2025年02月14日 13:00 阅读量:171
前端js使用:jsencrypt.js 进行RSA加密;后端C#使用进行RSA解密。出现小概率解密失败的情况(偶发性“不正确的数据”)
JSEncrypt#encrypt加密,有时会生成长度小于模数的密文(生成小于规定长度的密文),即密文不会填充模数长度的前导0x00值。长度小于模数的密文是无效的。
JSEncrypt#decrypt解密似乎考虑到了这一点,因为它还会正确地解密太短的密文。 当以其他语言(例如,C#)执行解密时,会出现问题。
这里解密会中止,并显示一条错误消息,“不正确的数据”。
解决这个问题之前需要了解一下密文长度,在不考虑切片加密的情况下,密文长度和秘钥长度一致。
例如我们选用1024bit的秘钥那么密文长度就应该是128B(1024/8)。
这里的密文长度指的是是Byte数组的长度,不是Base64字符串的长度,因为Base64有补全机制
那么我们以1024bit的秘钥为例,后端处理(C#)完整解决方法如下:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.IO;
using System.Security.Cryptography;
using System.Text;
/// <summary>
/// JsEncryptHelper 的摘要说明
/// </summary>
/// <summary>
/// AJax提交参数加密帮助类
/// </summary>
public class JsEncryptHelper
{
private const string defaultprivateKey = @"MIICXQIBAAKBgQCslmeGObwebJXeF0T0ysgxVJ1P8owZhfg1IkjbHyRm2dBwDS3y
eMNQYFS+LaeEZQ7duZ8zHjKW2jlfiRbT7/jQJtXm0qiqTsdfOBh/fLeiQiAZD/D8
ZI+k01/G/35sfqG8X0NgosMHARFaAClb3cJniySn1VWYtStXJqP04rNEgQIDAQAB
AoGBAJCdeuOzDxmjPTUa5HIGVRdY4nRyNcjRRDkpoEjT4Im6K/koYf7SCD8aaQfu
c3bxwzIxbt/Dhvp2oyqVUaaHZ0GJwp2f31cqL7UtHoKMtam/gqaQexIBMpRMt4V7
8BFK+e3t+HJKk9mYI6Sgm9gvREYQr4VLaefpt9Y/ljmsNJENAkEA5+SbgMwIQ8/h
WbQyE/CVdHucwdJKqJpK9MxwdMPcB4zyUtauV7xFSgVcSCS0XGwfk9r1VS0vu1vg
IL1+xGP8nwJBAL6HfndaD9V7rIUIPTCmKfUCVxlfuADFvjGONr8jZFsAoKvazRWD
dSx+bcbb5vqlylYvNGL4PktqXtE4YsLECt8CQCUFk2oBqQQiiSjIIwKZ81Jwdbtf
9nlqgLMKfJ23s0YlU360NYteTHWf23bNHVpwDK6PU4GwwCEabvLrLfTuvaMCQF6/
pM2XtQ4WLaoOedeKmozkOAo/RpLjw3yDW4hcAlkbC8vKyHgtYoTY7qCY1NnKvr9z
RBr/loMMh9CFuN9gfIMCQQCbvkVKHGtKvYEB7DnhPWZrC4tfvWx72PJZ5YePS8dV
qTknSVwZmDOWnIzjR5HkrS3RAe64RLDY8p3aflqQgw2W";
private const string defaultpublicKey = @"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCslmeGObwebJXeF0T0ysgxVJ1P
8owZhfg1IkjbHyRm2dBwDS3yeMNQYFS+LaeEZQ7duZ8zHjKW2jlfiRbT7/jQJtXm
0qiqTsdfOBh/fLeiQiAZD/D8ZI+k01/G/35sfqG8X0NgosMHARFaAClb3cJniySn
1VWYtStXJqP04rNEgQIDAQAB";
private RSACryptoServiceProvider _privateKeyRsaProvider;
private RSACryptoServiceProvider _publicKeyRsaProvider;
public JsEncryptHelper(string privateKey = "", string publicKey = "")
{
if (string.IsNullOrEmpty(privateKey))
{
privateKey = defaultprivateKey;
}
if (string.IsNullOrEmpty(publicKey))
{
publicKey = defaultpublicKey;
}
if (!string.IsNullOrEmpty(privateKey))
{
_privateKeyRsaProvider = CreateRsaProviderFromPrivateKey(privateKey);
}
if (!string.IsNullOrEmpty(publicKey))
{
_publicKeyRsaProvider = CreateRsaProviderFromPublicKey(publicKey);
}
}
/// <summary>
/// 小于模数的密文,需补全密文,否则小概率报"数据不正确"
/// </summary>
/// <param name="strCiphertext">密文</param>
/// <param name="keySize">秘钥长度</param>
/// <returns>补全后的密文</returns>
private string CorrectionCiphertext(string strCiphertext, int keySize = 1024)
{
int ciphertextLength = keySize / 8;
byte[] data = Convert.FromBase64String(strCiphertext);
var newData = new List<byte>(data);
while (newData.Count < ciphertextLength)
{
newData.Insert(0, 0x00);
}
return Convert.ToBase64String(newData.ToArray());
}
public string Decrypt(string cipherText)
{
if (_privateKeyRsaProvider == null)
{
throw new Exception("_privateKeyRsaProvider is null");
}
if (string.IsNullOrEmpty(cipherText))
{
return "";
}
cipherText = cipherText.Replace(" ", "+");//url传送密文时, "+"号字符变空白,需要替换回来
cipherText = CorrectionCiphertext(cipherText, 1024);//解密前,对异常密文进行补全处理
return Encoding.UTF8.GetString(_privateKeyRsaProvider.Decrypt(Convert.FromBase64String(cipherText), false));
}
public string Encrypt(string text)
{
if (_publicKeyRsaProvider == null)
{
throw new Exception("_publicKeyRsaProvider is null");
}
return Convert.ToBase64String(_publicKeyRsaProvider.Encrypt(Encoding.UTF8.GetBytes(text), false));
}
private RSACryptoServiceProvider CreateRsaProviderFromPrivateKey(string privateKey)
{
var privateKeyBits = System.Convert.FromBase64String(privateKey);
var RSA = new RSACryptoServiceProvider();
var RSAparams = new RSAParameters();
using (BinaryReader binr = new BinaryReader(new MemoryStream(privateKeyBits)))
{
byte bt = 0;
ushort twobytes = 0;
twobytes = binr.ReadUInt16();
if (twobytes == 0x8130)
binr.ReadByte();
else if (twobytes == 0x8230)
binr.ReadInt16();
else
throw new Exception("Unexpected value read binr.ReadUInt16()");
twobytes = binr.ReadUInt16();
if (twobytes != 0x0102)
throw new Exception("Unexpected version");
bt = binr.ReadByte();
if (bt != 0x00)
throw new Exception("Unexpected value read binr.ReadByte()");
RSAparams.Modulus = binr.ReadBytes(GetIntegerSize(binr));
RSAparams.Exponent = binr.ReadBytes(GetIntegerSize(binr));
RSAparams.D = binr.ReadBytes(GetIntegerSize(binr));
RSAparams.P = binr.ReadBytes(GetIntegerSize(binr));
RSAparams.Q = binr.ReadBytes(GetIntegerSize(binr));
RSAparams.DP = binr.ReadBytes(GetIntegerSize(binr));
RSAparams.DQ = binr.ReadBytes(GetIntegerSize(binr));
RSAparams.InverseQ = binr.ReadBytes(GetIntegerSize(binr));
}
RSA.ImportParameters(RSAparams);
return RSA;
}
private int GetIntegerSize(BinaryReader binr)
{
byte bt = 0;
byte lowbyte = 0x00;
byte highbyte = 0x00;
int count = 0;
bt = binr.ReadByte();
if (bt != 0x02)
return 0;
bt = binr.ReadByte();
if (bt == 0x81)
count = binr.ReadByte();
else
if (bt == 0x82)
{
highbyte = binr.ReadByte();
lowbyte = binr.ReadByte();
byte[] modint = { lowbyte, highbyte, 0x00, 0x00 };
count = BitConverter.ToInt32(modint, 0);
}
else
{
count = bt;
}
while (binr.ReadByte() == 0x00)
{
count -= 1;
}
binr.BaseStream.Seek(-1, SeekOrigin.Current);
return count;
}
private RSACryptoServiceProvider CreateRsaProviderFromPublicKey(string publicKeyString)
{
// encoded OID sequence for PKCS #1 rsaEncryption szOID_RSA_RSA = "1.2.840.113549.1.1.1"
byte[] SeqOID = { 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00 };
byte[] x509key;
byte[] seq = new byte[15];
int x509size;
x509key = Convert.FromBase64String(publicKeyString);
x509size = x509key.Length;
// --------- Set up stream to read the asn.1 encoded SubjectPublicKeyInfo blob ------
using (MemoryStream mem = new MemoryStream(x509key))
{
using (BinaryReader binr = new BinaryReader(mem)) //wrap Memory Stream with BinaryReader for easy reading
{
byte bt = 0;
ushort twobytes = 0;
twobytes = binr.ReadUInt16();
if (twobytes == 0x8130) //data read as little endian order (actual data order for Sequence is 30 81)
binr.ReadByte(); //advance 1 byte
else if (twobytes == 0x8230)
binr.ReadInt16(); //advance 2 bytes
else
return null;
seq = binr.ReadBytes(15); //read the Sequence OID
if (!CompareBytearrays(seq, SeqOID)) //make sure Sequence for OID is correct
return null;
twobytes = binr.ReadUInt16();
if (twobytes == 0x8103) //data read as little endian order (actual data order for Bit String is 03 81)
binr.ReadByte(); //advance 1 byte
else if (twobytes == 0x8203)
binr.ReadInt16(); //advance 2 bytes
else
return null;
bt = binr.ReadByte();
if (bt != 0x00) //expect null byte next
return null;
twobytes = binr.ReadUInt16();
if (twobytes == 0x8130) //data read as little endian order (actual data order for Sequence is 30 81)
binr.ReadByte(); //advance 1 byte
else if (twobytes == 0x8230)
binr.ReadInt16(); //advance 2 bytes
else
return null;
twobytes = binr.ReadUInt16();
byte lowbyte = 0x00;
byte highbyte = 0x00;
if (twobytes == 0x8102) //data read as little endian order (actual data order for Integer is 02 81)
lowbyte = binr.ReadByte(); // read next bytes which is bytes in modulus
else if (twobytes == 0x8202)
{
highbyte = binr.ReadByte(); //advance 2 bytes
lowbyte = binr.ReadByte();
}
else
return null;
byte[] modint = { lowbyte, highbyte, 0x00, 0x00 }; //reverse byte order since asn.1 key uses big endian order
int modsize = BitConverter.ToInt32(modint, 0);
int firstbyte = binr.PeekChar();
if (firstbyte == 0x00)
{ //if first byte (highest order) of modulus is zero, don't include it
binr.ReadByte(); //skip this null byte
modsize -= 1; //reduce modulus buffer size by 1
}
byte[] modulus = binr.ReadBytes(modsize); //read the modulus bytes
if (binr.ReadByte() != 0x02) //expect an Integer for the exponent data
return null;
int expbytes = (int)binr.ReadByte(); // should only need one byte for actual exponent data (for all useful values)
byte[] exponent = binr.ReadBytes(expbytes);
// ------- create RSACryptoServiceProvider instance and initialize with public key -----
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();
RSAParameters RSAKeyInfo = new RSAParameters();
RSAKeyInfo.Modulus = modulus;
RSAKeyInfo.Exponent = exponent;
RSA.ImportParameters(RSAKeyInfo);
return RSA;
}
}
}
private bool CompareBytearrays(byte[] a, byte[] b)
{
if (a.Length != b.Length)
return false;
int i = 0;
foreach (byte c in a)
{
if (c != b[i])
return false;
i++;
}
return true;
}
}