加密X509证书公钥
[英]Encrypting the X509Certificate public Key
问题描述
All, I am working on IDP initiated web sso for a project and the Service Provider has this requirement to RSA encrypt the AES-128 symmetric key(ECB with PKCS1 padding) and Base64 encode that before adding this to the AttributeStatement section of SAML 2.0 response .My understanding is RSA encryption is asymmetric and the key we have to encrypt is the Service Providers public key.But we dont have SP's public certificate ,so I decided to RSA encrypt our X509Certicate's public key 
所有人,我正在为项目的IDP启动的Web sso工作,服务提供商具有RSA加密AES-128对称密钥(带有PKCS1填充的ECB)和Base64编码的要求,然后将其添加到SAML 2.0响应的AttributeStatement部分我的理解是RSA加密是非对称的,我们必须加密的密钥是服务提供商的公共密钥。但是我们没有SP的公共证书,因此我决定对RSA加密X509Certicate的公共密钥
This is the code I have and it throws a Bad Length Cryptographic exception on calling the Encrypt method on RSACryptoServiceProvider class.Does anyone know what the issue? 这是我的代码,在RSACryptoServiceProvider类上调用Encrypt方法时会抛出Bad Length Cryptographic异常,有人知道这个问题吗?
using(var rsa = cert.PublicKey.Key as RSACryptoServiceProvider)
{
rsa.KeySize = 1024;
byte[] encryptedKey = rsa.Encrypt(cert.GetPublicKey(),false);
encodedPublicKey = Convert.ToBase64String(encryptedKey);
}
1 个解决方案
解决方案1
2 2017-09-20 19:15:50
The amount of data that you are able to encrypt using RSA public key must be (I don't know the exact equation) less than the length of the public key. 您能够使用RSA公钥加密的数据量必须小于公钥的长度(我不知道确切的等式)。
In case of encrypting AES-128 you will be encrypting 128 bits. 在加密AES-128的情况下,您将在加密128位。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.