English 中文(简体)
RSA 使用 X509 证书加密和解密2
原标题:RSA Encryption and Decryption with X509certificate2

所以,我需要的是下一个:

  1. Create certifiactes for development, get one for the client and one for server
  2. Retrieve password through API that is encoded from client and decode it on server

现在,我设法在这一链接 之后创建了证书。那里的女孩一步一步地指示如何获得自签的证书,把它们储存起来,等等......现在,我对这个链接有问题的部分是:

我设法用这个代码加密了我的数据:

public static string Encrypt(string stringForEncription, string PathToPrivateKey)
    {
        X509Certificate2 myCertificate;
        try
        {
            myCertificate = new X509Certificate2(PathToPrivateKey, "Test123");
        }
        catch (Exception e)
        {
            throw new CryptographicException("Unable to open key file.");
        }

        RSACryptoServiceProvider rsaObj;
        if (myCertificate.HasPrivateKey)
        {
            rsaObj = (RSACryptoServiceProvider)myCertificate.PrivateKey;
        }
        else
            throw new CryptographicException("Private key not contained within certificate.");

        if (rsaObj == null)
            return String.Empty;

        byte[] decryptedBytes;
        byte[] array = Encoding.UTF8.GetBytes(stringForEncription);
        try
        {
            decryptedBytes = rsaObj.Encrypt(array, false);
            //decryptedBytes = rsaObj.Encrypt(Convert.FromBase64String(Base64EncryptedData), false);
        }
        catch (Exception e)
        {
            throw new CryptographicException("Unable to encrypt data.");
        }

        //    Check to make sure we decrpyted the string 
        if (decryptedBytes.Length == 0)
            return String.Empty;
        else
            return System.Text.Encoding.UTF8.GetString(decryptedBytes);
    }

PathToPriet 键变量 我使用客户客户端 literCert.pfx 的路径。 我不知道我是否应该使用其他的路径, 但这里是文件夹的折号, 上面有我制作的所有证书 :

现在,对于解密,我使用下一个代码:

 public static string DecryptEncryptedData(string Base64EncryptedData, string PathToPrivateKey)
    {
        X509Certificate2 myCertificate;
        try
        {
            myCertificate = new X509Certificate2(PathToPrivateKey, "Test123");
        }
        catch (Exception e)
        {
            throw new CryptographicException("Unable to open key file.");
        }

        RSACryptoServiceProvider rsaObj;
        if (myCertificate.HasPrivateKey)
        {
            rsaObj = (RSACryptoServiceProvider)myCertificate.PrivateKey;
        }
        else
            throw new CryptographicException("Private key not contained within certificate.");

        if (rsaObj == null)
            return String.Empty;

        byte[] decryptedBytes;
        try
        {
            decryptedBytes = rsaObj.Decrypt(Convert.FromBase64String(Base64EncryptedData), false);
        }
        catch (Exception e)
        {
            throw new CryptographicException("Unable to decrypt data.");
        }

        //    Check to make sure we decrpyted the string 
        if (decryptedBytes.Length == 0)
            return String.Empty;
        else
            return System.Text.Encoding.UTF8.GetString(decryptedBytes);
    }

无论我做什么,都允许我例外:

{"The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters. "}

一定会有人帮我的

问题回答

您获取错误的原因是您试图从一个实际上不是基数- 64 字符串的值中获取 < code> convert. fromBase64String 的字符串。

After encrypting your data, you should convert the byte array to a base-64 string. Use Convert.ToBase64String for this.

return Convert.ToBase64String(decryptedBytes);

您的解密线将有效 :

decryptedBytes = rsaObj.Decrypt(Convert.FromBase64String(Base64EncryptedData), false);

时间:2017-02-14 12:56:41

这不是你可能期望的准确答案,但我在此写信,因为我只作评论。

我认为解密本身没有问题(我找到了您代码中的 php 加密的示例博客) 这就是为什么我评论我对解密目标的加密字符串感到好奇。

我也努力去理解安全,这几个月来我一直在努力,现在我使用对称(AES)和对称(RSA ) 。 理解非常重要,每个人都需要时间。

RSA is asymmetric and one-way which means the Encryption can be done only by public key and the Decryption can be done only by private key. You re using private key in Encryption method and it seems just copied from Decryption.

The answer by Zesty is right only in terms of formatting. You re also needed to understand the formatting. We need Convert.ToBase64String and Convert.FromBase64String in Encryption and Decryption from byte to base64string and vice versa. However this base64string is not just plain like hello but SABlAGwAbABvACAAVwBvAHIAbABkAA== as you see here

我建议使用完整的解决方案(而不是像php加密一样的半个), 如此 < a href="http://nick-howard.blogspot.kr/2011/05/makecert-x509-certificates-and-rsa.html" rel="nofollow noreferrer">blog , 以便加密和解密和所有内容都和谐。

正如我所评论的最后一点一样,你需要思考 如何防止黑人用户的出现, 如果加密是从客户的侧面完成的, 而且你并不只有好的用户。

我希望我的经验有助于理解最重要的安全。

时间:2017-02-15 01:02:49


上一篇:
下一篇:


相关问题
Anyone feel like passing it forward?

I m the only developer in my company, and am getting along well as an autodidact, but I know I m missing out on the education one gets from working with and having code reviewed by more senior devs. ...

时间:2009-11-13 04:17:47 回答:6 展示:1
NSArray s, Primitive types and Boxing Oh My!

I m pretty new to the Objective-C world and I have a long history with .net/C# so naturally I m inclined to use my C# wits. Now here s the question: I feel really inclined to create some type of ...

时间:2009-11-13 04:15:39 回答:4 展示:1
C# Marshal / Pinvoke CBitmap?

I cannot figure out how to marshal a C++ CBitmap to a C# Bitmap or Image class. My import looks like this: [DllImport(@"test.dll", CharSet = CharSet.Unicode)] public static extern IntPtr ...

时间:2009-11-13 03:47:30 回答:1 展示:1
How to Use Ghostscript DLL to convert PDF to PDF/A

How to user GhostScript DLL to convert PDF to PDF/A. I know I kind of have to call the exported function of gsdll32.dll whose name is gsapi_init_with_args, but how do i pass the right arguments? BTW, ...

时间:2009-11-13 03:33:19 回答:3 展示:1
Linqy no matchy

Maybe it s something I m doing wrong. I m just learning Linq because I m bored. And so far so good. I made a little program and it basically just outputs all matches (foreach) into a label control. ...

时间:2009-11-13 03:12:54 回答:2 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全