不限长度RAS加密解密

RSA 是常用的非对称加密算法。最近使用时却出现了提示“不正确的长度”,排查发现是由于待加密的数据超长所致。

.NET Framework 中提供的 RSA 算法规定:

待加密的字节数不能超过密钥的长度值除以 8 再减去 11(即:RSACryptoServiceProvider.KeySize / 8 - 11),而加密后得到密文的字节数,正好是密钥的长度值除以 8(即:RSACryptoServiceProvider.KeySize / 8)。

所以,如果要加密较长的数据,则可以采用分段加解密的方式,实现方式如下:

加密部分代码如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
public static String Encrypt(string xmlPublicKey, string EncryptString)
{
using (RSACryptoServiceProvider RSACryptography = new RSACryptoServiceProvider())
{
RSACryptography.FromXmlString(xmlPublicKey);
Byte[] PlaintextData = Encoding.UTF8.GetBytes(EncryptString);
int MaxBlockSize = RSACryptography.KeySize / 8 - 11; //加密块最大长度限制

if (PlaintextData.Length <= MaxBlockSize)
return Convert.ToBase64String(RSACryptography.Encrypt(PlaintextData, false));

using (MemoryStream PlaiStream = new MemoryStream(PlaintextData))
using (MemoryStream CrypStream = new MemoryStream())
{
Byte[] Buffer = new Byte[MaxBlockSize];
int BlockSize = PlaiStream.Read(Buffer, 0, MaxBlockSize);

while (BlockSize > 0)
{
Byte[] ToEncrypt = new Byte[BlockSize];
Array.Copy(Buffer, 0, ToEncrypt, 0, BlockSize);

Byte[] Cryptograph = RSACryptography.Encrypt(ToEncrypt, false);
CrypStream.Write(Cryptograph, 0, Cryptograph.Length);

BlockSize = PlaiStream.Read(Buffer, 0, MaxBlockSize);
}

return Convert.ToBase64String(CrypStream.ToArray(), Base64FormattingOptions.None);
}
}
}

//解密部分代码如下

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
public static String Decrypt(string xmlPrivateKey, string EncryptString)
{
using (RSACryptoServiceProvider RSACryptography = new RSACryptoServiceProvider())
{

try
{
RSACryptography.FromXmlString(xmlPrivateKey);
Byte[] CiphertextData = Convert.FromBase64String(EncryptString);
int MaxBlockSize = RSACryptography.KeySize / 8; //解密块最大长度限制

if (CiphertextData.Length <= MaxBlockSize)
return Encoding.UTF8.GetString(RSACryptography.Decrypt(CiphertextData, false));

using (MemoryStream CrypStream = new MemoryStream(CiphertextData))
using (MemoryStream PlaiStream = new MemoryStream())
{
Byte[] Buffer = new Byte[MaxBlockSize];
int BlockSize = CrypStream.Read(Buffer, 0, MaxBlockSize);

while (BlockSize > 0)
{
Byte[] ToDecrypt = new Byte[BlockSize];
Array.Copy(Buffer, 0, ToDecrypt, 0, BlockSize);

Byte[] Plaintext = RSACryptography.Decrypt(ToDecrypt, false);
PlaiStream.Write(Plaintext, 0, Plaintext.Length);

BlockSize = CrypStream.Read(Buffer, 0, MaxBlockSize);
}

return Encoding.UTF8.GetString(PlaiStream.ToArray());
}
}
catch (Exception)
{
return "解密失败,请检查传输数据";
}
}
}