RSA是常用的非對稱加密算法。近來有學生在項目中使用System.Security類庫中的RSA加密算法時,出現了“不正確的長度”,這實際上是因為待加密的數據超長所致。.net Framework中提供的RSA算法規定,每次加密的字節數,不能超過密鑰的長度值減去11,而每次加密得到的密文長度,卻恰恰是密鑰的長度。所以,如果要加密較長的數據,可以采用數據截取的方法,分段加密,實現如下:
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
byte[] data = ........; //要加密的數據
string publicKey = .... ; //獲取公鑰
rsa.FromXmlString(publicKey);
int keySize = rsa.KeySize / 8;
int bufferSize = keySize - 11;
byte[] buffer = new byte[bufferSize];
MemoryStream msInput = new MemoryStream(data);
MemoryStream msOuput = new MemoryStream();
int readLen = msInput.Read(buffer, 0, bufferSize);
while(readLen > 0)
{
byte[] dataToEnc = new byte[readLen];
Array.Copy(buffer, 0 , dataToEnc, 0, readLen);
byte[] encData = rsa.Encrypt(dataToEnc , false);
msOutput.Write(encData, 0, encData.Length);
readLen = msInput.Read(buffer, 0, bufferSize);
}
msInput.Close();
byte[] result = msOutput.ToArray(); //得到加密結果
msOutput.Close();
rsa.Clear();
解密時肯定也要使用分段解密,算法如下:
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
byte[] key = .....; //加載私鑰
string privateKey = Encoding.ASCII.GetString(key);
byte[] dataEnc = ...; //加載密文
rsa.FromXmlString(privateKey);
int keySize = rsa.KeySize / 8;
byte[] buffer = new byte[keySize];
MemoryStream msInput = new MemoryStream(dataEnc );
MemoryStream msOuput = new MemoryStream();
int readLen = msInput.Read(buffer, 0, keySize);
while(readLen > 0)
{
byte[] dataToDec = new byte[readLen];
Array.Copy(buffer, 0 , dataToDec, 0, readLen);
byte[] decData = rsa.Decrypt(dataToDec , false);
msOutput.Write(decData, 0, decData.Length);
readLen = msInput.Read(buffer, 0, keySize);
}
msInput.Close();
byte[] result = msOutput.ToArray(); //得到解密結果
msOutput.Close();
rsa.Clear();