RSA私钥是否始终包含公钥,还是只是.NET?
[英]Does RSA Private key always contain the Public key, or is it just .NET?
问题描述
I'm using RSACryptoServiceProvider in .NET 2 and it seems that the Private part of a Public/Private key pair always contains the Public part as well. 
我在.NET 2中使用RSACryptoServiceProvider,似乎公钥/私钥对的私有部分也总是包含Public部分。
I need to encrypt some info using my Public key, and allow the other party to ONLY DECRYPT what I encrypted. 我需要使用我的公钥加密一些信息,并允许另一方仅解密我加密的内容。 I don't want them to be able to know how I encrypted my message. 我不希望他们知道我如何加密我的消息。 Is that possible using RSACryptoServiceProvider in .NET? 是否可以在.NET中使用RSACryptoServiceProvider?
3 个解决方案
解决方案1
9 2008-11-19 08:40:11
How to use: 如何使用:
The other party's public key : 对方的公钥 :
If you want to encrypt something that only the other party (and no one else) can decrypt, you have to encrypt it with their public key (not with your key). 如果你想加密只有另一方(没有其他人)可以解密的东西,你必须使用他们的公钥(而不是你的密钥)加密它。
If you get a signature from the other party, you can verify that the signature is correct (as opposed to created by someone else) by using the other party's public key. 如果您从另一方获得签名,则可以使用另一方的公钥验证签名是否正确(而不是由其他人创建)。
Your own private key : 你自己的私钥 :
If you want to sign something so that everyone can verify that you created the contents, you sign it with your own private key. 如果您想签名以便每个人都可以验证您是否创建了内容,请使用您自己的私钥对其进行签名。 Your public key will be used to verify it. 您的公钥将用于验证它。 The contents are not encrypted at all (unless you do that separately). 内容根本没有加密(除非你单独进行)。
If someone sends you a message encrypted with your public key (so that only you can read it), you can decrypt it with your private key. 如果有人向您发送使用您的公钥加密的邮件(这样只有您可以阅读它),您可以使用您的私钥解密它。
Your own public key : 你自己的公钥 :
You do not use your own public key. 您不使用自己的公钥。 The other party uses it to verify your signatures, and to encrypt messages for your eyes only. 另一方使用它来验证您的签名,并仅为您的眼睛加密消息。
The other party's private key : 对方的私钥 :
You do not have that. 你没有那个。
解决方案2
8 2008-11-19 08:32:03
The private key always includes the public key. 私钥始终包含公钥。
What you might really want is Signing. 你真正想要的是签名。 Using the same .NET classes, you can sign data with your private key and verify the signature on the other party's side with the public key (which obviously doesn't contain the private key). 使用相同的.NET类,您可以使用私钥对数据进行签名,并使用公钥(显然不包含私钥)验证另一方的签名。
public static string Sign(string data, string privateAndPublicKey)
{
byte[] dataBytes = Encoding.UTF8.GetBytes(data);
RSACryptoServiceProvider provider = CreateProviderFromKey(privateAndPublicKey);
byte[] signatureBytes = provider.SignData(dataBytes, "SHA1");
return Convert.ToBase64String(signatureBytes);
}
public static bool Verify(string data, string signature, string publicKey)
{
byte[] dataBytes = Encoding.UTF8.GetBytes(data);
byte[] signatureBytes = Convert.FromBase64String(signature);
RSACryptoServiceProvider provider = CreateProviderFromKey(publicKey);
return provider.VerifyData(dataBytes, "SHA1", signatureBytes);
}
private static RSACryptoServiceProvider CreateProviderFromKey(string key)
{
RSACryptoServiceProvider provider = new RSACryptoServiceProvider();
provider.FromXmlString(key);
return provider;
}
解决方案3
2 2008-11-19 08:39:11
Data encryption using private/public key does not work like that. 使用私钥/公钥的数据加密不能像那样工作。 You must use other person's public key , so he/she can decrypt it by means of his/her private key. 您必须使用其他人的公钥 ,以便他/她可以通过他/她的私钥解密。
Nonetheless this is really slow, so in practice what is actually used to encrypt the message is a symmetric key which is generated at session time. 尽管如此,这确实很慢,因此在实践中实际用于加密消息的是在会话时生成的对称密钥。 The symmetric key is what is encrypted by means of the public key of the other end (much less data than whole message), and then attached to the encrypted message. 对称密钥是通过另一端的公钥加密的(比整个消息少得多的数据),然后附加到加密的消息。 SSL for example works like that. 例如,SSL就是这样的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.