0

我必须使用 RSA 公钥和私钥加密和解密一个大字符串。我已设法使用以下示例代码加密较大的文本

public static string Encrypt(string publicKey, string data, RsaKeyLengths length)
        {
            // full array of bytes to encrypt
            byte[] bytesToEncrypt;

            // worker byte array
            byte[] block;

            // encrypted bytes
            byte[] encryptedBytes;

            // length of bytesToEncrypt
            var dataLength = 0;

            // number of bytes in key                
            var keySize = 0;

            // maximum block length to encrypt          
            var maxLength = 0;

            // how many blocks must we encrypt to encrypt entire message?
            var iterations = 0;

            // the encrypted data
            var encryptedData = new StringBuilder();

            // instantiate the crypto provider with the correct key length
            var rsaCryptoServiceProvider = new RSACryptoServiceProvider((int)length);

            // initialize the RSA object from the given public key
            rsaCryptoServiceProvider.FromXmlString(publicKey);

            // convert data to byte array
            bytesToEncrypt = Encoding.Unicode.GetBytes(data);

            // get length of byte array
            dataLength = bytesToEncrypt.Length;

            // convert length of key from bits to bytes
            keySize = (int)length / 8;

            // .NET RSACryptoServiceProvider uses SHA1 Hash function
            // use this to work out the maximum length to encrypt per block
            maxLength = ((keySize - 2) - (2 * SHA1.Create().ComputeHash(bytesToEncrypt).Length));

            // how many blocks do we need to encrypt?
            iterations = dataLength / maxLength;

            // encrypt block by block
            for (int index = 0; index <= iterations; index++)
            {
                // is there more than one full block of data left to encrypt?
                if ((dataLength - maxLength * index) > maxLength)
                {
                    block = new byte[maxLength];
                }
                else
                {
                    block = new byte[dataLength - maxLength * index];
                }

                // copy the required number of bytes from the array of bytes to encrypt to our worker array
                Buffer.BlockCopy(bytesToEncrypt, maxLength * index, block, 0, block.Length);

                // encrypt the current worker array block of bytes
                encryptedBytes = rsaCryptoServiceProvider.Encrypt(block, true);

                // RSACryptoServiceProvider reverses the order of encrypted bytesToEncrypt after encryption and before decryption.
                // Undo this reversal for compatibility with other implementations
                Array.Reverse(encryptedBytes);

                // convert to base 64 string
                encryptedData.Append(Convert.ToBase64String(encryptedBytes));

            }
            return encryptedData.ToString();

        }

然后我尝试使用以下代码解密较大的文本

/// <summary>
        /// Encrypt an arbitrary string of data under the supplied public key
        /// </summary>
        /// <param name="publicKey">The public key to encrypt under</param>
        /// <param name="data">The data to encrypt</param>
        /// <param name="length">The bit length or strength of the public key: 1024, 2048 or 4096 bits. This must match the 
        /// value actually used to create the publicKey</param>
        /// <returns></returns>
        public static string Decrypt(string privateKey, string data, RsaKeyLengths length)
        {
            // full array of bytes to encrypt
            byte[] bytesToDecrypt;

            // worker byte array
            byte[] block;

            // encrypted bytes
            byte[] decryptedBytes;

            // length of bytesToEncrypt
            var dataLength = 0;

            // number of bytes in key                
            var keySize = 0;

            // maximum block length to encrypt          
            var maxLength = 0;

            // how many blocks must we encrypt to encrypt entire message?
            var iterations = 0;

            // the encrypted data
            var decryptedData = new StringBuilder();

            // instantiate the crypto provider with the correct key length
            var rsaCryptoServiceProvider = new RSACryptoServiceProvider((int)length);

            // initialize the RSA object from the given public key
            rsaCryptoServiceProvider.FromXmlString(privateKey);

            // convert data to byte array
            bytesToDecrypt = Encoding.Unicode.GetBytes(data);

            // get length of byte array
            dataLength = bytesToDecrypt.Length;

            // convert length of key from bits to bytes
            keySize = (int)length / 8;

            // .NET RSACryptoServiceProvider uses SHA1 Hash function
            // use this to work out the maximum length to encrypt per block
            //maxLength = ((keySize - 2) - (2 * SHA1.Create().ComputeHash(bytesToDecrypt).Length));
            maxLength = ((keySize / 8) % 3 != 0) ?
              (((keySize / 8) / 3) * 4) + 4 : ((keySize / 8) / 3) * 4; ;

            // how many blocks do we need to encrypt?
            iterations = dataLength / maxLength;

            // encrypt block by block
            for (int index = 0; index <= iterations; index++)
            {
                // is there more than one full block of data left to encrypt?
                if ((dataLength - maxLength * index) > maxLength)
                {
                    block = new byte[maxLength];
                }
                else
                {
                    block = new byte[dataLength - maxLength * index];
                }

                // copy the required number of bytes from the array of bytes to encrypt to our worker array
                Buffer.BlockCopy(bytesToDecrypt, maxLength * index, block, 0, block.Length);

                // encrypt the current worker array block of bytes
                decryptedBytes = rsaCryptoServiceProvider.Decrypt(block, true);

                // RSACryptoServiceProvider reverses the order of encrypted bytesToEncrypt after encryption and before decryption.
                // Undo this reversal for compatibility with other implementations
                Array.Reverse(decryptedBytes);

                // convert to base 64 string
                decryptedData.Append(Convert.ToBase64String(decryptedBytes));

            }
            return decryptedData.ToString();
        }

实际上加密进行得很顺利。没问题。但是当我试图解密它时。我收到以下异常

未处理的异常:System.Security.Cryptography.CryptographicException:解码 OAEP 填充时发生错误。

有人可以帮帮我吗?

4

2 回答 2

1

请改用流密码,并且仅使用 RSA 加密此密码的密钥。如果您因为其公私钥逻辑而需要 RSA 并希望使用不同的密钥进行加密和解密,这可能会有所帮助。使用流密码,您将能够毫无问题地加密和解密千兆字节的数据。

RSA 通常不用于非常大量的数据。

于 2013-02-08T11:34:03.183 回答
0

也许有点晚了,但我发现http://tekaris.com/blog/2013/02/08/encrypting-large-data-with-asymetric-rsacryptoserviceprovider/很有帮助。这里的技巧显然是拆分数据,加密并重新加入数据。

于 2013-03-26T18:42:26.297 回答