using System;
using System.Collections.Generic;
using System.Text;
using System.Security.Cryptography;
using System.IO;
using NETCore.Encrypt.Shared;
using NETCore.Encrypt.Extensions;
using NETCore.Encrypt.Internal;
using NETCore.Encrypt.Extensions.Internal;
namespace NETCore.Encrypt
{
public class EncryptProvider
{
#region Common
///
/// Generate a random key
///
/// key length,IV is 16,Key is 32
/// return random value
private static string GetRandomStr(int length)
{
char[] arrChar = new char[]{
'a','b','d','c','e','f','g','h','i','j','k','l','m','n','p','r','q','s','t','u','v','w','z','y','x',
'0','1','2','3','4','5','6','7','8','9',
'A','B','C','D','E','F','G','H','I','J','K','L','M','N','Q','P','R','T','S','V','U','W','X','Y','Z'
};
StringBuilder num = new StringBuilder();
Random rnd = new Random(DateTime.Now.Millisecond);
for (int i = 0; i < length; i++)
{
num.Append(arrChar[rnd.Next(0, arrChar.Length)].ToString());
}
return num.ToString();
}
#endregion
#region AES
/*
AES:16位密钥=128位,24位密钥=192位,32位密钥=256位,IV均为16位
*/
///
/// Create ase key
///
///
public static AESKey CreateAesKey()
{
return new AESKey()
{
Key = GetRandomStr(32),
IV = GetRandomStr(16)
};
}
///
/// AES encrypt
///
/// Raw data
/// Key, requires 32 bits
/// IV,requires 16 bits
/// Encrypted string
public static string AESEncrypt(string data, string key, string vector)
{
Check.Argument.IsNotEmpty(data, nameof(data));
Check.Argument.IsNotEmpty(key, nameof(key));
Check.Argument.IsNotOutOfRange(key.Length, 32, 32, nameof(key));
Check.Argument.IsNotEmpty(vector, nameof(vector));
Check.Argument.IsNotOutOfRange(vector.Length, 16, 16, nameof(vector));
byte[] plainBytes = Encoding.UTF8.GetBytes(data);
var encryptBytes = AESEncrypt(plainBytes, key, vector);
if (encryptBytes == null)
{
return null;
}
return Convert.ToBase64String(encryptBytes);
}
///
/// AES encrypt
///
/// Raw data
/// Key, requires 32 bits
/// IV,requires 16 bits
/// Encrypted byte array
public static byte[] AESEncrypt(byte[] data, string key, string vector)
{
Check.Argument.IsNotEmpty(data, nameof(data));
Check.Argument.IsNotEmpty(key, nameof(key));
Check.Argument.IsNotOutOfRange(key.Length, 32, 32, nameof(key));
Check.Argument.IsNotEmpty(vector, nameof(vector));
Check.Argument.IsNotOutOfRange(vector.Length, 16, 16, nameof(vector));
byte[] plainBytes = data;
byte[] bKey = new byte[32];
Array.Copy(Encoding.UTF8.GetBytes(key.PadRight(bKey.Length)), bKey, bKey.Length);
byte[] bVector = new byte[16];
Array.Copy(Encoding.UTF8.GetBytes(vector.PadRight(bVector.Length)), bVector, bVector.Length);
byte[] encryptData = null; // encrypted data
using (Aes Aes = Aes.Create())
{
try
{
using (MemoryStream Memory = new MemoryStream())
{
using (CryptoStream Encryptor = new CryptoStream(Memory,
Aes.CreateEncryptor(bKey, bVector),
CryptoStreamMode.Write))
{
Encryptor.Write(plainBytes, 0, plainBytes.Length);
Encryptor.FlushFinalBlock();
encryptData = Memory.ToArray();
}
}
}
catch
{
encryptData = null;
}
return encryptData;
}
}
///
/// AES decrypt
///
/// Encrypted data
/// Key, requires 32 bits
/// IV,requires 16 bits
/// Decrypted string
public static string AESDecrypt(string data, string key, string vector)
{
Check.Argument.IsNotEmpty(data, nameof(data));
Check.Argument.IsNotEmpty(key, nameof(key));
Check.Argument.IsNotOutOfRange(key.Length, 32, 32, nameof(key));
Check.Argument.IsNotEmpty(vector, nameof(vector));
Check.Argument.IsNotOutOfRange(vector.Length, 16, 16, nameof(vector));
byte[] encryptedBytes = Convert.FromBase64String(data);
byte[] decryptBytes = AESDecrypt(encryptedBytes, key, vector);
if (decryptBytes == null)
{
return null;
}
return Encoding.UTF8.GetString(decryptBytes);
}
///
/// AES decrypt
///
/// Encrypted data
/// Key, requires 32 bits
/// IV,requires 16 bits
/// Decrypted byte array
public static byte[] AESDecrypt(byte[] data, string key, string vector)
{
Check.Argument.IsNotEmpty(data, nameof(data));
Check.Argument.IsNotEmpty(key, nameof(key));
Check.Argument.IsNotOutOfRange(key.Length, 32, 32, nameof(key));
Check.Argument.IsNotEmpty(vector, nameof(vector));
Check.Argument.IsNotOutOfRange(vector.Length, 16, 16, nameof(vector));
byte[] encryptedBytes = data;
byte[] bKey = new byte[32];
Array.Copy(Encoding.UTF8.GetBytes(key.PadRight(bKey.Length)), bKey, bKey.Length);
byte[] bVector = new byte[16];
Array.Copy(Encoding.UTF8.GetBytes(vector.PadRight(bVector.Length)), bVector, bVector.Length);
byte[] decryptedData = null; // decrypted data
using (Aes Aes = Aes.Create())
{
try
{
using (MemoryStream Memory = new MemoryStream(encryptedBytes))
{
using (CryptoStream Decryptor = new CryptoStream(Memory, Aes.CreateDecryptor(bKey, bVector), CryptoStreamMode.Read))
{
using (MemoryStream tempMemory = new MemoryStream())
{
byte[] Buffer = new byte[1024];
Int32 readBytes = 0;
while ((readBytes = Decryptor.Read(Buffer, 0, Buffer.Length)) > 0)
{
tempMemory.Write(Buffer, 0, readBytes);
}
decryptedData = tempMemory.ToArray();
}
}
}
}
catch
{
decryptedData = null;
}
return decryptedData;
}
}
///
/// AES encrypt ( no IV)
///
/// Raw data
/// Key, requires 32 bits
/// Encrypted string
public static string AESEncrypt(string data, string key)
{
Check.Argument.IsNotEmpty(data, nameof(data));
Check.Argument.IsNotEmpty(key, nameof(key));
Check.Argument.IsNotOutOfRange(key.Length, 32, 32, nameof(key));
using (MemoryStream Memory = new MemoryStream())
{
using (Aes aes = Aes.Create())
{
byte[] plainBytes = Encoding.UTF8.GetBytes(data);
byte[] bKey = new byte[32];
Array.Copy(Encoding.UTF8.GetBytes(key.PadRight(bKey.Length)), bKey, bKey.Length);
aes.Mode = CipherMode.ECB;
aes.Padding = PaddingMode.PKCS7;
aes.KeySize = 256;
aes.Key = bKey;
using (CryptoStream cryptoStream = new CryptoStream(Memory, aes.CreateEncryptor(), CryptoStreamMode.Write))
{
try
{
cryptoStream.Write(plainBytes, 0, plainBytes.Length);
cryptoStream.FlushFinalBlock();
return Convert.ToBase64String(Memory.ToArray());
}
catch (Exception ex)
{
return null;
}
}
}
}
}
///
/// AES decrypt( no IV)
///
/// Encrypted data
/// Key, requires 32 bits
/// Decrypted string
public static string AESDecrypt(string data, string key)
{
Check.Argument.IsNotEmpty(data, nameof(data));
Check.Argument.IsNotEmpty(key, nameof(key));
Check.Argument.IsNotOutOfRange(key.Length, 32, 32, nameof(key));
byte[] encryptedBytes = Convert.FromBase64String(data);
byte[] bKey = new byte[32];
Array.Copy(Encoding.UTF8.GetBytes(key.PadRight(bKey.Length)), bKey, bKey.Length);
using (MemoryStream Memory = new MemoryStream(encryptedBytes))
{
using (Aes aes = Aes.Create())
{
aes.Mode = CipherMode.ECB;
aes.Padding = PaddingMode.PKCS7;
aes.KeySize = 256;
aes.Key = bKey;
using (CryptoStream cryptoStream = new CryptoStream(Memory, aes.CreateDecryptor(), CryptoStreamMode.Read))
{
try
{
byte[] tmp = new byte[encryptedBytes.Length];
int len = cryptoStream.Read(tmp, 0, encryptedBytes.Length);
byte[] ret = new byte[len];
Array.Copy(tmp, 0, ret, 0, len);
return Encoding.UTF8.GetString(ret, 0, len);
}
catch (Exception ex)
{
return null;
}
}
}
}
}
#endregion
#region DES
///
/// Create des key
///
///
public static string CreateDesKey()
{
return GetRandomStr(24);
}
///
/// Create des iv
///
///
public static string CreateDesIv()
{
return GetRandomStr(8);
}
///
/// DES encrypt
///
/// Raw data
/// Key, requires 24 bits
/// Encrypted string
public static string DESEncrypt(string data, string key)
{
Check.Argument.IsNotEmpty(data, nameof(data));
Check.Argument.IsNotEmpty(key, nameof(key));
Check.Argument.IsNotOutOfRange(key.Length, 24, 24, nameof(key));
byte[] plainBytes = Encoding.UTF8.GetBytes(data);
var encryptBytes = DESEncrypt(plainBytes, key, CipherMode.ECB);
if (encryptBytes == null)
{
return null;
}
return Convert.ToBase64String(encryptBytes);
}
///
/// DES encrypt
///
/// Raw data byte array
/// Key, requires 24 bits
/// Encrypted byte array
public static byte[] DESEncrypt(byte[] data, string key)
{
Check.Argument.IsNotEmpty(data, nameof(data));
Check.Argument.IsNotEmpty(key, nameof(key));
Check.Argument.IsNotOutOfRange(key.Length, 24, 24, nameof(key));
return DESEncrypt(data, key, CipherMode.ECB);
}
///
/// DES encrypt
///
/// Raw data byte array
/// Key, requires 24 bits
/// IV,requires 8 bits
/// Encrypted byte array
public static byte[] DESEncrypt(byte[] data, string key, string vector)
{
Check.Argument.IsNotEmpty(data, nameof(data));
Check.Argument.IsNotEmpty(key, nameof(key));
Check.Argument.IsNotOutOfRange(key.Length, 24, 24, nameof(key));
Check.Argument.IsNotEmpty(vector, nameof(vector));
Check.Argument.IsNotOutOfRange(vector.Length, 8, 8, nameof(vector));
return DESEncrypt(data, key, CipherMode.CBC, vector);
}
///
/// DES encrypt
///
/// Raw data
/// Key, requires 24 bits
///
/// default is PKCS7
/// IV,requires 8 bits
/// Encrypted byte array
private static byte[] DESEncrypt(byte[] data, string key, CipherMode cipherMode, string vector = "", PaddingMode paddingMode = PaddingMode.PKCS7)
{
Check.Argument.IsNotEmpty(data, nameof(data));
Check.Argument.IsNotEmpty(key, nameof(key));
Check.Argument.IsNotOutOfRange(key.Length, 24, 24, nameof(key));
using (MemoryStream Memory = new MemoryStream())
{
using (TripleDES des = TripleDES.Create())
{
byte[] plainBytes = data;
byte[] bKey = new byte[24];
Array.Copy(Encoding.UTF8.GetBytes(key.PadRight(bKey.Length)), bKey, bKey.Length);
des.Mode = cipherMode;
des.Padding = paddingMode;
des.Key = bKey;
if (cipherMode == CipherMode.CBC)
{
byte[] bVector = new byte[8];
Array.Copy(Encoding.UTF8.GetBytes(vector.PadRight(bVector.Length)), bVector, bVector.Length);
des.IV = bVector;
}
using (CryptoStream cryptoStream = new CryptoStream(Memory, des.CreateEncryptor(), CryptoStreamMode.Write))
{
try
{
cryptoStream.Write(plainBytes, 0, plainBytes.Length);
cryptoStream.FlushFinalBlock();
return Memory.ToArray();
}
catch (Exception ex)
{
return null;
}
}
}
}
}
///
/// DES decrypt
///
/// Encrypted data
/// Key, requires 24 bits
/// Decrypted string
public static string DESDecrypt(string data, string key)
{
Check.Argument.IsNotEmpty(data, nameof(data));
Check.Argument.IsNotEmpty(key, nameof(key));
Check.Argument.IsNotOutOfRange(key.Length, 24, 24, nameof(key));
byte[] encryptedBytes = Convert.FromBase64String(data);
byte[] bytes = DESDecrypt(encryptedBytes, key, CipherMode.ECB);
if (bytes == null)
{
return null;
}
return Encoding.UTF8.GetString(bytes);
}
///
/// DES decrypt
///
/// Encrypted data byte array
/// Key, requires 24 bits
/// Decrypted string
public static byte[] DESDecrypt(byte[] data, string key)
{
Check.Argument.IsNotEmpty(data, nameof(data));
Check.Argument.IsNotEmpty(key, nameof(key));
Check.Argument.IsNotOutOfRange(key.Length, 24, 24, nameof(key));
return DESDecrypt(data, key, CipherMode.ECB);
}
///
/// DES encrypt
///
/// Raw data byte array
/// Key, requires 24 bits
/// IV,requires 8 bits
/// Encrypted byte array
public static byte[] DESDecrypt(byte[] data, string key, string vector)
{
Check.Argument.IsNotEmpty(data, nameof(data));
Check.Argument.IsNotEmpty(key, nameof(key));
Check.Argument.IsNotOutOfRange(key.Length, 24, 24, nameof(key));
Check.Argument.IsNotEmpty(vector, nameof(vector));
Check.Argument.IsNotOutOfRange(vector.Length, 8, 8, nameof(vector));
return DESDecrypt(data, key, CipherMode.CBC, vector);
}
///
/// DES decrypt
///
/// Encrypted data
/// Key, requires 24 bits
///
/// default is PKCS7
/// Decrypted byte array
private static byte[] DESDecrypt(byte[] data, string key, CipherMode cipherMode, string vector = "", PaddingMode paddingMode = PaddingMode.PKCS7)
{
Check.Argument.IsNotEmpty(data, nameof(data));
Check.Argument.IsNotEmpty(key, nameof(key));
Check.Argument.IsNotOutOfRange(key.Length, 24, 24, nameof(key));
byte[] encryptedBytes = data;
byte[] bKey = new byte[24];
Array.Copy(Encoding.UTF8.GetBytes(key.PadRight(bKey.Length)), bKey, bKey.Length);
using (MemoryStream Memory = new MemoryStream(encryptedBytes))
{
using (TripleDES des = TripleDES.Create())
{
des.Mode = cipherMode;
des.Padding = paddingMode;
des.Key = bKey;
if (cipherMode == CipherMode.CBC)
{
byte[] bVector = new byte[8];
Array.Copy(Encoding.UTF8.GetBytes(vector.PadRight(bVector.Length)), bVector, bVector.Length);
des.IV = bVector;
}
using (CryptoStream cryptoStream = new CryptoStream(Memory, des.CreateDecryptor(), CryptoStreamMode.Read))
{
try
{
byte[] tmp = new byte[encryptedBytes.Length];
int len = cryptoStream.Read(tmp, 0, encryptedBytes.Length);
byte[] ret = new byte[len];
Array.Copy(tmp, 0, ret, 0, len);
return ret;
}
catch
{
return null;
}
}
}
}
}
#endregion
#region RSA
///
/// RSA Converter to pem
///
/// true:PKCS8 false:PKCS1
/// Rsa key size ,default is 2048, min value is 2048
///
public static (string publicPem, string privatePem) RSAToPem(bool isPKCS8, int keySize = 2048)
{
if (keySize < 2048)
{
throw new ArgumentException($" Key size min value is 2048!");
}
using (RSA rsa = RSA.Create())
{
rsa.KeySize = keySize;
var publicPem = RsaProvider.ToPem(rsa, false, isPKCS8);
var privatePem = RsaProvider.ToPem(rsa, true, isPKCS8);
return (publicPem, privatePem);
}
}
///
/// RSA From pem
///
///
///
public static RSA RSAFromPem(string pem)
{
Check.Argument.IsNotEmpty(pem, nameof(pem));
return RsaProvider.FromPem(pem);
}
///
/// Export Rsa PKCS1 key
///
///
///
public static (string publicPkcs1, string privatePkcs1) RsaToPkcs1(int keySize = 2048)
{
if (keySize < 2048)
{
throw new ArgumentException($" Key size min value is 2048!");
}
using (RSA rsa = RSA.Create())
{
rsa.KeySize = keySize;
var publicKey = Convert.ToBase64String(rsa.ExportRSAPublicKey());
var privateKey = Convert.ToBase64String(rsa.ExportRSAPrivateKey());
return (publicKey, privateKey);
}
}
///
/// Export Rsa PKCS8 key
///
///
///
public static (string publicPkcs8, string privatePkcs8) RsaToPkcs8(int keySize = 2048)
{
if (keySize < 2048)
{
throw new ArgumentException($" Key size min value is 2048!");
}
using (RSA rsa = RSA.Create())
{
rsa.KeySize = keySize;
var publicKey = Convert.ToBase64String(rsa.ExportRSAPublicKey());
var privateKey = Convert.ToBase64String(rsa.ExportPkcs8PrivateKey());
return (publicKey, privateKey);
}
}
///
/// RSA From pkcs public key
///
///
///
public static RSA RSAFromPublicPkcs(string pkcsKey)
{
return RSAFromPkcs(pkcsKey, false);
}
///
/// RSA From pkcs #1 private key
///
///
///
public static RSA RSAFromPrivatePkcs1(string pkcsKey)
{
return RSAFromPkcs(pkcsKey, true);
}
///
/// RSA From pkcs #8 private key
///
///
///
public static RSA RSAFromPrivatePkcs8(string pkcsKey)
{
return RSAFromPkcs(pkcsKey, true, true);
}
///
/// RSA From pkcs#1 or pkcs#8
///
/// Pkcs #1 or Pkcs #8
/// true:privateKey,false:publicKey
/// true:PKCS8 false:PKCS1
///
public static RSA RSAFromPkcs(string pkcsKey, bool isPrivateKey, bool isPKCS8 = false)
{
Check.Argument.IsNotEmpty(pkcsKey, nameof(pkcsKey));
RSA rsa = RSA.Create();
var keySource = Convert.FromBase64String(pkcsKey);
if (!isPrivateKey)
{
rsa.ImportRSAPublicKey(keySource, out _);
}
else
{
if (isPKCS8)
{
rsa.ImportPkcs8PrivateKey(keySource, out _);
}
else
{
rsa.ImportRSAPrivateKey(keySource, out _);
}
}
return rsa;
}
///
/// RSA Sign
///
/// raw cotent
/// private key
///
public static string RSASign(string conent, string privateKey)
{
return RSASign(conent, privateKey, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1, Encoding.UTF8);
}
///
/// RSA Sign
///
/// raw content
/// private key
/// hashAlgorithm name
/// ras siginature padding
/// text encoding
///
public static string RSASign(string content, string privateKey, HashAlgorithmName hashAlgorithmName, RSASignaturePadding rSASignaturePadding, Encoding encoding)
{
Check.Argument.IsNotEmpty(content, nameof(content));
Check.Argument.IsNotEmpty(privateKey, nameof(privateKey));
Check.Argument.IsNotNull(rSASignaturePadding, nameof(rSASignaturePadding));
byte[] dataBytes = encoding.GetBytes(content);
using (RSA rsa = RSA.Create())
{
rsa.FromJsonString(privateKey);
var signBytes = rsa.SignData(dataBytes, hashAlgorithmName, rSASignaturePadding);
return Convert.ToBase64String(signBytes);
}
}
///
/// RSA Verify
///
/// raw content
/// sign str
/// public key
///
public static bool RSAVerify(string content, string signStr, string publickKey)
{
return RSAVerify(content, signStr, publickKey, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1, Encoding.UTF8);
}
///
/// RSA Verify
///
/// raw content
/// sign str
/// public key
/// hashAlgorithm name
/// ras siginature padding
/// text encoding
///
public static bool RSAVerify(string content, string signStr, string publickKey, HashAlgorithmName hashAlgorithmName, RSASignaturePadding rSASignaturePadding, Encoding encoding)
{
Check.Argument.IsNotEmpty(content, nameof(content));
Check.Argument.IsNotEmpty(signStr, nameof(signStr));
byte[] dataBytes = encoding.GetBytes(content);
byte[] signBytes = Convert.FromBase64String(signStr);
using (RSA rsa = RSA.Create())
{
rsa.FromJsonString(publickKey);
return rsa.VerifyData(dataBytes, signBytes, hashAlgorithmName, rSASignaturePadding);
}
}
///
/// RSA encrypt
///
/// public key
/// src string
/// encrypted string
public static string RSAEncrypt(string publicKey, string srcString)
{
string encryptStr = RSAEncrypt(publicKey, srcString, RSAEncryptionPadding.OaepSHA512);
return encryptStr;
}
///
/// RSA encrypt with pem key
///
/// pem public key
/// src string
///
public static string RSAEncryptWithPem(string publicKey, string srcString)
{
string encryptStr = RSAEncrypt(publicKey, srcString, RSAEncryptionPadding.Pkcs1, true);
return encryptStr;
}
///
/// RSA encrypt
///
/// public key
/// src string
/// rsa encryptPadding RSAEncryptionPadding.Pkcs1 for linux/mac openssl
/// set key is pem format,default is false
/// encrypted string
public static string RSAEncrypt(string publicKey, string srcString, RSAEncryptionPadding padding, bool isPemKey = false)
{
Check.Argument.IsNotEmpty(publicKey, nameof(publicKey));
Check.Argument.IsNotEmpty(srcString, nameof(srcString));
Check.Argument.IsNotNull(padding, nameof(padding));
RSA rsa;
if (isPemKey)
{
rsa = RsaProvider.FromPem(publicKey);
}
else
{
rsa = RSA.Create();
rsa.FromJsonString(publicKey);
}
using (rsa)
{
var maxLength = GetMaxRsaEncryptLength(rsa, padding);
var rawBytes = Encoding.UTF8.GetBytes(srcString);
if (rawBytes.Length > maxLength)
{
throw new OutofMaxlengthException($"'{srcString}' is out of max encrypt length {maxLength}", maxLength, rsa.KeySize, padding);
}
byte[] encryptBytes = rsa.Encrypt(rawBytes, padding);
return encryptBytes.ToHexString();
}
}
///
/// RSA encrypt
///
/// public key
/// data byte[]
/// encrypted byte[]
public static byte[] RSAEncrypt(string publicKey, byte[] data)
{
byte[] encryptBytes = RSAEncrypt(publicKey, data, RSAEncryptionPadding.OaepSHA512);
return encryptBytes;
}
///
/// RSA encrypt with pem key
///
/// pem public key
/// data byte[]
///
public static byte[] RSAEncryptWithPem(string publicKey, byte[] data)
{
byte[] encryptBytes = RSAEncrypt(publicKey, data, RSAEncryptionPadding.Pkcs1, true);
return encryptBytes;
}
///
/// RSA encrypt
///
/// public key
/// data byte[]
/// rsa encryptPadding RSAEncryptionPadding.Pkcs1 for linux/mac openssl
/// set key is pem format,default is false
/// encrypted byte[]
public static byte[] RSAEncrypt(string publicKey, byte[] data, RSAEncryptionPadding padding, bool isPemKey = false)
{
Check.Argument.IsNotEmpty(publicKey, nameof(publicKey));
Check.Argument.IsNotNull(data, nameof(data));
Check.Argument.IsNotNull(padding, nameof(padding));
RSA rsa;
if (isPemKey)
{
rsa = RsaProvider.FromPem(publicKey);
}
else
{
rsa = RSA.Create();
rsa.FromJsonString(publicKey);
}
using (rsa)
{
var maxLength = GetMaxRsaEncryptLength(rsa, padding);
var rawBytes = data;
if (rawBytes.Length > maxLength)
{
throw new OutofMaxlengthException($"data is out of max encrypt length {maxLength}", maxLength, rsa.KeySize, padding);
}
byte[] encryptBytes = rsa.Encrypt(rawBytes, padding);
return encryptBytes;
}
}
///
/// RSA decrypt
///
/// private key
/// encrypted string
/// Decrypted string
public static string RSADecrypt(string privateKey, string srcString)
{
string decryptStr = RSADecrypt(privateKey, srcString, RSAEncryptionPadding.OaepSHA512);
return decryptStr;
}
///
/// RSA decrypt with pem key
///
/// pem private key
/// src string
///
public static string RSADecryptWithPem(string privateKey, string srcString)
{
string decryptStr = RSADecrypt(privateKey, srcString, RSAEncryptionPadding.Pkcs1, true);
return decryptStr;
}
///
/// RSA encrypt
///
/// public key
/// src string
/// rsa encryptPadding RSAEncryptionPadding.Pkcs1 for linux/mac openssl
/// set key is pem format,default is false
/// encrypted string
public static string RSADecrypt(string privateKey, string srcString, RSAEncryptionPadding padding, bool isPemKey = false)
{
Check.Argument.IsNotEmpty(privateKey, nameof(privateKey));
Check.Argument.IsNotEmpty(srcString, nameof(srcString));
Check.Argument.IsNotNull(padding, nameof(padding));
RSA rsa;
if (isPemKey)
{
rsa = RsaProvider.FromPem(privateKey);
}
else
{
rsa = RSA.Create();
rsa.FromJsonString(privateKey);
}
using (rsa)
{
byte[] srcBytes = srcString.ToBytes();
byte[] decryptBytes = rsa.Decrypt(srcBytes, padding);
return Encoding.UTF8.GetString(decryptBytes);
}
}
///
/// RSA decrypt
///
/// private key
/// encrypted byte[]
/// Decrypted string
public static byte[] RSADecrypt(string privateKey, byte[] data)
{
byte[] decryptBytes = RSADecrypt(privateKey, data, RSAEncryptionPadding.OaepSHA512);
return decryptBytes;
}
///
/// RSA decrypt with pem key
///
/// pem private key
/// encrypted byte[]
///
public static byte[] RSADecryptWithPem(string privateKey, byte[] data)
{
byte[] decryptBytes = RSADecrypt(privateKey, data, RSAEncryptionPadding.Pkcs1, true);
return decryptBytes;
}
///
/// RSA encrypt
///
/// public key
/// src string
/// rsa encryptPadding RSAEncryptionPadding.Pkcs1 for linux/mac openssl
/// set key is pem format,default is false
/// encrypted string
public static byte[] RSADecrypt(string privateKey, byte[] data, RSAEncryptionPadding padding, bool isPemKey = false)
{
Check.Argument.IsNotEmpty(privateKey, nameof(privateKey));
Check.Argument.IsNotNull(data, nameof(data));
Check.Argument.IsNotNull(padding, nameof(padding));
RSA rsa;
if (isPemKey)
{
rsa = RsaProvider.FromPem(privateKey);
}
else
{
rsa = RSA.Create();
rsa.FromJsonString(privateKey);
}
using (rsa)
{
byte[] srcBytes = data;
byte[] decryptBytes = rsa.Decrypt(srcBytes, padding);
return decryptBytes;
}
}
///
/// RSA from json string
///
/// rsa json string
///
[Obsolete("This method is obsoleted,please use RSAFromJson method!")]
public static RSA RSAFromString(string rsaKey)
{
Check.Argument.IsNotEmpty(rsaKey, nameof(rsaKey));
RSA rsa = RSA.Create();
rsa.FromJsonString(rsaKey);
return rsa;
}
///
/// RSA from json string
///
/// rsa json key
///
public static RSA RSAFromJson(string rsaKey)
{
Check.Argument.IsNotEmpty(rsaKey, nameof(rsaKey));
RSA rsa = RSA.Create();
rsa.FromJsonString(rsaKey);
return rsa;
}
///
/// Create an RSA key
///
/// the default size is 2048
///
public static RSAKey CreateRsaKey(RsaSize rsaSize = RsaSize.R2048)
{
using (RSA rsa = RSA.Create())
{
rsa.KeySize = (int)rsaSize;
string publicKey = rsa.ToJsonString(false);
string privateKey = rsa.ToJsonString(true);
return new RSAKey()
{
PublicKey = publicKey,
PrivateKey = privateKey,
Exponent = rsa.ExportParameters(false).Exponent.ToHexString(),
Modulus = rsa.ExportParameters(false).Modulus.ToHexString()
};
}
}
///
/// Create an RSA key
///
/// rsa
///
///
public static RSAKey CreateRsaKey(RSA rsa, bool includePrivate = true)
{
Check.Argument.IsNotNull(rsa, nameof(rsa));
string publicKey = rsa.ToJsonString(false);
var rsaKey = new RSAKey()
{
PublicKey = publicKey,
Exponent = rsa.ExportParameters(false).Exponent.ToHexString(),
Modulus = rsa.ExportParameters(false).Modulus.ToHexString()
};
if (includePrivate)
{
string privateKey = rsa.ToJsonString(true);
rsaKey.PrivateKey = privateKey;
}
return rsaKey;
}
///
/// Get rsa encrypt max length
///
/// Rsa instance
///
///
private static int GetMaxRsaEncryptLength(RSA rsa, RSAEncryptionPadding padding)
{
var offset = 0;
if (padding.Mode == RSAEncryptionPaddingMode.Pkcs1)
{
offset = 11;
}
else
{
if (padding.Equals(RSAEncryptionPadding.OaepSHA1))
{
offset = 42;
}
if (padding.Equals(RSAEncryptionPadding.OaepSHA256))
{
offset = 66;
}
if (padding.Equals(RSAEncryptionPadding.OaepSHA384))
{
offset = 98;
}
if (padding.Equals(RSAEncryptionPadding.OaepSHA512))
{
offset = 130;
}
}
var keySize = rsa.KeySize;
var maxLength = keySize / 8 - offset;
return maxLength;
}
#endregion
#region MD5
///
/// MD5 hash
///
/// The string to be encrypted.
/// The length of hash result , default value is .
///
public static string Md5(string srcString, MD5Length length = MD5Length.L32)
{
Check.Argument.IsNotEmpty(srcString, nameof(srcString));
string str_md5_out = string.Empty;
using (MD5 md5 = MD5.Create())
{
byte[] bytes_md5_in = Encoding.UTF8.GetBytes(srcString);
byte[] bytes_md5_out = md5.ComputeHash(bytes_md5_in);
str_md5_out = length == MD5Length.L32
? BitConverter.ToString(bytes_md5_out)
: BitConverter.ToString(bytes_md5_out, 4, 8);
str_md5_out = str_md5_out.Replace("-", "");
return str_md5_out;
}
}
#endregion
#region HMACMD5
///
/// HMACMD5 hash
///
/// The string to be encrypted
/// encrypte key
///
public static string HMACMD5(string srcString, string key)
{
Check.Argument.IsNotEmpty(srcString, nameof(srcString));
Check.Argument.IsNotEmpty(key, nameof(key));
byte[] secrectKey = Encoding.UTF8.GetBytes(key);
using (HMACMD5 md5 = new HMACMD5(secrectKey))
{
byte[] bytes_md5_in = Encoding.UTF8.GetBytes(srcString);
byte[] bytes_md5_out = md5.ComputeHash(bytes_md5_in);
string str_md5_out = BitConverter.ToString(bytes_md5_out);
str_md5_out = str_md5_out.Replace("-", "");
return str_md5_out;
}
}
#endregion
#region SHA1
///
/// SHA1加密
///
/// The string to be encrypted
///
public static string Sha1(string str)
{
Check.Argument.IsNotEmpty(str, "SHA1待加密字符");
using (SHA1 sha1 = SHA1.Create())
{
byte[] bytes_sha1_in = Encoding.UTF8.GetBytes(str);
byte[] bytes_sha1_out = sha1.ComputeHash(bytes_sha1_in);
string str_sha1_out = BitConverter.ToString(bytes_sha1_out);
str_sha1_out = str_sha1_out.Replace("-", "");
return str_sha1_out;
}
}
#endregion
#region SHA256
///
/// SHA256 encrypt
///
/// The string to be encrypted
///
public static string Sha256(string srcString)
{
Check.Argument.IsNotEmpty(srcString, nameof(srcString));
using (SHA256 sha256 = SHA256.Create())
{
byte[] bytes_sha256_in = Encoding.UTF8.GetBytes(srcString);
byte[] bytes_sha256_out = sha256.ComputeHash(bytes_sha256_in);
string str_sha256_out = BitConverter.ToString(bytes_sha256_out);
str_sha256_out = str_sha256_out.Replace("-", "");
return str_sha256_out;
}
}
#endregion
#region SHA384
///
/// SHA384 encrypt
///
/// The string to be encrypted
///
public static string Sha384(string srcString)
{
Check.Argument.IsNotEmpty(srcString, nameof(srcString));
using (SHA384 sha384 = SHA384.Create())
{
byte[] bytes_sha384_in = Encoding.UTF8.GetBytes(srcString);
byte[] bytes_sha384_out = sha384.ComputeHash(bytes_sha384_in);
string str_sha384_out = BitConverter.ToString(bytes_sha384_out);
str_sha384_out = str_sha384_out.Replace("-", "");
return str_sha384_out;
}
}
#endregion
#region SHA512
///
/// SHA512 encrypt
///
/// The string to be encrypted
///
public static string Sha512(string srcString)
{
Check.Argument.IsNotEmpty(srcString, nameof(srcString));
using (SHA512 sha512 = SHA512.Create())
{
byte[] bytes_sha512_in = Encoding.UTF8.GetBytes(srcString);
byte[] bytes_sha512_out = sha512.ComputeHash(bytes_sha512_in);
string str_sha512_out = BitConverter.ToString(bytes_sha512_out);
str_sha512_out = str_sha512_out.Replace("-", "");
return str_sha512_out;
}
}
#endregion
#region HMACSHA1
///
/// HMAC_SHA1
///
/// The string to be encrypted
/// encrypte key
///
public static string HMACSHA1(string srcString, string key)
{
Check.Argument.IsNotEmpty(srcString, nameof(srcString));
Check.Argument.IsNotEmpty(key, nameof(key));
byte[] secrectKey = Encoding.UTF8.GetBytes(key);
using (HMACSHA1 hmac = new HMACSHA1(secrectKey))
{
hmac.Initialize();
byte[] bytes_hmac_in = Encoding.UTF8.GetBytes(srcString);
byte[] bytes_hamc_out = hmac.ComputeHash(bytes_hmac_in);
string str_hamc_out = BitConverter.ToString(bytes_hamc_out);
str_hamc_out = str_hamc_out.Replace("-", "");
return str_hamc_out;
}
}
#endregion
#region HMACSHA256
///
/// HMAC_SHA256
///
/// The string to be encrypted
/// encrypte key
///
public static string HMACSHA256(string srcString, string key)
{
Check.Argument.IsNotEmpty(srcString, nameof(srcString));
Check.Argument.IsNotEmpty(key, nameof(key));
byte[] secrectKey = Encoding.UTF8.GetBytes(key);
using (HMACSHA256 hmac = new HMACSHA256(secrectKey))
{
hmac.Initialize();
byte[] bytes_hmac_in = Encoding.UTF8.GetBytes(srcString);
byte[] bytes_hamc_out = hmac.ComputeHash(bytes_hmac_in);
string str_hamc_out = BitConverter.ToString(bytes_hamc_out);
str_hamc_out = str_hamc_out.Replace("-", "");
return str_hamc_out;
}
}
#endregion
#region HMACSHA384
///
/// HMAC_SHA384
///
/// The string to be encrypted
/// encrypte key
///
public static string HMACSHA384(string srcString, string key)
{
Check.Argument.IsNotEmpty(srcString, nameof(srcString));
Check.Argument.IsNotEmpty(key, nameof(key));
byte[] secrectKey = Encoding.UTF8.GetBytes(key);
using (HMACSHA384 hmac = new HMACSHA384(secrectKey))
{
hmac.Initialize();
byte[] bytes_hmac_in = Encoding.UTF8.GetBytes(srcString);
byte[] bytes_hamc_out = hmac.ComputeHash(bytes_hmac_in);
string str_hamc_out = BitConverter.ToString(bytes_hamc_out);
str_hamc_out = str_hamc_out.Replace("-", "");
return str_hamc_out;
}
}
#endregion
#region HMACSHA512
///
/// HMAC_SHA512
///
/// The string to be encrypted
/// encrypte key
///
public static string HMACSHA512(string srcString, string key)
{
Check.Argument.IsNotEmpty(srcString, nameof(srcString));
Check.Argument.IsNotEmpty(key, nameof(key));
byte[] secrectKey = Encoding.UTF8.GetBytes(key);
using (HMACSHA512 hmac = new HMACSHA512(secrectKey))
{
hmac.Initialize();
byte[] bytes_hmac_in = Encoding.UTF8.GetBytes(srcString);
byte[] bytes_hamc_out = hmac.ComputeHash(bytes_hmac_in);
string str_hamc_out = BitConverter.ToString(bytes_hamc_out);
str_hamc_out = str_hamc_out.Replace("-", "");
return str_hamc_out;
}
}
#endregion
#region Machine Key
///
/// Create decryptionKey
///
/// decryption key length range is 16 -48
/// DecryptionKey
public static string CreateDecryptionKey(int length)
{
Check.Argument.IsNotOutOfRange(length, 16, 48, nameof(length));
return CreateMachineKey(length);
}
///
/// Create validationKey
///
///
/// ValidationKey
public static string CreateValidationKey(int length)
{
Check.Argument.IsNotOutOfRange(length, 48, 128, nameof(length));
return CreateMachineKey(length);
}
///
/// 使用加密服务提供程序实现加密生成随机数
///
/// 说明:
/// validationKey 的值可以是48到128个字符长,强烈建议使用可用的最长密钥
/// decryptionKey 的值可以是16到48字符长,建议使用48字符长
///
/// 使用方式:
/// string decryptionKey = EncryptManager.CreateMachineKey(48);
/// string validationKey = EncryptManager.CreateMachineKey(128);
///
/// 长度
///
private static string CreateMachineKey(int length)
{
byte[] random = new byte[length / 2];
RandomNumberGenerator rng = RandomNumberGenerator.Create();
rng.GetBytes(random);
StringBuilder machineKey = new StringBuilder(length);
for (int i = 0; i < random.Length; i++)
{
machineKey.Append(string.Format("{0:X2}", random[i]));
}
return machineKey.ToString();
}
#endregion
#region Base64
#region Base64加密解密
///
/// Base64 encrypt
///
/// input value
///
public static string Base64Encrypt(string input)
{
return Base64Encrypt(input, Encoding.UTF8);
}
///
/// Base64 encrypt
///
/// input value
/// text encoding
///
public static string Base64Encrypt(string input, Encoding encoding)
{
Check.Argument.IsNotEmpty(input, nameof(input));
return Convert.ToBase64String(encoding.GetBytes(input));
}
///
/// Base64 decrypt
///
/// input value
///
public static string Base64Decrypt(string input)
{
return Base64Decrypt(input, Encoding.UTF8);
}
///
/// Base64 decrypt
///
/// input value
/// text encoding
///
public static string Base64Decrypt(string input, Encoding encoding)
{
Check.Argument.IsNotEmpty(input, nameof(input));
return encoding.GetString(Convert.FromBase64String(input));
}
#endregion
#endregion
}
}