RSA 是常用的非对称加密算法。最近使用时却出现了“不正确的长度”的异常,研究发现是由于待加密的数据超长所致。
.NET Framework 中提供的 RSA 算法规定:
待加密的字节数不能超过密钥的长度值除以 8 再减去 11(即:RSACryptoServiceProvider.KeySize / 8 - 11),而加密后得到密文的字节数,正好是密钥的长度值除以 8(即:RSACryptoServiceProvider.KeySize / 8)。
所以,如果要加密较长的数据,则可以采用分段加解密的方式,实现方式如下:
1 namespace Macroresolute.RSACryptoService 2 { 3 public static class RSACrypto 4 { 5 private static readonly Encoding Encoder = Encoding.UTF8; 6 7 public static String Encrypt(this String plaintext) 8 { 9 X509Certificate2 _X509Certificate2 = RSACrypto.RetrieveX509Certificate(); 10 using (RSACryptoServiceProvider RSACryptography = _X509Certificate2.PublicKey.Key as RSACryptoServiceProvider) 11 { 12 Byte[] PlaintextData = RSACrypto.Encoder.GetBytes(plaintext); 13 int MaxBlockSize = RSACryptography.KeySize / 8 - 11; //加密块最大长度限制 14 15 if (PlaintextData.Length <= MaxBlockSize) 16 return Convert.ToBase64String(RSACryptography.Encrypt(PlaintextData, false)); 17 18 using (MemoryStream PlaiStream = new MemoryStream(PlaintextData)) 19 using (MemoryStream CrypStream = new MemoryStream()) 20 { 21 Byte[] Buffer = new Byte[MaxBlockSize]; 22 int BlockSize = PlaiStream.Read(Buffer, 0, MaxBlockSize); 23 24 while (BlockSize > 0) 25 { 26 Byte[] ToEncrypt = new Byte[BlockSize]; 27 Array.Copy(Buffer, 0, ToEncrypt, 0, BlockSize); 28 29 Byte[] Cryptograph = RSACryptography.Encrypt(ToEncrypt, false); 30 CrypStream.Write(Cryptograph, 0, Cryptograph.Length); 31 32 BlockSize = PlaiStream.Read(Buffer, 0, MaxBlockSize); 33 } 34 35 return Convert.ToBase64String(CrypStream.ToArray(), Base64FormattingOptions.None); 36 } 37 } 38 } 39 40 public static String Decrypt(this String ciphertext) 41 { 42 X509Certificate2 _X509Certificate2 = RSACrypto.RetrieveX509Certificate(); 43 using (RSACryptoServiceProvider RSACryptography = _X509Certificate2.PrivateKey as RSACryptoServiceProvider) 44 { 45 Byte[] CiphertextData = Convert.FromBase64String(ciphertext); 46 int MaxBlockSize = RSACryptography.KeySize / 8; //解密块最大长度限制 47 48 if (CiphertextData.Length <= MaxBlockSize) 49 return RSACrypto.Encoder.GetString(RSACryptography.Decrypt(CiphertextData, false)); 50 51 using (MemoryStream CrypStream = new MemoryStream(CiphertextData)) 52 using (MemoryStream PlaiStream = new MemoryStream()) 53 { 54 Byte[] Buffer = new Byte[MaxBlockSize]; 55 int BlockSize = CrypStream.Read(Buffer, 0, MaxBlockSize); 56 57 while (BlockSize > 0) 58 { 59 Byte[] ToDecrypt = new Byte[BlockSize]; 60 Array.Copy(Buffer, 0, ToDecrypt, 0, BlockSize); 61 62 Byte[] Plaintext = RSACryptography.Decrypt(ToDecrypt, false); 63 PlaiStream.Write(Plaintext, 0, Plaintext.Length); 64 65 BlockSize = CrypStream.Read(Buffer, 0, MaxBlockSize); 66 } 67 68 return RSACrypto.Encoder.GetString(PlaiStream.ToArray()); 69 } 70 } 71 } 72 73 private static X509Certificate2 RetrieveX509Certificate() 74 { 75 return null; //检索用于 RSA 加密的 X509Certificate2 证书 76 } 77 } 78 }
注:以上加密方法返回的字符串类型为原始的 Base-64 ,若要用于 URL 传输,需另行处理!
以上文章转载自http://www.cnblogs.com/zys529/archive/2012/05/24/2516539.html
下面是自己修改
如果没有证书请用以下方法
1 /// <summary> 2 /// 3 /// </summary> 4 public class RSADecryptEncrypt 5 { 6 7 8 private static readonly Encoding Encoder = Encoding.UTF8; 9 /// <summary> 10 /// 公钥加密 11 /// </summary> 12 /// <param name="xmlPublicKey">公钥</param> 13 /// <param name="EncryptString">加密字符串</param> 14 /// <returns></returns> 15 public static String Encrypt(string xmlPublicKey, string EncryptString) 16 { 17 using (RSACryptoServiceProvider RSACryptography = new RSACryptoServiceProvider()) 18 { 19 20 RSACryptography.FromXmlString(xmlPublicKey); 21 Byte[] PlaintextData = RSADecryptEncrypt.Encoder.GetBytes(EncryptString); 22 int MaxBlockSize = RSACryptography.KeySize / 8 - 11;//加密块最大长度限制 23 24 if (PlaintextData.Length <= MaxBlockSize) 25 return Convert.ToBase64String(RSACryptography.Encrypt(PlaintextData, false)); 26 27 using (MemoryStream PlaiStream = new MemoryStream(PlaintextData)) 28 using (MemoryStream CrypStream = new MemoryStream()) 29 { 30 Byte[] Buffer = new Byte[MaxBlockSize]; 31 int BlockSize = PlaiStream.Read(Buffer, 0, MaxBlockSize); 32 33 while (BlockSize > 0) 34 { 35 Byte[] ToEncrypt = new Byte[BlockSize]; 36 Array.Copy(Buffer, 0, ToEncrypt, 0, BlockSize); 37 38 Byte[] Cryptograph = RSACryptography.Encrypt(ToEncrypt, false); 39 CrypStream.Write(Cryptograph, 0, Cryptograph.Length); 40 41 BlockSize = PlaiStream.Read(Buffer, 0, MaxBlockSize); 42 } 43 44 return Convert.ToBase64String(CrypStream.ToArray(), Base64FormattingOptions.None); 45 } 46 } 47 } 48 49 /// <summary> 50 /// 解密 51 /// </summary> 52 /// <param name="xmlPublicKey"></param> 53 /// <param name="EncryptString"></param> 54 /// <returns></returns> 55 public static String Decrypt(string xmlPrivateKey, string EncryptString) 56 { 57 using (RSACryptoServiceProvider RSACryptography = new RSACryptoServiceProvider()) 58 { 59 RSACryptography.FromXmlString(xmlPrivateKey); 60 Byte[] CiphertextData = Convert.FromBase64String(EncryptString); 61 int MaxBlockSize = RSACryptography.KeySize / 8; //解密块最大长度限制 62 63 if (CiphertextData.Length <= MaxBlockSize) 64 return RSADecryptEncrypt.Encoder.GetString(RSACryptography.Decrypt(CiphertextData, false)); 65 66 using (MemoryStream CrypStream = new MemoryStream(CiphertextData)) 67 using (MemoryStream PlaiStream = new MemoryStream()) 68 { 69 Byte[] Buffer = new Byte[MaxBlockSize]; 70 int BlockSize = CrypStream.Read(Buffer, 0, MaxBlockSize); 71 72 while (BlockSize > 0) 73 { 74 Byte[] ToDecrypt = new Byte[BlockSize]; 75 Array.Copy(Buffer, 0, ToDecrypt, 0, BlockSize); 76 77 Byte[] Plaintext = RSACryptography.Decrypt(ToDecrypt, false); 78 PlaiStream.Write(Plaintext, 0, Plaintext.Length); 79 80 BlockSize = CrypStream.Read(Buffer, 0, MaxBlockSize); 81 } 82 83 return RSADecryptEncrypt.Encoder.GetString(PlaiStream.ToArray()); 84 } 85 } 86 } 87 88 89 }
我的公众号