我有一个创建密钥对的应用程序,并将公钥发送到设备。然后设备 加密一些信息,我需要使用我的私钥解密。 我生成了一对密钥 String AsymmetricAlgName = Windows.Security.Cryptography.Core.AsymmetricAlgorithmNames.RsaPkcs1;
AsymmetricKeyAlgorithmProvider asym =
AsymmetricKeyAlgorithmProvider.OpenAlgorithm(AsymmetricAlgName);
CryptographicKey keyPair = asym.CreateKeyPair(2048);
我使用
导出了公钥IBuffer buffPublicKey = keyPair.ExportPublicKey();
byte[] pubPublickeyBytes;
CryptographicBuffer.CopyToByteArray(buffPublicKey, out pubPublickeyBytes);
string pubKeyStr = Convert.ToBase64String(pubPublickeyBytes);
到目前为止一切顺利。
我的应用程序存储在base64字符串中生成的私钥
IBuffer buffPrivateKeyRsa = keyPair.Export(CryptographicPrivateKeyBlobType.Pkcs1RsaPrivateKey);
CryptographicBuffer.CopyToByteArray(buffPrivateKeyRsa, out pubPrivateBytesRsa);
string priKeyStrRsa = Convert.ToBase64String(pubPrivateBytesRsa);
我有两个问题。
b)我如何解密?这一切都在windows商店应用程序中,所以我没有运输 其他地方的私钥。我查看了decrypt方法,但它需要一个加密密钥 而且我不确定如何从base64编码的字符串中构造它
答案 0 :(得分:1)
几个小时后,我发现了。
首先,预计私钥64字符串比base64中的公钥长。
其次,API有点有趣(不直观)。 要仅导入私钥,您仍需要导入密钥。有导入公钥方法但没有导入私钥方法。
CryptographicKey privKey = asym.ImportKeyPair(CryptographicBuffer.DecodeFromBase64String(priKeyStrRsa), CryptographicPrivateKeyBlobType.Pkcs1RsaPrivateKey);
IBuffer decryptedBuffer = CryptographicEngine.Decrypt(privKey, encryptedBuffer, null);
byte[] decrptedBytes;
CryptographicBuffer.CopyToByteArray(decryptedBuffer, out decrptedBytes);
string data = Encoding.UTF8.GetString(decrptedBytes, 0, decrptedBytes.Length);
首先,您导入一个存储在某个地方的私钥,然后您就可以像这样加密数据
string unencData = "some data";
IBuffer unencCryptBuffer = CryptographicBuffer.CreateFromByteArray(Encoding.UTF8.GetBytes(unencData));
IBuffer publicKeyBuffer = CryptographicBuffer.DecodeFromBase64String(pubKeyStr);
CryptographicKey pubKey = asym.ImportPublicKey(publicKeyBuffer);
IBuffer encryptedBuffer = CryptographicEngine.Encrypt(pubKey, unencCryptBuffer, null);
第三,花费大部分时间让我弄清楚的事情是,我正在与之交谈的一方(硬件设备)正在使用OAEP填充。所以我的解密失败了。这里的诀窍是 使用RsaOeapSha1算法。
完整的样本发布在这里
String AsymmetricAlgName = Windows.Security.Cryptography.Core.AsymmetricAlgorithmNames.RsaOaepSha1;
AsymmetricKeyAlgorithmProvider asym = AsymmetricKeyAlgorithmProvider.OpenAlgorithm(AsymmetricAlgName);
CryptographicKey keyPair = asym.CreateKeyPair(2048);
IBuffer buffPublicKey = keyPair.ExportPublicKey();
IBuffer buffPrivateKeyRsa = keyPair.Export(CryptographicPrivateKeyBlobType.Pkcs1RsaPrivateKey);
byte[] pubPublickeyBytes;
byte[] pubPrivateBytesRsa;
CryptographicBuffer.CopyToByteArray(buffPublicKey, out pubPublickeyBytes);
CryptographicBuffer.CopyToByteArray(buffPrivateKeyRsa, out pubPrivateBytesRsa);
string pubKeyStr = Convert.ToBase64String(pubPublickeyBytes);
string priKeyStrRsa = Convert.ToBase64String(pubPrivateBytesRsa);
string unencData = "some data";
IBuffer unencCryptBuffer = CryptographicBuffer.CreateFromByteArray(Encoding.UTF8.GetBytes(unencData));
IBuffer publicKeyBuffer = CryptographicBuffer.DecodeFromBase64String(pubKeyStr);
CryptographicKey pubKey = asym.ImportPublicKey(publicKeyBuffer);
IBuffer encryptedBuffer = CryptographicEngine.Encrypt(pubKey, unencCryptBuffer, null);
CryptographicKey privKey = asym.ImportKeyPair(CryptographicBuffer.DecodeFromBase64String(priKeyStrRsa), CryptographicPrivateKeyBlobType.Pkcs1RsaPrivateKey);
IBuffer decryptedBuffer = CryptographicEngine.Decrypt(privKey, encryptedBuffer, null);
byte[] decrptedBytes;
CryptographicBuffer.CopyToByteArray(decryptedBuffer, out decrptedBytes);
string data = Encoding.UTF8.GetString(decrptedBytes, 0, decrptedBytes.Length);