[英]How to unwrap a key using RSA in Bouncy castle c#?
如何在Bouncy Castle中使用RSA私钥解开密钥? 我收到已包装的密钥,该密钥是使用RSA公钥包装的。 我有RSA密钥对。 我只是在C#Bouncy Castle中找不到可以用来解包的api。
C#源代码( https://github.com/bcgit/bc-csharp )中的该代码当前已被注释掉。 RSA注释掉的行正是我需要的,但是当我尝试使用它们时,似乎已被删除或从未实现。
Key key = cipher.unwrap(wrappedKey, "RSA", IBufferedCipher.PRIVATE_KEY);
上面的行正是我需要的。 为什么将其注释掉? WrapTest.cs中的完整功能如下:
public ITestResult Perform()
{
try
{
// IBufferedCipher cipher = CipherUtilities.GetCipher("DES/ECB/PKCS5Padding");
IWrapper cipher = WrapperUtilities.GetWrapper("DES/ECB/PKCS5Padding");
IAsymmetricCipherKeyPairGenerator fact = GeneratorUtilities.GetKeyPairGenerator("RSA");
fact.Init(
new RsaKeyGenerationParameters(
BigInteger.ValueOf(0x10001),
new SecureRandom(),
512,
25));
AsymmetricCipherKeyPair keyPair = fact.GenerateKeyPair();
AsymmetricKeyParameter priKey = keyPair.Private;
AsymmetricKeyParameter pubKey = keyPair.Public;
byte[] priKeyBytes = PrivateKeyInfoFactory.CreatePrivateKeyInfo(priKey).GetDerEncoded();
CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator("DES");
// Key wrapKey = keyGen.generateKey();
byte[] wrapKeyBytes = keyGen.GenerateKey();
KeyParameter wrapKey = new DesParameters(wrapKeyBytes);
// cipher.Init(IBufferedCipher.WRAP_MODE, wrapKey);
cipher.Init(true, wrapKey);
// byte[] wrappedKey = cipher.Wrap(priKey);
byte[] wrappedKey = cipher.Wrap(priKeyBytes, 0, priKeyBytes.Length);
// cipher.Init(IBufferedCipher.UNWRAP_MODE, wrapKey);
cipher.Init(false, wrapKey);
// Key key = cipher.unwrap(wrappedKey, "RSA", IBufferedCipher.PRIVATE_KEY);
byte[] unwrapped = cipher.Unwrap(wrappedKey, 0, wrappedKey.Length);
//if (!Arrays.AreEqual(priKey.getEncoded(), key.getEncoded()))
if (!Arrays.AreEqual(priKeyBytes, unwrapped))
{
return new SimpleTestResult(false, "Unwrapped key does not match");
}
return new SimpleTestResult(true, Name + ": Okay");
}
catch (Exception e)
{
return new SimpleTestResult(false, Name + ": exception - " + e.ToString());
}
}
我还不清楚您需要什么,但是您可以使用RSA密钥在Bouncycastle中包装和拆开AES密钥。 这是一个Java示例,该示例创建RSA密钥对,将私钥保存到文件中,然后保存已包装在公钥中的AES密钥。
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
public class Main {
private static final SecureRandom rand = new SecureRandom();
public static void main(String[] args) throws Exception {
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(1024, rand);
KeyPair kp = kpg.generateKeyPair();
// Write out private key to file, PKCS8-encoded DER
Files.write(Paths.get("privkey.der"), kp.getPrivate().getEncoded());
KeyGenerator kg = KeyGenerator.getInstance("AES");
kg.init(256, rand);
SecretKey aesKey = kg.generateKey();
Cipher c = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
c.init(Cipher.WRAP_MODE, kp.getPublic(), rand);
byte[] wrappedKey = c.wrap(aesKey);
// Write out wrapped key
Files.write(Paths.get("wrappedkey"), wrappedKey);
}
}
这是一个C#示例,该示例使用Java示例的输出并解包AES密钥。
using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Pkcs;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Security;
namespace RSADecryptWithBouncy
{
class MainClass
{
private static KeyParameter Unwrap(byte [] key, AsymmetricKeyParameter privKeyParam) {
var wrapper = WrapperUtilities.GetWrapper("RSA/NONE/PKCS1PADDING");
wrapper.Init(false, privKeyParam);
var aesKeyBytes = wrapper.Unwrap(key, 0, key.Length);
return new KeyParameter(aesKeyBytes);
}
public static void Main(string[] args)
{
var privKeyBytes = File.ReadAllBytes("../../privkey.der");
var seq = Asn1Sequence.GetInstance(privKeyBytes);
var rsaKeyParams = PrivateKeyFactory.CreateKey(PrivateKeyInfo.GetInstance(seq));
var wrappedKey = File.ReadAllBytes("../../wrappedKey");
var aesKey2 = Unwrap(wrappedKey, rsaKeyParams);
}
}
}
您将不得不适应您的需求。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.