最近因為項目需要通過RSA加密來保證客戶端與服務端的通信安全。但是C#自 帶的RSA算法類RSACryptoServiceProvider只支持公鑰加密私鑰解密,即數字證 書的使用。
所以參考了一些網上的資料寫了一個RSA的算法實現。算法實 現是基於網上提供的一個大整數類。
一、密鑰管理
取得密鑰主要 是通過2種方式
一種是通過RSACryptoServiceProvider取得:
/// <summary>
/// RSA算法對象,此處主要用於獲取密鑰對
/// </summary>
private RSACryptoServiceProvider RSA;
/// <summary>
/// 取得密鑰
/// </summary>
/// <param name="includPrivateKey">true:包含私鑰 false:不包含私鑰</param>
/// <returns></returns>
public string ToXmlString(bool includPrivateKey)
{
if (includPrivateKey)
{
return RSA.ToXmlString(true);
}
else
{
return RSA.ToXmlString(false);
}
}
/// <summary>
/// 通過密鑰初始化RSA對象
/// </summary>
/// <param name="xmlString">XML格式的密鑰信息 </param>
public void FromXmlString(string xmlString)
{
RSA.FromXmlString(xmlString);
}
一種是通過BigInteger中的獲取大素數的方法
/// <summary>
/// 取得密鑰對
/// </summary>
/// <param name="n">大整數 </param>
/// <param name="e">公鑰 </param>
/// <param name="d">密鑰 </param>
public void GetKey(out string n,out string e,out string d )
{
byte[] pseudoPrime1 = {
(byte)0x85, (byte)0x84, (byte)0x64, (byte)0xFD, (byte)0x70, (byte)0x6A,
(byte)0x9F, (byte)0xF0, (byte)0x94, (byte)0x0C, (byte)0x3E, (byte)0x2C,
(byte)0x74, (byte)0x34, (byte)0x05, (byte)0xC9, (byte)0x55, (byte)0xB3,
(byte)0x85, (byte)0x32, (byte)0x98, (byte)0x71, (byte)0xF9, (byte)0x41,
(byte)0x21, (byte)0x5F, (byte)0x02, (byte)0x9E, (byte)0xEA, (byte)0x56,
(byte)0x8D, (byte)0x8C, (byte)0x44, (byte)0xCC, (byte)0xEE, (byte)0xEE,
(byte)0x3D, (byte)0x2C, (byte)0x9D, (byte)0x2C, (byte)0x12, (byte)0x41,
(byte)0x1E, (byte)0xF1, (byte)0xC5, (byte)0x32, (byte)0xC3, (byte)0xAA,
(byte)0x31, (byte)0x4A, (byte)0x52, (byte)0xD8, (byte)0xE8, (byte)0xAF,
(byte)0x42, (byte)0xF4, (byte)0x72, (byte)0xA1, (byte)0x2A, (byte)0x0D,
(byte)0x97, (byte)0xB1, (byte)0x31, (byte)0xB3,
};
byte[] pseudoPrime2 = {
(byte)0x99, (byte)0x98, (byte)0xCA, (byte)0xB8, (byte)0x5E, (byte)0xD7,
(byte)0xE5, (byte)0xDC, (byte)0x28, (byte)0x5C, (byte)0x6F, (byte)0x0E,
(byte)0x15, (byte)0x09, (byte)0x59, (byte)0x6E, (byte)0x84, (byte)0xF3,
(byte)0x81, (byte)0xCD, (byte)0xDE, (byte)0x42, (byte)0xDC, (byte)0x93,
(byte)0xC2, (byte)0x7A, (byte)0x62, (byte)0xAC, (byte)0x6C, (byte)0xAF,
(byte)0xDE, (byte)0x74, (byte)0xE3, (byte)0xCB, (byte)0x60, (byte)0x20,
(byte)0x38, (byte)0x9C, (byte)0x21, (byte)0xC3, (byte)0xDC, (byte)0xC8,
(byte)0xA2, (byte)0x4D, (byte)0xC6, (byte)0x2A, (byte)0x35, (byte)0x7F,
(byte)0xF3, (byte)0xA9, (byte)0xE8, (byte)0x1D, (byte)0x7B, (byte)0x2C,
(byte)0x78, (byte)0xFA, (byte)0xB8, (byte)0x02, (byte)0x55, (byte)0x80,
(byte)0x9B, (byte)0xC2, (byte)0xA5, (byte)0xCB,
};
BigInteger bi_p = new BigInteger (pseudoPrime1);
BigInteger bi_q = new BigInteger (pseudoPrime2);
BigInteger bi_pq = (bi_p - 1) * (bi_q - 1);
BigInteger bi_n = bi_p * bi_q;
Random rand = new Random();
BigInteger bi_e = bi_pq.genCoPrime(512, rand);
BigInteger bi_d = bi_e.modInverse(bi_pq);
n = bi_n.ToHexString();
e = bi_e.ToHexString();
d = bi_d.ToHexString();
}
二、加密處理(分別對應兩種密鑰取得方式)
公鑰加密
/// <summary>
/// 通過公鑰加密
/// </summary>
/// <param name="dataStr">待加密字符串 </param>
/// <returns>加密結果</returns>
public byte[] EncryptByPublicKey(string dataStr)
{
//取得公鑰參數
RSAParameters rsaparameters = RSA.ExportParameters(false);
byte[] keyN = rsaparameters.Modulus;
byte[] keyE = rsaparameters.Exponent;
//大整數N
BigInteger biN = new BigInteger(keyN);
//公鑰大素數
BigInteger biE = new BigInteger(keyE);
//加密
return EncryptString(dataStr, biE, biN);
}
/// <summary>
/// 通過公鑰加密
/// </summary>
/// <param name="dataStr">待加密字符串 </param>
/// <param name="n">大整數 n</param>
/// <param name="e">公鑰 </param>
/// <returns>加密結果</returns>
public byte[] EncryptByPublicKey(string dataStr,string n,string e)
{
//大整數N
BigInteger biN = new BigInteger(n,16);
//公鑰大素數
BigInteger biE = new BigInteger(e,16);
//加密
return EncryptString(dataStr, biE, biN);
}
私鑰解密
/// <summary>
/// 通過私鑰解密
/// </summary>
/// <param name="dataBytes">待解密字符 數組</param>
/// <returns>解密結果</returns>
public string DecryptByPrivateKey(byte[] dataBytes)
{
//取得私鑰參數
RSAParameters rsaparameters = RSA.ExportParameters(true);
byte[] keyN = rsaparameters.Modulus;
byte[] keyD = rsaparameters.D;
//大整數N
BigInteger biN = new BigInteger(keyN);
//私鑰大素數
BigInteger biD = new BigInteger(keyD);
//解密
return DecryptBytes(dataBytes, biD, biN);
}
/// <summary>
/// 通過私鑰解密
/// </summary>
/// <param name="dataBytes">待解密字符 數組</param>
/// <param name="n">大整數 n</param>
/// <param name="d">私鑰 </param>
/// <returns>解密結果</returns>
public string DecryptByPrivateKey(byte[] dataBytes,string n,string d)
{
//大整數N
BigInteger biN = new BigInteger(n,16);
//私鑰大素數
BigInteger biD = new BigInteger(d,16);
//解密
return DecryptBytes(dataBytes, biD, biN);
}
私鑰加密
/// <summary>
/// 通過私鑰加密
/// </summary>
/// <param name="dataStr">待加密字符串 </param>
/// <returns>加密結果</returns>
public byte[] EncryptByPrivateKey(string dataStr)
{
//取得私鑰參數
RSAParameters rsaparameters = RSA.ExportParameters(true);
byte[] keyN = rsaparameters.Modulus;
byte[] keyD = rsaparameters.D;
//大整數N
BigInteger biN = new BigInteger(keyN);
//私鑰大素數
BigInteger biD = new BigInteger(keyD);
//加密
return EncryptString(dataStr, biD, biN);
}
/// <summary>
/// 通過私鑰加密
/// </summary>
/// <param name="dataStr">待加密字符串 </param>
/// <param name="n">大整數 n</param>
/// <param name="d">私鑰 </param>
/// <returns>加密結果</returns>
public byte[] EncryptByPrivateKey(string dataStr,string n,string d)
{
//大整數N
BigInteger biN = new BigInteger(n, 16);
//私鑰大素數
BigInteger biD = new BigInteger(d, 16);
//加密
return EncryptString(dataStr, biD, biN);
}
公鑰解密
/// <summary>
/// 通過公鑰解密
/// </summary>
/// <param name="dataBytes">待解密字符 數組</param>
/// <returns>解密結果</returns>
public string DecryptByPublicKey(byte[] dataBytes)
{
//取得公鑰參數
RSAParameters rsaparameters = RSA.ExportParameters(false);
byte[] keyN = rsaparameters.Modulus;
byte[] keyE = rsaparameters.Exponent;
//大整數N
BigInteger biN = new BigInteger(keyN);
//公鑰大素數
BigInteger biE = new BigInteger(keyE);
//解密
return DecryptBytes(dataBytes, biE, biN);
}
/// <summary>
/// 通過公鑰解密
/// </summary>
/// <param name="dataBytes">待加密字符 串</param>
/// <param name="n">大整數 n</param>
/// <param name="e">公鑰 </param>
/// <returns>解密結果</returns>
public string DecryptByPublicKey(byte[] dataBytes,string n,string e)
{
//大整數N
BigInteger biN = new BigInteger(n,16);
//公鑰大素數
BigInteger biE = new BigInteger(e,16);
//解密
return DecryptBytes(dataBytes, biE, biN);
}
三、算法實現
加密
/// <summary>
/// 加密字符串
/// </summary>
/// <param name="dataStr">待加密字符串 </param>
/// <param name="keyNmu">密鑰大素數 </param>
/// <param name="nNum">大整數 N</param>
/// <returns>加密結果</returns>
private byte[] EncryptString(string dataStr, BigInteger keyNum, BigInteger nNum)
{
byte[] bytes = System.Text.Encoding.UTF8.GetBytes(dataStr);
int len = bytes.Length;
int len1 = 0;
int blockLen = 0;
if ((len % 120) == 0)
len1 = len / 120;
else
len1 = len / 120 + 1;
List<byte> tempbytes = new List<byte>();
for (int i = 0; i < len1; i++)
{
if (len >= 120)
{
blockLen = 120;
}
else
{
blockLen = len;
}
byte[] oText = new byte[blockLen];
Array.Copy(bytes, i * 120, oText, 0, blockLen);
string res = Encoding.UTF8.GetString (oText);
BigInteger biText = new BigInteger (oText);
BigInteger biEnText = biText.modPow (keyNum, nNum);
//補位
byte[] testbyte = null;
string resultStr = biEnText.ToHexString();
if (resultStr.Length < 256)
{
while (resultStr.Length != 256)
{
resultStr = "0" + resultStr;
}
}
byte[] returnBytes = new byte[128];
for (int j = 0; j < returnBytes.Length; j++)
returnBytes[j] = Convert.ToByte(resultStr.Substring(j * 2, 2), 16);
tempbytes.AddRange(returnBytes);
len -= blockLen;
}
return tempbytes.ToArray();
}
注:分塊大小最大理論值是128位。但是考慮 到實際使用中可能會有位溢出的情況,所以此處使用120
將biginteger對 象轉為byte數組時,原本采用的是BigIneger類提供的GetBytes()方法,但是 實際使用中發現,此方法取得的byte數組有一定的幾率會出現偏差。所以改成使 用ToHexString()方法取得16進制字符串再轉成byte數組。
為了解密時 byte數組塊長度固定,補位操作必須執行。
解密
/// <summary>
/// 解密字符數組
/// </summary>
/// <param name="dataBytes">待解密字符 數組</param>
/// <param name="KeyNum">密鑰大素數 </param>
/// <param name="nNum">大整數 N</param>
/// <returns>解密結果</returns>
private string DecryptBytes(byte[] dataBytes, BigInteger KeyNum, BigInteger nNum)
{
int len = dataBytes.Length;
int len1 = 0;
int blockLen = 0;
if (len % 128 == 0)
{
len1 = len / 128;
}
else
{
len1 = len / 128 + 1;
}
List<byte> tempbytes = new List<byte>();
for (int i = 0; i < len1; i++)
{
if (len >= 128)
{
blockLen = 128;
}
else
{
blockLen = len;
}
byte[] oText = new byte[blockLen];
Array.Copy(dataBytes, i * 128, oText, 0, blockLen);
BigInteger biText = new BigInteger (oText);
BigInteger biEnText = biText.modPow (KeyNum, nNum);
byte[] testbyte= biEnText.getBytes ();
string str = Encoding.UTF8.GetString (testbyte);
tempbytes.AddRange(testbyte);
len -= blockLen;
}
return System.Text.Encoding.UTF8.GetString (tempbytes.ToArray());
}
基本算法就是這樣,經過10000次測試,沒有 誤差出現。下面是算法實現的類和在網上找到的大整數類。
本文配套源碼
