RSA 解密 C# (.NET 3.5) 中的数据,该数据在 php 5.3.2 中使用 openssl 加密
也许有人可以澄清我。我已经在这上面冲浪有一段时间了。
步骤#1:创建根证书
Key generation on unix1) openssl req -x509 -nodes -days 3650 -newkey rsa:1024 -keyout privatekey.pem -out mycert.pem
2) openssl rsa -in privatekey.pem -pubout -out publickey.pem
3) openssl pkcs12 -export -out mycertprivatekey.pfx -in mycert.pem -inkey privatekey.pem -name "my certificate"
步骤#2:根证书在 php 上工作吗:是的,
PHP side我使用 publickey.pem 将其读入 php:
$publicKey = "file://C:/publickey.pem";
$privateKey = "file://C:/privatekey.pem";
$plaintext = "123";
openssl_public_encrypt($plaintext, $encrypted, $publicKey);
$transfer = base64_encode($encrypted);
openssl_private_decrypt($encrypted, $decrypted, $privateKey);
echo $decrypted; // "123"
或者
$server_public_key = openssl_pkey_get_public(file_get_contents("C:\publickey.pem"));
// rsa encrypt
openssl_public_encrypt("123", $encrypted, $server_public_key);
//and the privatekey.pem to check if it works:
openssl_private_decrypt($encrypted, $decrypted, openssl_get_privatekey(file_get_contents("C:\privatekey.pem")));
echo $decrypted; // "123"
得出结论,加密/解密在 php 端工作得很好openssl 根证书文件。
步骤 #3:根证书在 .NET 上工作吗:是
C# side以同样的方式,我将密钥读入 .net C# 控制台程序:
X509Certificate2 myCert2 = null;
RSACryptoServiceProvider rsa = null;
try
{
myCert2 = new X509Certificate2(@"C:\mycertprivatekey.pfx", "password");
rsa = (RSACryptoServiceProvider)myCert2.PrivateKey;
}
catch (Exception e)
{
Console.writeln(e.message); // because I left a blank catch block, I did not realize there was an exception! I missed the password for the certificate.
}
byte[] test = {Convert.ToByte("123")};
string t = Convert.ToString(rsa.Decrypt(rsa.Encrypt(test, false), false));
说到这里,加密/解密在这些 openssl 根证书文件的 C# 端工作得很好。
步骤#4:在 php 中加密并在 .NET 中解密:是
PHP side$onett = "123"
....
openssl_public_encrypt($onett, $encrypted, $server_public_key);
$onettbase64 = base64_encode($encrypted);
复制 - 粘贴 $onettbase64 ("LkU2GOCy4lqwY4vtPI1JcsxgDgS2t05E6kYghuXjrQe7hSsYXETGdlhzEBlp+qhxzTXV3pw+AS5bEg9CPxqHus8fXHOnXYqsd2HL20Q Saz+FjZee6Kvva0cGhWkFdWL+ANDSOWRWo/OMhm7JVqU3P/44c3dLA1eu2UsoDI26OMw=") 到 c# 程序中:
C# sidebyte[] transfered_onett = rsa.Decrypt(Convert.FromBase64String("LkU2GOCy4lqwY4vtPI1JcsxgDgS2t05E6kYghuXjrQe7hSsYXETGdlhzEBlp+qhxzTXV3pw+AS5bEg9CPxqHus8fXHOnXYqsd2HL20QSaz+FjZee6Kvva0cGhWkFdWL+ANDSOWRWo/OMhm7JVqU3P/44c3dLA1eu2UsoDI26OMw="), false);
string result = System.Text.Encoding.UTF8.GetString(transfered_onett); // "123"
没有问题。
Maybe someone can clear me up. I have been surfing on this a while now.
Step #1: Create a root certificate
Key generation on unix
1) openssl req -x509 -nodes -days 3650 -newkey rsa:1024 -keyout privatekey.pem -out mycert.pem
2) openssl rsa -in privatekey.pem -pubout -out publickey.pem
3) openssl pkcs12 -export -out mycertprivatekey.pfx -in mycert.pem -inkey privatekey.pem -name "my certificate"
Step #2: Does root certificate work on php: YES
PHP side
I used the publickey.pem to read it into php:
$publicKey = "file://C:/publickey.pem";
$privateKey = "file://C:/privatekey.pem";
$plaintext = "123";
openssl_public_encrypt($plaintext, $encrypted, $publicKey);
$transfer = base64_encode($encrypted);
openssl_private_decrypt($encrypted, $decrypted, $privateKey);
echo $decrypted; // "123"
OR
$server_public_key = openssl_pkey_get_public(file_get_contents("C:\publickey.pem"));
// rsa encrypt
openssl_public_encrypt("123", $encrypted, $server_public_key);
//and the privatekey.pem to check if it works:
openssl_private_decrypt($encrypted, $decrypted, openssl_get_privatekey(file_get_contents("C:\privatekey.pem")));
echo $decrypted; // "123"
Coming to the conclusion, that encryption/decryption works fine on the php side with these openssl root certificate files.
Step #3: Does root certificate work on .NET: YES
C# side
In same manner I read the keys into a .net C# console program:
X509Certificate2 myCert2 = null;
RSACryptoServiceProvider rsa = null;
try
{
myCert2 = new X509Certificate2(@"C:\mycertprivatekey.pfx", "password");
rsa = (RSACryptoServiceProvider)myCert2.PrivateKey;
}
catch (Exception e)
{
Console.writeln(e.message); // because I left a blank catch block, I did not realize there was an exception! I missed the password for the certificate.
}
byte[] test = {Convert.ToByte("123")};
string t = Convert.ToString(rsa.Decrypt(rsa.Encrypt(test, false), false));
Coming to the point, that encryption/decryption works fine on the c# side with these openssl root certificate files.
Step #4: Enrypt in php and Decrypt in .NET: YES
PHP side
$onett = "123"
....
openssl_public_encrypt($onett, $encrypted, $server_public_key);
$onettbase64 = base64_encode($encrypted);
copy - paste $onettbase64 ("LkU2GOCy4lqwY4vtPI1JcsxgDgS2t05E6kYghuXjrQe7hSsYXETGdlhzEBlp+qhxzTXV3pw+AS5bEg9CPxqHus8fXHOnXYqsd2HL20QSaz+FjZee6Kvva0cGhWkFdWL+ANDSOWRWo/OMhm7JVqU3P/44c3dLA1eu2UsoDI26OMw=") into c# program:
C# side
byte[] transfered_onett = rsa.Decrypt(Convert.FromBase64String("LkU2GOCy4lqwY4vtPI1JcsxgDgS2t05E6kYghuXjrQe7hSsYXETGdlhzEBlp+qhxzTXV3pw+AS5bEg9CPxqHus8fXHOnXYqsd2HL20QSaz+FjZee6Kvva0cGhWkFdWL+ANDSOWRWo/OMhm7JVqU3P/44c3dLA1eu2UsoDI26OMw="), false);
string result = System.Text.Encoding.UTF8.GetString(transfered_onett); // "123"
No problems.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您需要使用专为 PFX(又名 pkcs#12)文件设计的 X509Certificate2 构造函数之一。这些需要一个密码参数。在您最初的示例中,您默默地吞下了所有异常,因此您错过了错误。
You need to use one of the X509Certificate2 constructors that are designed for PFX (aka pkcs#12) files. These take a password argument. In your original example, you were silently swallowing all exceptions so you missed the error.
这已经解决了。我忘记填写 catch 块,所以我没有意识到 c# 端的证书读取存在异常。有了读取证书,解密就没有问题了。
This is solved. I had forgotten to fill the catch block so I did not realize there was an exception with the certificate reading on the c# side. With read certificate, decryption is no problem now.