RSA 分段加解密【解决“不正确的长度”的异常】

方法1:

RSA 是常用的非对称加密算法。最近使用时却出现了“不正确的长度”的异常,研究发现是由于待加密的数据超长所致。

  .NET Framework 中提供的 RSA 算法规定:

  待加密的字节数不能超过密钥的长度值除以 8 再减去 11(即:RSACryptoServiceProvider.KeySize / 8 - 11),而加密后得到密文的字节数,正好是密钥的长度值除以 8(即:RSACryptoServiceProvider.KeySize / 8)。

  所以,如果要加密较长的数据,则可以采用分段加解密的方式,实现方式如下:

 

代码:

namespace Macroresolute.RSACryptoService
{
public static class RSACrypto
{
private static readonly Encoding Encoder = Encoding.UTF8;

public static String Encrypt(this String plaintext)
{
X509Certificate2 _X509Certificate2 = RSACrypto.RetrieveX509Certificate();
using (RSACryptoServiceProvider RSACryptography = _X509Certificate2.PublicKey.Key as RSACryptoServiceProvider)
{
Byte[] PlaintextData = RSACrypto.Encoder.GetBytes(plaintext);
int MaxBlockSize = RSACryptography.KeySize / 8 - 11; //加密块最大长度限制

if (PlaintextData.Length <= MaxBlockSize)
return Convert.ToBase64String(RSACryptography.Encrypt(PlaintextData, false));

using (MemoryStream PlaiStream = new MemoryStream(PlaintextData))
using (MemoryStream CrypStream = new MemoryStream())
{
Byte[] Buffer = new Byte[MaxBlockSize];
int BlockSize = PlaiStream.Read(Buffer, 0, MaxBlockSize);

while (BlockSize > 0)
{
Byte[] ToEncrypt = new Byte[BlockSize];
Array.Copy(Buffer, 0, ToEncrypt, 0, BlockSize);

Byte[] Cryptograph = RSACryptography.Encrypt(ToEncrypt, false);
CrypStream.Write(Cryptograph, 0, Cryptograph.Length);

BlockSize = PlaiStream.Read(Buffer, 0, MaxBlockSize);
}

return Convert.ToBase64String(CrypStream.ToArray(), Base64FormattingOptions.None);
}
}
}

public static String Decrypt(this String ciphertext)
{
X509Certificate2 _X509Certificate2 = RSACrypto.RetrieveX509Certificate();
using (RSACryptoServiceProvider RSACryptography = _X509Certificate2.PrivateKey as RSACryptoServiceProvider)
{
Byte[] CiphertextData = Convert.FromBase64String(ciphertext);
int MaxBlockSize = RSACryptography.KeySize / 8; //解密块最大长度限制

if (CiphertextData.Length <= MaxBlockSize)
return RSACrypto.Encoder.GetString(RSACryptography.Decrypt(CiphertextData, false));

using (MemoryStream CrypStream = new MemoryStream(CiphertextData))
using (MemoryStream PlaiStream = new MemoryStream())
{
Byte[] Buffer = new Byte[MaxBlockSize];
int BlockSize = CrypStream.Read(Buffer, 0, MaxBlockSize);

while (BlockSize > 0)
{
Byte[] ToDecrypt = new Byte[BlockSize];
Array.Copy(Buffer, 0, ToDecrypt, 0, BlockSize);

Byte[] Plaintext = RSACryptography.Decrypt(ToDecrypt, false);
PlaiStream.Write(Plaintext, 0, Plaintext.Length);

BlockSize = CrypStream.Read(Buffer, 0, MaxBlockSize);
}

return RSACrypto.Encoder.GetString(PlaiStream.ToArray());
}
}
}

private static X509Certificate2 RetrieveX509Certificate()
{
return null; //检索用于 RSA 加密的 X509Certificate2 证书
}
}
}

 

 

 

 

方法2:

 

RSACryptoServiceProvider rsa = new
RSACryptoServiceProvider();


       byte[] data = ........;        
//要加密的数据


       string publicKey = .... ;  //获取公钥


       rsa.FromXmlString(publicKey);


       int keySize = rsa.KeySize / 8;


       int bufferSize = keySize - 11;


       byte[] buffer = new
byte[bufferSize];


       MemoryStream msInput = new
MemoryStream(data);


       MemoryStream msOuput = new
MemoryStream();


       int readLen = msInput.Read(buffer, 0,
bufferSize);


       while(readLen > 0)


       {


               byte[] dataToEnc = new
byte[readLen];


               Array.Copy(buffer, 0 , dataToEnc,
0, readLen);


               byte[] encData =
rsa.Encrypt(dataToEnc , false);


               msOutput.Write(encData, 0,
encData.Length);


               readLen = msInput.Read(buffer, 0,
bufferSize);


       }


       msInput.Close();


       byte[] result = msOutput.ToArray();   
//得到加密结果


       msOutput.Close();


       rsa.Clear();


 


解密时肯定也要使用分段解密,算法如下:


       RSACryptoServiceProvider rsa = new
RSACryptoServiceProvider();


       byte[] key = .....;    //加载私钥
       string privateKey =
Encoding.ASCII.GetString(key);
       byte[] dataEnc = ...;   //加载密文


       rsa.FromXmlString(privateKey);


       int keySize = rsa.KeySize / 8;


       byte[]
buffer = new byte[keySize];


       MemoryStream msInput = new
MemoryStream(dataEnc );


       MemoryStream msOuput = new
MemoryStream();


       int readLen = msInput.Read(buffer, 0,
keySize);


       while(readLen > 0)


       {


               byte[] dataToDec = new
byte[readLen];


               Array.Copy(buffer, 0 , dataToDec,
0, readLen);


               byte[] decData =
rsa.Decrypt(dataToDec , false);


               msOutput.Write(decData, 0,
decData.Length);


               readLen = msInput.Read(buffer, 0,
keySize);


       }


       msInput.Close();


       byte[] result = msOutput.ToArray();   
//得到解密结果


       msOutput.Close();


       rsa.Clear();

posted @ 2015-07-14 16:39  西西M  阅读(848)  评论(0编辑  收藏  举报