使用Azure Key Vault RSA密钥加密和解密字符串 [英] Using Azure Key Vault RSA Key to encrypt and decrypt strings
问题描述
我已设置Azure密钥保管库以检索RSA密钥以进行加密.Azure向我发送了一个KeyBundle类型的对象.此对象包含类型为 RSA大小为的RSA JsonWebKey.看我的RSA密钥,它有2种方法,分别称为 Encrypt(byte []数据,RSAEncryptionPadding填充)
和 Decrypt(byte []数据,RSAEncryptionPadding填充)
.现在,我试图像这样加密和解密一个简单的字符串:
I have setup Azure Key Vault to retrieve RSA Keys for encryption. Azure send me an object of type KeyBundle. This object contains a JsonWebKey of type RSA of size 2048. Looking at my RSA Key, it has 2 methods called Encrypt(byte[] data, RSAEncryptionPadding padding)
and Decrypt(byte[] data, RSAEncryptionPadding padding)
. Now I am trying to encrypt and decrypt a simple string like this:
public EncryptionManager(KeyBundle encryptionKey)
{
string test = "Hello World!";
var key = encryptionKey.Key.ToRSA();
var encryptedString = key.Encrypt(Encoding.UTF8.GetBytes(test), RSAEncryptionPadding.OaepSHA256);
var decryptedString = key.Decrypt(encryptedString, RSAEncryptionPadding.OaepSHA256);
}
加密有效,但是解密会引发异常消息:
Encryption works, but decryption throws an exception with message:
键不存在.
这是StackTrace
Here is the StackTrace
在System.Security.Cryptography.RSAImplementation.RSACng.EncryptOrDecrypt(SafeNCryptKeyHandle键,ReadOnlySpan`1输入,AsymmetricPaddingMode paddingMode,Void *paddingInfo,布尔加密)System.Security.Cryptography.RSAImplementation.RSACng.EncryptOrDecrypt(Byte []数据,RSAEncryptionPadding填充,布尔加密)System.Security.Cryptography.RSAImplementation.RSACng.Decrypt(Byte []数据,RSAEncryptionPadding填充)位于NxtUtils.Security.EncryptionManager..ctor(KeyBundle encryptionKey)在C:\ Repos \ Enigma \ EnigmaPrototype \ SharedLibaries \ NxtUtils \ Security \ EncryptionManager.cs:line26
at System.Security.Cryptography.RSAImplementation.RSACng.EncryptOrDecrypt(SafeNCryptKeyHandle key, ReadOnlySpan`1 input, AsymmetricPaddingMode paddingMode, Void* paddingInfo, Boolean encrypt) at System.Security.Cryptography.RSAImplementation.RSACng.EncryptOrDecrypt(Byte[] data, RSAEncryptionPadding padding, Boolean encrypt) at System.Security.Cryptography.RSAImplementation.RSACng.Decrypt(Byte[] data, RSAEncryptionPadding padding) at NxtUtils.Security.EncryptionManager..ctor(KeyBundle encryptionKey) in C:\Repos\Enigma\EnigmaPrototype\SharedLibaries\NxtUtils\Security\EncryptionManager.cs:line 26
我真的不熟悉加密算法.我的问题是:如何使用Azure提供的RSA密钥对简单的strig进行加密和解密?
I am really not familiar with cryptographic algorithms. My question is: How can I encrypt and decrypt a simple strig using this RSA Key provided by Azure?
谢谢!
推荐答案
我遇到了同样的问题,尽管我从互联网上搜索并从Microsoft文档中得到了此信息
I got the same issue, what I did is here although I searched from internet and got this from the Microsoft docs
这是我下面的工作代码
public static class KeyVaultEncryptorDecryptor
{
public static string KeyDecryptText(this string textToDecrypt , KeyVaultClient keyVaultClient, string keyidentifier)
{
var kv = keyVaultClient;
try
{
var key = kv.GetKeyAsync(keyidentifier).Result;
var publicKey = Convert.ToBase64String(key.Key.N);
using var rsa = new RSACryptoServiceProvider();
var p = new RSAParameters() {
Modulus = key.Key.N, Exponent = key.Key.E
};
rsa.ImportParameters(p);
var encryptedTextNew = Convert.FromBase64String(textToDecrypt);
var decryptedData = kv.DecryptAsync(key.KeyIdentifier.Identifier.ToString(), JsonWebKeyEncryptionAlgorithm.RSAOAEP, encryptedTextNew).GetAwaiter().GetResult();
var decryptedText = Encoding.Unicode.GetString(decryptedData.Result);
return decryptedText;
}
catch (Exception ex)
{
Console.WriteLine(ex);
return default;
}
}
public static string KeyEncryptText(this string textToEncrypt , KeyVaultClient keyVaultClient, string keyidentifier)
{
var kv = keyVaultClient;
try
{
var key = kv.GetKeyAsync(keyidentifier).GetAwaiter().GetResult();
var publicKey = Convert.ToBase64String(key.Key.N);
using var rsa = new RSACryptoServiceProvider();
var p = new RSAParameters() {
Modulus = key.Key.N, Exponent = key.Key.E
};
rsa.ImportParameters(p);
var byteData = Encoding.Unicode.GetBytes(textToEncrypt);
var encryptedText = rsa.Encrypt(byteData, true);
string encText = Convert.ToBase64String(encryptedText);
return encText;
}
catch (Exception ex)
{
Console.WriteLine(ex);
return default;
}
}
}
这篇关于使用Azure Key Vault RSA密钥加密和解密字符串的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!