問題描述
我是加密新手.我需要實現(xiàn)非對稱加密算法,我認為它使用私鑰/公鑰.我開始使用 RSACryptoServiceProvider 的示例.可以加密小數(shù)據(jù).但是當在相對較大的數(shù)據(jù)2行"上使用它時,我得到異常 CryptographicException Bad Length"!
I'm new to encryption. I need to implement asymmetric encryption algorithm, which i think it uses private/public key. I started using a sample of RSACryptoServiceProvider. it was ok with small data to encrypt. But when using it on relatively larger data "2 lines", i get the exception CryptographicException "Bad Length"!
//Create a new instance of RSACryptoServiceProvider.
using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider())
{
//Import the RSA Key information. This only needs
//toinclude the public key information.
//RSA.ImportParameters(RSAKeyInfo);
byte[] keyValue = Convert.FromBase64String(publicKey);
RSA.ImportCspBlob(keyValue);
//Encrypt the passed byte array and specify OAEP padding.
//OAEP padding is only available on Microsoft Windows XP or
//later.
encryptedData = RSA.Encrypt(DataToEncrypt, DoOAEPPadding);
}
然后我發(fā)現(xiàn)了一些使用 CryptoStream 加密大數(shù)據(jù)(或文件)的示例,并且僅使用 DES 或 3DES 等對稱算法,這些算法具有 CreateEncryptor 函數(shù)以返回 ICryptoTransform 作為 CryptoStream 構(gòu)造函數(shù)的輸入之一!!!
Then I found some samples of encrypting large data (or files) by using CryptoStream, and only use symmetric algorithms like DES or 3DES, which have the function CreateEncryptor to return ICryptoTransform as one of the input to the constructor of CryptoStream!!!
CryptoStream cStream = new CryptoStream(fStream,
new TripleDESCryptoServiceProvider().CreateEncryptor(Key, IV),
CryptoStreamMode.Write);
使用 RSA 加密文件的方法是什么?
What is the way to encrypt files using RSA?
推薦答案
正如其他答案中提到的,非對稱加密僅用于加密小于其密鑰大小的數(shù)據(jù).
As mentioned in other answers asymmetric encryption is only designed for encrypting data smaller than its key size.
當需要在兩個系統(tǒng)之間傳輸大量加密數(shù)據(jù)時,我實現(xiàn)的一個選項是擁有一個 RSA 密鑰對,其公鑰對于發(fā)送方和接收方都是已知的,然后當需要發(fā)送數(shù)據(jù)時,接收方會生成一個新的 RSA 密鑰對,使用公共公鑰加密該密鑰對的公鑰,并將加密的公鑰發(fā)送給發(fā)送者.發(fā)送方使用自己的私鑰解密接收方的公鑰(接收方不需要知道,就像發(fā)送方不需要知道接收方生成的私鑰一樣),生成對稱加密密鑰,用對稱密鑰加密數(shù)據(jù)然后使用從接收方收到的公鑰加密對稱密鑰.然后將加密的對稱密鑰和加密的數(shù)據(jù)發(fā)送給接收方,接收方使用其生成的私鑰解密對稱密鑰,然后解密數(shù)據(jù).
One option that I have implemented when needing to transfer large amounts of encrypted data between two systems is to have an RSA keypair whose public key is known to both the sender and the receiver then when data needs to be sent the receiver generates a new RSA keypair, encrypts the public key of that keypair with the common public key and sends the encrypted public key to the sender. The sender decrypts the receivers public key using its private key (which the receiver does not need to know, just as the sender does not need to know the receivers generated private key), generates a symmetric encryption key, encrypts the data with the symmetric key and then encrypts the symmetric key using the public key received from the receiver. Both the encrypted symmetric key and the encrypted data are then sent to the receiver which uses its generated private key to decrypt the symmetric key and then decrypts the data.
您可以使用 RSACryptoServiceProvider.ToXMLString() 和 RSACryptoServiceProvider.FromXMLString() 方法將公共公鑰作為 XML 字符串文字存儲在接收方應(yīng)用程序中.
You can use the RSACryptoServiceProvider.ToXMLString() and RSACryptoServiceProvider.FromXMLString() methods to store the common public key as an XML string literal in the receiver application.
不要忘記,當您生成對稱加密密鑰時,要使用 RNGCryptoServiceProvider() 來生成密鑰,因為它是一種更安全的生成(偽)隨機數(shù)的方法.
Don't forget, when you generate the symmetric encryption key to use RNGCryptoServiceProvider() to generate the key as it is a much more secure method of generating (pseudo) random numbers.
另外,我強烈建議不要使用 3DES 作為對稱加密算法,它已經(jīng)過時并且開始顯示其年齡.對 AesCryptoServiceProvicer 或 RijndaelManaged 類使用 AES 對稱加密.
Also, I strongly recommend against using 3DES as your symmetric encryption algorithm, it is old and starting to show its age. Use AES symmetric encryption with either the AesCryptoServiceProvicer or RijndaelManaged classes.
這篇關(guān)于如何在 C# 中使用 RSA 加密文件(大數(shù)據(jù))的文章就介紹到這了,希望我們推薦的答案對大家有所幫助,也希望大家多多支持html5模板網(wǎng)!