密钥生成:http://web.chacuo.net/netrsakeypair
生成一套 密钥
前端引用
<script src="https://cdn.bootcdn.net/ajax/libs/jsencrypt/3.3.2/jsencrypt.min.js"></script>
function EncryptLogin() { var publicKey = ""; var encryptionMessage = RsaEncrypt(publicKey, $('#username').val() + "_" + $('#password').val() + "_" + $('#num').val()); //console.log(encryptionMessage); $('#messageLabel').html(''); var index_wait = layer.load(1, { shade: [0.2, '#000'] }); $.ajax({ type: "POST", //提交方式 url: "@Url.Action("EncryptLogin", "Account")", data: { "encryptionMessage": encryptionMessage, }, success: function (data) { layer.close(index_wait); if (data.StatusCode === 200) { var domain = 'https://' + window.location.host; window.location.href = domain + '/home/index'; //layer.alert(data.Message); } else { //layer.alert("登录失败,请重试!"); $('#messageLabel').html(data.Message); } } }); }
function RsaEncrypt(publickey, encrypt_content) { var encryptpk = new JSEncrypt(); encryptpk.setPublicKey(publickey); let result = encryptpk.encrypt(encrypt_content) //console.log("RsaEncrypt:", result) return result; }
后端
var privatekey = “”; var decrypt = SecurityRSA.RsaDecrypt(privatekey, encryptionMessage); if (string.IsNullOrEmpty(decrypt)) { result.Message = "登录请求异常"; } else { string[] sArray = decrypt.Split('_'); if (sArray.Length == 3) { username = sArray[0]; password= sArray[1]; num = sArray[2]; } }
//根据获得信息 判断账户密码 是否有效 验证码是否有效 可以在添加一个时间戳
引用NuGet--- BouncyCastle
帮助类
public class SecurityRSA { /// <summary> /// RSA 加密 /// </summary> /// <param name="xmlpublickey"></param> /// <param name="content"></param> /// <returns></returns> public static string RsaEncrypt(string xmlpublickey, string content) { string encryptedcontent = string.Empty; using (RSACryptoServiceProvider rSACryptoServiceProvider = new RSACryptoServiceProvider()) { rSACryptoServiceProvider.FromXmlString(RSAPublicKeyBase64ToXml(xmlpublickey)); byte[] encrypteddata = rSACryptoServiceProvider.Encrypt(Encoding.Default.GetBytes(content), false); encryptedcontent = Convert.ToBase64String(encrypteddata); } return encryptedcontent; } /// <summary> /// RSA 解密 /// </summary> /// <param name="xmlprivatekey"></param> /// <param name="content"></param> /// <returns></returns> public static string RsaDecrypt(string xmlprivatekey, string content) { string decryptedcontent = string.Empty; using (RSACryptoServiceProvider rSACryptoServiceProvider = new RSACryptoServiceProvider()) { rSACryptoServiceProvider.FromXmlString(RSAPrivateKeyBase64ToXml(xmlprivatekey)); byte[] decryptedData = rSACryptoServiceProvider.Decrypt(Convert.FromBase64String(content), false); decryptedcontent = Encoding.GetEncoding("UTF-8").GetString(decryptedData); } return decryptedcontent; } /// <summary> /// 生成 RSA 公钥和私钥 /// </summary> /// <param name="keysize">目前 SET(Secure Electronic Transaction)协议中要求 CA 采用 2048bits 长的密钥,其他实体使用 1024bits 的密钥</param> /// <returns></returns> public static RsaSecretKey GenerateRsaSecretKey(int keysize) { RsaSecretKey rSASecretKey = new RsaSecretKey(); using (RSACryptoServiceProvider rSACryptoServiceProvider = new RSACryptoServiceProvider(keysize)) { rSASecretKey.PrivateKey = RSAPrivateKeyXmlToBase64(rSACryptoServiceProvider.ToXmlString(true)); rSASecretKey.PublicKey = RSAPublicKeyXmlToBase64(rSACryptoServiceProvider.ToXmlString(false)); } return rSASecretKey; } /// <summary> /// XML 字符串转 Base64 编码的字符串(公钥) /// </summary> /// <param name="publicKey"></param> /// <returns></returns> public static string RSAPublicKeyXmlToBase64(string publicKey) { XmlDocument doc = new XmlDocument(); doc.LoadXml(publicKey); Org.BouncyCastle.Math.BigInteger m = new Org.BouncyCastle.Math.BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Modulus")[0].InnerText)); Org.BouncyCastle.Math.BigInteger p = new Org.BouncyCastle.Math.BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Exponent")[0].InnerText)); RsaKeyParameters pub = new RsaKeyParameters(false, m, p); Org.BouncyCastle.Asn1.X509.SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pub); byte[] serializedPublicBytes = publicKeyInfo.ToAsn1Object().GetDerEncoded(); return Convert.ToBase64String(serializedPublicBytes); } /// <summary> /// XML 字符串转 Base64 编码的字符串(私钥) /// </summary> /// <param name="privateKey"></param> /// <returns></returns> public static string RSAPrivateKeyXmlToBase64(string privateKey) { XmlDocument doc = new XmlDocument(); doc.LoadXml(privateKey); Org.BouncyCastle.Math.BigInteger m = new Org.BouncyCastle.Math.BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Modulus")[0].InnerText)); Org.BouncyCastle.Math.BigInteger exp = new Org.BouncyCastle.Math.BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Exponent")[0].InnerText)); Org.BouncyCastle.Math.BigInteger d = new Org.BouncyCastle.Math.BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("D")[0].InnerText)); Org.BouncyCastle.Math.BigInteger p = new Org.BouncyCastle.Math.BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("P")[0].InnerText)); Org.BouncyCastle.Math.BigInteger q = new Org.BouncyCastle.Math.BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("Q")[0].InnerText)); Org.BouncyCastle.Math.BigInteger dp = new Org.BouncyCastle.Math.BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("DP")[0].InnerText)); Org.BouncyCastle.Math.BigInteger dq = new Org.BouncyCastle.Math.BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("DQ")[0].InnerText)); Org.BouncyCastle.Math.BigInteger qinv = new Org.BouncyCastle.Math.BigInteger(1, Convert.FromBase64String(doc.DocumentElement.GetElementsByTagName("InverseQ")[0].InnerText)); RsaPrivateCrtKeyParameters privateKeyParam = new RsaPrivateCrtKeyParameters(m, exp, d, p, q, dp, dq, qinv); Org.BouncyCastle.Asn1.Pkcs.PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateKeyParam); byte[] serializedPrivateBytes = privateKeyInfo.ToAsn1Object().GetEncoded(); return Convert.ToBase64String(serializedPrivateBytes); } /// <summary> /// Base64 编码字符串转 XML 字符串(私钥) /// </summary> /// <param name="privateKey"></param> /// <returns></returns> public static string RSAPrivateKeyBase64ToXml(string privateKey) { RsaPrivateCrtKeyParameters privateKeyParam = (RsaPrivateCrtKeyParameters)PrivateKeyFactory.CreateKey(Convert.FromBase64String(privateKey)); return string.Format("<RSAKeyValue><Modulus>{0}</Modulus><Exponent>{1}</Exponent><P>{2}</P><Q>{3}</Q><DP>{4}</DP><DQ>{5}</DQ><InverseQ>{6}</InverseQ><D>{7}</D></RSAKeyValue>", Convert.ToBase64String(privateKeyParam.Modulus.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.PublicExponent.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.P.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.Q.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.DP.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.DQ.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.QInv.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.Exponent.ToByteArrayUnsigned())); } /// <summary> /// Base64 编码字符串转 XML 字符串(公钥) /// </summary> /// <param name="publicKey"></param> /// <returns></returns> public static string RSAPublicKeyBase64ToXml(string publicKey) { RsaKeyParameters publicKeyParam = (RsaKeyParameters)PublicKeyFactory.CreateKey(Convert.FromBase64String(publicKey)); return string.Format("<RSAKeyValue><Modulus>{0}</Modulus><Exponent>{1}</Exponent></RSAKeyValue>", Convert.ToBase64String(publicKeyParam.Modulus.ToByteArrayUnsigned()), Convert.ToBase64String(publicKeyParam.Exponent.ToByteArrayUnsigned())); } } /// <summary> /// RSA 密钥类 /// </summary> public class RsaSecretKey { public RsaSecretKey(string privatekey = "", string publickey = "") { PrivateKey = privatekey; PublicKey = publickey; } public string PublicKey { get; set; } public string PrivateKey { get; set; } public override string ToString() { return string.Format( "PrivateKey: {0}\r\nPublicKey: {1}", PrivateKey, PublicKey); } }