gpt4 book ai didi

javascript - 在C#中通过JS发布解密RSA公钥加密数据

转载 作者:行者123 更新时间:2023-11-30 22:51:23 24 4
gpt4 key购买 nike

在 C# 中解密 RSA 加密字符串时出现错误 The data to be decrypted exceeds the maximum for this modulus of 256 bytes

我要实现的目标:

  1. 在 C# (RSA) 中生成公钥/私钥对
  2. 将私钥保存在 session /临时存储中以供解密时使用
  3. 发送/返回公钥给客户端/JS用于加密
  4. 使用公钥在JS中加密字符串(最多20个字符)并发送到服务器
  5. 使用步骤2中保存的私钥解密服务器中的加密字符串

什么有效:

  1. 生成公钥/私钥对
  2. 使用库在 JS 中加密 jsencrypt

到目前为止编写的代码:

C#

    ///Source: https://stackoverflow.com/questions/17128038/c-sharp-rsa-encryption-decryption-with-transmission
public static void GenerateKeys()
{
//CSP with a new 2048 bit rsa key pair
var csp = new RSACryptoServiceProvider(2048);

//Private key
var privKey = csp.ExportParameters(true);

//Public key
var pubKey = csp.ExportParameters(false);

string privKeyString = string.Empty;

var sw = new System.IO.StringWriter();
var xs = new System.Xml.Serialization.XmlSerializer(typeof(RSAParameters));
xs.Serialize(sw, privKey);
privKeyString = sw.ToString();

//This will give public key in the following format which is required by the JS library
//-----BEGIN PUBLIC KEY-----
//XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
//-----END PUBLIC KEY-----
string publicKeyBase64 = ConvertPublicKeyForJS(pubKey);

//Will be saved in sesssion for later use during decryption
string privateKeyBase64 = Convert.ToBase64String(System.Text.Encoding.ASCII.GetBytes(privKeyString));

//Save in session/temp location
//Return publicKeyBase64 to JS
}

/// <summary>
/// Source: https://stackoverflow.com/questions/28406888/c-sharp-rsa-public-key-output-not-correct/28407693#28407693
/// </summary>
/// <param name="publicKey"></param>
/// <returns></returns>
public static string ConvertPublicKeyForJS(RSAParameters publicKey)
{
string output = string.Empty;

using (var stream = new MemoryStream())
{
var writer = new BinaryWriter(stream);
writer.Write((byte)0x30); // SEQUENCE
using (var innerStream = new MemoryStream())
{
var innerWriter = new BinaryWriter(innerStream);
innerWriter.Write((byte)0x30); // SEQUENCE
EncodeLength(innerWriter, 13);
innerWriter.Write((byte)0x06); // OBJECT IDENTIFIER
var rsaEncryptionOid = new byte[] { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01 };
EncodeLength(innerWriter, rsaEncryptionOid.Length);
innerWriter.Write(rsaEncryptionOid);
innerWriter.Write((byte)0x05); // NULL
EncodeLength(innerWriter, 0);
innerWriter.Write((byte)0x03); // BIT STRING
using (var bitStringStream = new MemoryStream())
{
var bitStringWriter = new BinaryWriter(bitStringStream);
bitStringWriter.Write((byte)0x00); // # of unused bits
bitStringWriter.Write((byte)0x30); // SEQUENCE
using (var paramsStream = new MemoryStream())
{
var paramsWriter = new BinaryWriter(paramsStream);
EncodeIntegerBigEndian(paramsWriter, publicKey.Modulus); // Modulus
EncodeIntegerBigEndian(paramsWriter, publicKey.Exponent); // Exponent
var paramsLength = (int)paramsStream.Length;
EncodeLength(bitStringWriter, paramsLength);
bitStringWriter.Write(paramsStream.GetBuffer(), 0, paramsLength);
}
var bitStringLength = (int)bitStringStream.Length;
EncodeLength(innerWriter, bitStringLength);
innerWriter.Write(bitStringStream.GetBuffer(), 0, bitStringLength);
}
var length = (int)innerStream.Length;
EncodeLength(writer, length);
writer.Write(innerStream.GetBuffer(), 0, length);
}

var base64 = Convert.ToBase64String(stream.GetBuffer(), 0, (int)stream.Length);

StringBuilder sb = new StringBuilder();
sb.AppendLine("-----BEGIN PUBLIC KEY-----");
sb.AppendLine(base64);
sb.AppendLine("-----END PUBLIC KEY-----");

output = sb.ToString();
}

return output;
}

private static void EncodeLength(BinaryWriter stream, int length)
{
if (length < 0) throw new ArgumentOutOfRangeException("length", "Length must be non-negative");
if (length < 0x80)
{
// Short form
stream.Write((byte)length);
}
else
{
// Long form
var temp = length;
var bytesRequired = 0;
while (temp > 0)
{
temp >>= 8;
bytesRequired++;
}
stream.Write((byte)(bytesRequired | 0x80));
for (var i = bytesRequired - 1; i >= 0; i--)
{
stream.Write((byte)(length >> (8 * i) & 0xff));
}
}
}

private static void EncodeIntegerBigEndian(BinaryWriter stream, byte[] value, bool forceUnsigned = true)
{
stream.Write((byte)0x02); // INTEGER
var prefixZeros = 0;
for (var i = 0; i < value.Length; i++)
{
if (value[i] != 0) break;
prefixZeros++;
}
if (value.Length - prefixZeros == 0)
{
EncodeLength(stream, 1);
stream.Write((byte)0);
}
else
{
if (forceUnsigned && value[prefixZeros] > 0x7f)
{
// Add a prefix zero to force unsigned if the MSB is 1
EncodeLength(stream, value.Length - prefixZeros + 1);
stream.Write((byte)0);
}
else
{
EncodeLength(stream, value.Length - prefixZeros);
}
for (var i = prefixZeros; i < value.Length; i++)
{
stream.Write(value[i]);
}
}
}

public static string DecryptValue(string cypherText)
{
string plainTextData = string.Empty;

string privKeyBase64 = ""; //get value from session/temp storage

string privKeyString = System.Text.Encoding.ASCII.GetString(Convert.FromBase64String(privKeyBase64));

var sr = new System.IO.StringReader(privKeyString);
var xs = new System.Xml.Serialization.XmlSerializer(typeof(RSAParameters));
var privKey = (RSAParameters)xs.Deserialize(sr);

var csp = new RSACryptoServiceProvider();
csp.ImportParameters(privKey);

var bytesCypherText = Convert.FromBase64String(cypherText);

//Problematic line
var bytesPlainTextData = csp.Decrypt(bytesCypherText, false);

plainTextData = System.Text.Encoding.Unicode.GetString(bytesPlainTextData);

return plainTextData;
}

JS

   function encrypt(msg, publicKey) {
var jsEncrypt = new JSEncrypt();
jsEncrypt.setPublicKey(publicKey);
var encrypted = jsEncrypt.encrypt(msg);

var base64result = btoa(encrypted);

return base64result;
}

更新/变化:

如果我将 key 大小设置为 1024 而不是 2048,我得到的错误是 The data to be decrypted exceeds the maximum for this modulus of 128 bytes.。根据我在调试器中看到的,加密字符串的总字节数为 172。

更新 |解决方案:

  1. 删除 JS var base64result = btoa(encrypted); 中的这一行。直接返回加密后的值即可。
  2. 在 C# 解密方法中,将此行 var bytesPlainTextData = csp.Decrypt(bytesCypherText, false); 更改为 var bytesPlainTextData = csp.Decrypt(bytesCypherText, RSAEncryptionPadding.Pkcs1);.

注意事项:

  • 请忽略不正确的方法返回类型,这仍然是一个 POC,很多值是手动填充的。
  • 我不是安全问题方面的专家,所以很多代码都是从不同来源挑选出来的。

最佳答案

您面临非对称加密的限制。对于大块数据来说速度非常慢,并且加密字符串的大小受您使用的 RSA key 大小的限制。

RSA 通常用于交换对称 key 和处理大部分数据。如果您必须对大量数据使用非对称负载,那么您需要将有效负载分解为较小的负载并在另一侧进行重建。

RSA is only able to encrypt data to a maximum amount of your key size (2048 bits = 256 bytes) minus padding / header data (11 bytes for PKCS#1 v1.5 padding).

如果如您所说,您只发送 20 个字符,则确实使用断点检查您的解密函数是否确实获得了足够小的密文。如果不是,您需要回溯并检查您发送错误内容的位置。

也可能是JSEncrypt中RSA的标准和C#中的RSA不一样,可见in this SO answer here

关于javascript - 在C#中通过JS发布解密RSA公钥加密数据,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/59243960/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com