert.PublicKey;
xml=_key.ToXmlString(false);
}
else
{
_key=cert.Key;
xml=_key.ToXmlString(true);
}
return xml;
}
/// <summary>
/// 加密数据
/// </summary>
/// <param name="data">待加密的数据</param>
/// <returns>加密后的数据</returns>
public string EncryptionData(byte[] data)
{
X509.X509Certificate cert;
byte[] output;
string msg;
cert=GetCertificate(X509.X509CertificateStore.CAStore);
string xml=this.GetRSAParameters(cert,false);
RSACryptoServiceProvider rsa=new RSACryptoServiceProvider(1024);
rsa.FromXmlString(xml);
output=rsa.Encrypt(data,false);
msg=Convert.ToBase64String(output);
return msg;
}
/// <summary>
/// 解密数据
/// </summary>
/// <param name="EncodeData">待解密的数据</param>
/// <returns>解密后的数据</returns>
public byte[] DecryptionData(string EncodeData)
{
X509.X509Certificate cert;
byte[] output,btencode;
cert=GetCertificate(X509.X509CertificateStore.MyStore);
string xml=this.GetRSAParameters(cert,true);
btencode=Convert.FromBase64String(EncodeData);
RSACryptoServiceProvider rsa=new RSACryptoServiceProvider(1024);
rsa.FromXmlString(xml);
output=rsa.Decrypt(btencode,false);
return output;
}
}
}