在 C# 中加载 ASN.1/DER 编码的 RSA 密钥对 [英] Load ASN.1/DER encoded RSA keypair in C#

问题描述

我在 Crypto++ 中创建了 DER 编码的 RSA 密钥对以及密码.它们是 Base64Encoded 字符串.我首先将数据从 Base64 解码为字节数组，但我不确定如何将它们加载到 RSACryptoServiceProvider.

I have DER encoded RSA keypair created in Crypto++, as well as cipher. They are Base64Encoded string. I first decode the data from Base64 to byte array, but I am not sure how to load them into RSACryptoServiceProvider.

static void Main()
{
    string pbkeystr = "mypublickey";
    string pvkeystr = "myprivatekey";
    string cipherstr = "mycipher";

    byte[] pbkey = Convert.FromBase64String(pbkeystr);
    byte[] pvkey = Convert.FromBase64String(pvkeystr);
    byte[] cipher = Convert.FromBase64String(cipherstr);

    RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

    //Set keys here..

    //Decrypt the cipher using private key
    rsa.Decrypt(pvkey, false);
}

没有设置键的功能.我唯一找到的是 ImportParameters 方法，它采用 RSAParameters 类，该类由 p、q、n、模数、指数等.我无权访问这些.

There are no functions to set keys. The only thing I found was ImportParameters method, which takes RSAParameters class which consists of p, q, n, modulus, exponent etc. I don't have access to these.

有什么方法可以将键加载为字符串?如何将密钥加载到 RSACryptoServiceProvider?

Is there any way I can load the keys as string? How can I load the key into RSACryptoServiceProvider?

推荐答案

有什么方法可以将键加载为字符串?如何将密钥加载到 RSACryptoServiceProvider 中?

Is there any way I can load the keys as string? How can I load the key into RSACryptoServiceProvider?

从您的其他 Crypto++ 问题，如何在 Crypto++ 中加载 Base64 RSA 密钥，您似乎有 仅 公钥和私钥，因为您使用了 DEREncode 和 BERDecode.也就是说，您有 RSA 参数，而不是主题公钥信息和私钥信息.您的密钥缺少 OID 标识符和版本号.那样就好了.

From your other Crypto++ question, How to load Base64 RSA keys in Crypto++, it looks like you have only the public and private keys because you used DEREncode and BERDecode. That is, you have the RSA parameters, and not the subject public key info and the private key info. Your keys lack the OID identifiers and version numbers. Things are fine that way.

从代码项目上的 加密互操作性:密钥，您在 Base64 解码后将需要一个解析 ASN.1/DER 的 C# 类.CodeProject 文章提供了一个名为 AsnKeyParser 的 C# 类来读取 ASN.1/DER 并返回一个 RSAParameters 以加载到 CSP 中.

From Cryptographic Interoperability: Keys on the Code Project, you will need a C# class that parses the ASN.1/DER after you Base64 decode it. The CodeProject article provides a C# class called AsnKeyParser to read the ASN.1/DER and returns a RSAParameters to load into a CSP.

AsnKeyParser 类的代码大约有 800 行，另外还有 5 个支持文件来完成这一切，所以放在这里不太合适.你应该自己下载.感兴趣的文件称为 CSInteropKeys.zip.

The code for the AsnKeyParser class is about 800 lines, and there are five other supporting files to make it all happen, so its not really appropriate to place it here. You should download it yourself. The file of interest is called CSInteropKeys.zip.

一旦您连接到 AsnKeyParser 类，就如同下面的 RSA 公钥一样简单.私钥类似，代码在 CodeProject 网站上给出.

Once you wire-in the AsnKeyParser class, it will be as simple as the following for a RSA Public key. The private key will be similar, and the code is given on the CodeProject site.

// Your ASN.1/DER parser class
AsnKeyParser keyParser = new AsnKeyParser("rsa-public.der");
RSAParameters publicKey = keyParser.ParseRSAPublicKey();

// .Net class
CspParameters csp = new CspParameters;
csp.KeyContainerName = "RSA Test (OK to Delete)";    
csp.ProviderType = PROV_RSA_FULL;    // 1
csp.KeyNumber = AT_KEYEXCHANGE;      // 1

// .Net class
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(csp);
rsa.PersistKeyInCsp = false;
rsa.ImportParameters(publicKey);

不赞成链接到另一个站点上的文件，但我不知道如何提供其他信息.答案中涉及的源代码太多.

Linking to files on another site is frowned upon, but I don't know how to provide the information otherwise. There's too much source code involved to place in an answer.

为了完整性，.Net 不使互操作变得容易.他们不接受 ASN.1/DER 或 PEM.相反，.Net 接受一些 XML 表示的键.我相信您可以在 RFC 3275, XML-Signature Syntax and Processing 中找到它.Microsoft 没有为您声明.我在写代码项目文章时将其拼凑起来.

For completeness, .Net does not make interop easy. They do not accept ASN.1/DER or PEM. Rather, .Net accepts some XML representation of the keys. I believe you can find it in RFC 3275, XML-Signature Syntax and Processing. Microsoft does not state that for you. I kind of pieced it together when I wrote the Code Project article.

除了 ASN.1/DER 和 PEM 之外，也许我们应该在 Crypto++ 中添加一个类来反刍 XML.

Maybe we should add a class to Crypto++ to regurgitate XML in addition to ASN.1/DER and PEM.

这篇关于在 C# 中加载 ASN.1/DER 编码的 RSA 密钥对的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！