C＃（.NET）RSACryptoServiceProvider導入/導出x509公鑰blob和PKCS8私鑰blob

Question

首先讓我說我不是一個加密專家，但我知道的基本知識。

我希望能夠到：

1. 從X509公共密鑰團
2. 得到一個的RSACryptoServiceProvider例如，從PKCS8私人密鑰團
3. 出口從的RSACryptoServiceProvider公共密鑰得到一個的RSACryptoServiceProvider實例實例作爲x509公鑰Key blob
4. 將RSACryptoServiceProvider實例的私鑰作爲PKCS8 blob導出

Answer 1

整天四處尋找之後，我發現這個repository (thanks a lot jrnker)我選擇，我需要能夠代碼來滿足目標1，2和3

由於Jrnker唯一提供了獲取從一個的RSACryptoServiceProvider PKCS1 blob（以及我需要的是來自PKCS8 blob的RSACryptoServiceProvider）我一直在尋找目標編號4.然後，我發現Michel Gallant's "opensslkey.cs"，我選擇了需要的編碼以達到目標編號4.

然後我開始用所需的方法和類來編譯一個類。

這裏是我的試聽課：

using System; 

namespace RSAKeyTests 
{ 
    class Demo 
    { 
     static void Main(string[] args) 
     { 
      //EXPORTED KEYS 
      string importedPublicKeyBase64 = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbVC4aUR+XRCepBcPlod69wruXqwW9yL/YJYvuaQ33QxUoAehQ0z4SuphHwEPxQp/qLqucmE6XKlEeTksFAmaGM88uuGessqMZmdu9WFhc07MWLTCifR43IRtGEeWeFSWjUI6mNRrShP3QQ3+Z6e7w+HRA2RpmgNgEhJRvECHAKpcpHvP9o5Sq6q/dIAyR6NEjRFhfud27rFtnWrLj+ZmIsScemvks4vh8V3n8EzxxRE8nzVuZYr4v4NNH+q95XgIadHZ1Y6ICXJgX2NfacNRQl9+SEv0Wo8lbmFSIO3jHqyiWuSugv7R3/rQPRXHT6HJAtw0tBiPOBitMkTzqOvIwIDAQAB"; 
      string importedPrivateKeyBase64 = "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCFtULhpRH5dEJ6kFw+Wh3r3Cu5erBb3Iv9gli+5pDfdDFSgB6FDTPhK6mEfAQ/FCn+ouq5yYTpcqUR5OSwUCZoYzzy64Z6yyoxmZ271YWFzTsxYtMKJ9HjchG0YR5Z4VJaNQjqY1GtKE/dBDf5np7vD4dEDZGmaA2ASElG8QIcAqlyke8/2jlKrqr90gDJHo0SNEWF+53busW2dasuP5mYixJx6a+Szi+HxXefwTPHFETyfNW5livi/g00f6r3leAhp0dnVjogJcmBfY19pw1FCX35IS/RajyVuYVIg7eMerKJa5K6C/tHf+tA9FcdPockC3DS0GI84GK0yRPOo68jAgMBAAECggEAJ/Dalr8RnHvPM/+Vnoaa847kfNaaggZixwq96eDEHAwAg82D0Gj+O2AolkvZlOI4HTmbdn4tNvMpPiwq6EQ5BOvIFCSpGltAMmraBHcnGK4S5ZDIy/rTJuc3RLPSNjUpvYqkLCgZCOnG2ZXeBrIMdgskc/69qIDir5RoV0m9QJJYU7pfrfErWYr/eqb1t7eZtTBAg+LAjKUMUq68WoJiBSBRPbAvlyFoc6tyk0ftngsF4OPVbwZQyYC2vLmxVrr1/YQbEgjpuJwQ0bONL6G9PAH6O+h10ILk9nyJY2c9gOXU0tz+foJ47naM12wCJETEy9JGeAiN4NLz5wRKTZzZwQKBgQDCOEJGDgtmSM0bDv4vPuxbacFgGTgRAKTs6sG9E1Cf3LNBLDP9OhfRkXFc192PmQRAktaZAN89zXeGxK1tLbJ3003qKXw05K3KOksVjJ7AH4Yhurv3VWmFZB8pryUsxIp+rm/5GLf4LfptUmBO6R4+jTfJVRBtK4A9KmkbY7BjgwKBgQCwPWayTgd0fmDqJxptWfPThcUw3/cG6EWTpnx1dSOdaBHzewRwq/8/i4vs314/onLggXgZTIkPU7y8ylTmz5KcaPIQkmRSSSL0Y2yzMGcHnylj7ysgBLw23k/PVzGSsMZ6ly7lE03SNQ3tyg6u0lc3pbT8ZLHf/x913stxSSiT4QKBgQChdgnKmZRqhS1WSGGSP3pZCJNFY9HTeLijaQqFOFB3hg/Tp37VDv2MMKCQsbi0z13UnP4glrQAehbbCBixQiMzMIx+ldx3UIEWNN4E3TGAwPROiCIJnY0q4rBxg/SgwgftBvF5oU4X2YluZuQ/1ddZ4ya0jq4oQ9jJgL9+kKKsJwKBgQCndbBfPEVZK7xqwT0bKp3EHxd/mU/gAFQcN9WKxgNRTdHAyOMvLD8c4jvSl2u2i2UcbejwIQkaxzZPLPH/XrywYgegN3mbtmLAVLi0iwla9KEfk+ImSlmMyTCMkw1HlTECyySEBhOr6T2S9Kt+8d5twcZ3DDb34DLEjS5CNoGYAQKBgDCEyhrg2lwyYwrL26ohNNuzgiabC5IKCgHlMpsUQjoCid9awCSb2iROf7iZIBoDyzXqgEQWTAf2clpJxgHz0necVw2sXP8wGcJXJ+e/lXNfPaC4z2QRnQ6i2iV88jRlWLK+S403hGnK0L/SDu9LtBhHwy6r/qRGT14ourqS6x7O"; 
      byte[] importedPublicKeyBytes = Convert.FromBase64String(importedPublicKeyBase64); 
      byte[] importedPrivateKeyBytes = Convert.FromBase64String(importedPrivateKeyBase64); 

      //PRINT INFO 
      Console.WriteLine("------ IMPORTED KEY PAIR: ------\n"); 
      Console.WriteLine("PUBLIC KEY:\n"+importedPublicKeyBase64+"\n\n"); 
      Console.WriteLine("PRIVATE KEY:\n" + importedPrivateKeyBase64 + "\n\n"); 

      //GENERATING RSACRYPTOSERVICEPROVIDER FROM X509 PUBLIC KEY BLOB 
      using (var providerFromX509pubKey = RSAKeyUtils.DecodePublicKey(importedPublicKeyBytes)) 
      { 
       providerFromX509pubKey.PersistKeyInCsp = false; //DO NOT STORE IN KEYSTORE 

       //EXPORT TO X509 PUBLIC KEY BLOB 
       byte[] x509pubKeyBytes = RSAKeyUtils.PublicKeyToX509(providerFromX509pubKey.ExportParameters(false)); 

       //CONVERT TO BASE64 
       string x509pubKeyBase64 = Convert.ToBase64String(x509pubKeyBytes); 

       //PRINT INFO 
       Console.WriteLine("------ PUBLIC KEY TO EXPORT ------"); 
       Console.WriteLine("Public key to export matches imported? "+importedPublicKeyBase64.Equals(x509pubKeyBase64)); 
       Console.WriteLine(x509pubKeyBase64+"\n\n"); 
      } 

      //GENERATING RSACRYPTOSERVICEPROVIDER FROM PKCS8 PRIVATE KEY BLOB 
      using (var providerFromPKCS8privKey = RSAKeyUtils.DecodePrivateKeyInfo(importedPrivateKeyBytes)) 
      { 
       providerFromPKCS8privKey.PersistKeyInCsp = false; //DO NOT STORE IN KEYSTORE 

       //EXPORT TO PKCS8 PRIVATE KEY BLOB 
       byte[] pkcs8privKeyBytes = RSAKeyUtils.PrivateKeyToPKCS8(providerFromPKCS1privKey.ExportParameters(true)); 

       //CONVERT TO BASE64 
       string pkcs8privKeyBase64 = Convert.ToBase64String(pkcs8privKeyBytes); 

       //PRINT INFO 
       Console.WriteLine("------ PRIVATE KEY TO EXPORT ------"); 
       Console.WriteLine("Private key to export matches imported? " + importedPrivateKeyBase64.Equals(pkcs8privKeyBase64)); 
       Console.WriteLine(pkcs8privKeyBase64); 
      } 

       //PREVENTS THE PROGRAM FROM EXITING 
       Console.ReadKey(); 
     } 
    } 
} 

Here's the "RSAKeyUtils" class i've compiled.

我希望這可以給別人有用。

Answer 2

首先，Java中的byte與.Net中的byte不一樣。 Java只有有符號整數，所以Java byte範圍從-128到127，而.Net byte範圍從0到255.但我不確定，如果這是問題，因爲Base64字符串依賴於位模式。嘗試在正範圍內使用較大的類型，並僅使用較低的8位。其次，有關錯誤提供者版本的消息可能表明上述原因，或者可能僅僅是一種誤導性文本，這並不會真正起到幫助作用。我記得我曾經遇到過同樣的錯誤信息，並且很難找到真正的原因。幾分鐘前的快速搜索還沒有成功。在我的情況下，我有一個完全的其他情況，所以我不能直接指出你的問題。相反，我會建議檢查填充，加密模式，base64翻譯和相關的東西圍繞RSA算法，並嘗試找到一種替代方法來達到你以前想要的效果。在去那裏的路上，你可能會碰到實際的問題。