UWP标准CMS Enveloped加密

Question

我需要在加密消息语法（CMS）standard中实施AES加密算法来加密我在Windows Universal App中的数据（找到参考here）。我使用以下代码使用Bouncy Castle库在Java上实现它（我需要在C＃UWP中使用相同的功能）：

private static final ASN1ObjectIdentifier CMS_ENCRYPTION_ALGO = CMSAlgorithm.AES256_CBC;
private byte[] encrypt(byte[] key, byte[] dataToBeEncrypted) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException, CMSException {
    final KeySpec keySpec = new X509EncodedKeySpec(key);
    final KeyFactory factory = KeyFactory.getInstance("RSA");
    final PublicKey publicKey = factory.generatePublic(keySpec);
    final SubjectKeyIdentifier subjectKeyIdentifier = new JcaX509ExtensionUtils().createSubjectKeyIdentifier(publicKey);
    final RecipientInfoGenerator recipientInfoGenerator = new JceKeyTransRecipientInfoGenerator(subjectKeyIdentifier.getEncoded(), publicKey);
    final CMSEnvelopedDataGenerator generator = new CMSEnvelopedDataGenerator();
    generator.addRecipientInfoGenerator(recipientInfoGenerator);

    final OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(CMS_ENCRYPTION_ALGO).build();
    final CMSProcessableByteArray content = new CMSProcessableByteArray(dataToBeEncrypted);
    final CMSEnvelopedData envelopedData = generator.generate(content, encryptor);

    return envelopedData.toASN1Structure().getEncoded(ASN1Encoding.DER);
}

现在我已经在我的UWP应用程序中引用了Bouncy Castle V 1.8.1，但是我发现了许多不同之处（在Java中使用了一些库但在Windows中不存在）并且无法在C＃中实现这样的功能。

请指导我使用原生UWP加密库Windows.Security.Cryptography（首选）实现相同的目标，

或者告诉我如何在C＃UWP应用程序中使用Bouncy Castle 1.8.1实现相同的功能。

更新

根据here中的下图，我了解所需的步骤是：

1-获取数据并生成对称密钥以使用算法AesCbcPkcs7加密数据。

2-使用公钥加密对称密钥

3-生成数字封套的消息。

所以我根据我的理解使用以下c＃代码完成了前两个步骤（如果我错了，请纠正我），我需要帮助才能完成第三步：

public string EncryptAndEnvelope(string openText, string p_key)
{
    // Step 1 Get the data and generate Symmetric Key to encrypt the data using algorithm AesCbcPkcs7
    IBuffer cBuffer = CryptographicBuffer.GenerateRandom(32);
    SymmetricKeyAlgorithmProvider provider = SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithmNames.AesCbcPkcs7);
    CryptographicKey m_key = provider.CreateSymmetricKey(cBuffer);
    IBuffer bufferMsg = CryptographicBuffer.ConvertStringToBinary(AsciiToString(StringToAscii(openText)), BinaryStringEncoding.Utf8);
    IBuffer bufferEncrypt = CryptographicEngine.Encrypt(m_key, bufferMsg, null);

    // Step 2 Encrypt Symmetric Key using the public key
    IBuffer publicKey = CryptographicBuffer.DecodeFromBase64String(p_key);
    AsymmetricKeyAlgorithmProvider asym = AsymmetricKeyAlgorithmProvider.OpenAlgorithm(AsymmetricAlgorithmNames.RsaPkcs1);
    CryptographicKey ckey = asym.ImportPublicKey(publicKey, CryptographicPublicKeyBlobType.X509SubjectPublicKeyInfo);
    IBuffer cbufferEncrypt = CryptographicEngine.Encrypt(ckey, cBuffer, null);

    // Step 3 Generate Digitally enveloped message
    // I need help here
}

private byte[] StringToAscii(string s)
    {
        byte[] retval = new byte[s.Length];
        for (int ix = 0; ix < s.Length; ++ix)
          {
            char ch = s[ix];
            if (ch <= 0x7f) retval[ix] = (byte)ch;
            else retval[ix] = (byte)'?';
          }
        return retval;
    }

private string AsciiToString(byte[] bytes)
{
    return string.Concat(bytes.Select(b => b <= 0x7f ? (char)b : '?'));
}

  

注意：在寻找解决方案时，我发现使用库System.Security.Cryptography可以获得答案   （ but it is not supported in Universal Apps ），我非常确定   使用Bouncy Castle可以实现（有   大量的Java文档但遗憾的是没有   C＃）的文档。