/*
makecert.exe -n "CN=Microshaoft X509 Test - A" -sky exchange -pe -sv a.pvk a.cer
pvk2pfx.exe -pvk a.pvk -spc a.cer -pfx a.pfx -f -po 123
makecert.exe -n "CN=Microshaoft X509 Test - B" -sky exchange -pe -sv b.pvk b.cer
pvk2pfx.exe -pvk b.pvk -spc b.cer -pfx b.pfx -f -po abc
*/
namespace Test
{
using System;
using System.IO;
using System.Text;
using System.Threading;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using Microshaoft;
class Class1
{static void Main()
{
//=======================================
UTF8Encoding e = new UTF8Encoding();
string s;
byte[] data = e.GetBytes
(
@"测试@microshaoft.com测试@microshaoft.com测试@microshaoft.com
测试@microshaoft.com测试@microshaoft.com测试@microshaoft.com
测试@microshaoft.com测试@microshaoft.com测试@microshaoft.com
测试@microshaoft.com测试@microshaoft.com测试@microshaoft.com
测试@microshaoft.com测试@microshaoft.com测试@microshaoft.com
测试@microshaoft.com测试@microshaoft.com测试@microshaoft.com
测试@microshaoft.com测试@microshaoft.com测试@microshaoft.com");
byte[] encryptedData;
// Hybird
Console.WriteLine("Hybird(X509+3DES):=====================");
X509Certificate2 cerA = new X509Certificate2(@"C:\Documents and Settings\xiyueyu\桌面\a.cer");
X509Certificate2 pfxA = new X509Certificate2(@"C:\Documents and Settings\xiyueyu\桌面\a.pfx", "123");
X509Certificate2 cerB = new X509Certificate2(@"C:\Documents and Settings\xiyueyu\桌面\b.cer");
Secret secret = CryptoHelper.HybridEncrypt
(
pfxA
, cerA
, cerB
, HashSignatureMode.SHA1
, false
, data
);
X509Certificate2 pfxB = new X509Certificate2(@"C:\Documents and Settings\xiyueyu\桌面\b.pfx", "abc");
data = CryptoHelper.HybridDecrypt(pfxB, secret);
s = e.GetString(data);
Console.WriteLine("Hybird decrypted plain text:");
Console.WriteLine(s);
//100 字节以内
s = "测试@microshaoft.com测试@microshaoft.com测试@microshaoft.com测试";
data = e.GetBytes(s);
// X509
Console.WriteLine("\nX509 加解密 只能处理100字节以内的加解密:=====================");
X509Certificate2[] certs = X509CertificateHelper.LoadCertificatesFromStore
(
StoreName.My
, StoreLocation.CurrentUser
, "Microshaoft X509 Test"
, X509FindType.FindBySubjectName
);
X509Certificate2 cert = null;
if (certs != null)
{
foreach (X509Certificate2 c in certs)
{
Console.WriteLine(c.Subject);
cert = c;
}
}
X509Certificate2 cer = new X509Certificate2(@"C:\Documents and Settings\xiyueyu\桌面\a.cer");
X509Certificate2 pfx = new X509Certificate2(@"C:\Documents and Settings\xiyueyu\桌面\a.pfx", "123");
encryptedData = CryptoHelper.X509CertificateEncrypt(cer, data, false);
encryptedData = CryptoHelper.X509CertificateDecrypt(pfx, encryptedData, false);
s = e.GetString(encryptedData);
Console.WriteLine("X509 decrypted plain text: {0}", s);
//RSA
Console.WriteLine("\nRSA 加解密 只能处理100字节以内的加解密:=====================");
// RSA 非证书 只能处理100字节以内的加解密
s = "测试@microshaoft.com测试@microshaoft.com测试@microshaoft.com测试";
data = e.GetBytes(s);
RSACryptoServiceProvider x = new RSACryptoServiceProvider();
string privateKey = x.ToXmlString(true);
Console.WriteLine("RSA Private Key: {0}", privateKey);
string publicKey = x.ToXmlString(false);
Console.WriteLine("RSA Public Key: {0}", publicKey);
//公钥加密
encryptedData = CryptoHelper.RSAEncrypt(publicKey, data, false);
//私钥解密
data = CryptoHelper.RSADecrypt(privateKey, encryptedData, false);
Console.WriteLine("RSA Decrypted plaintext: {0}", e.GetString(data));
//私钥签名
byte[] signature = CryptoHelper.RSASignSHA1(privateKey, data);
//公钥验签
Console.WriteLine(CryptoHelper.RSAVerifySHA1(publicKey, data, signature));
//TripleDES
Console.WriteLine("\nTripleDES:===============");
string key = "000111222333444555666777888999aaabbbcccdddeeefff";//48
key = "012345678901234567890123456789012345678901234567";
key = "abcdefabcdefabcdefabcdefabcdefabcdefabcdefabcdef";
key = "0123456789abcdef01111111111111111111111111111110";
string iv = "0123456789abcdef";//16
iv = "0000000000000000";
data = e.GetBytes("测试@microshaoft.com");
data = CryptoHelper.TripleDESEncrypt
(
data,
CryptoHelper.HexStringToBytesArray(key),
CryptoHelper.HexStringToBytesArray(iv)
);
data = CryptoHelper.TripleDESDecrypt
(
data,
CryptoHelper.HexStringToBytesArray(key),
CryptoHelper.HexStringToBytesArray(iv)
);
Console.WriteLine("3DES Decrypted plaintext: {0}", e.GetString(data));
Console.WriteLine("X509 并发测试");
encryptorPrivateKeyPfxProvider = encryptorPrivateKeyPfx.PrivateKey as RSACryptoServiceProvider;
encryptorPublicKeyCerProvider = encryptorPublicKeyCer.PublicKey.Key as RSACryptoServiceProvider;
decryptorPublicKeyCerProvider = decryptorPublicKeyCer.PublicKey.Key as RSACryptoServiceProvider;
decryptorPrivateKeyPfxProvider = decryptorPrivateKeyPfx.PrivateKey as RSACryptoServiceProvider;
for (int i = 0 ; i < 1000 ; i++)
{
ThreadStart ts = new ThreadStart(Run);
Thread t = new Thread(ts);
t.Name = _ThreadID.ToString();
_ThreadID ++;
t.Start();
//Run();
}
Console.WriteLine(Environment.Version.ToString());
}
private static volatile int _ThreadID = 0;
private static object _syncLockObject = new object();
private static X509Certificate2 encryptorPrivateKeyPfx = new X509Certificate2(@"a.pfx", "123");
private static X509Certificate2 encryptorPublicKeyCer = new X509Certificate2(@"a.cer");
private static X509Certificate2 decryptorPublicKeyCer = new X509Certificate2(@"b.cer");
private static X509Certificate2 decryptorPrivateKeyPfx = new X509Certificate2(@"b.pfx", "abc");
private static RSACryptoServiceProvider encryptorPrivateKeyPfxProvider = null;
private static RSACryptoServiceProvider encryptorPublicKeyCerProvider = null;
private static RSACryptoServiceProvider decryptorPublicKeyCerProvider = null;
private static RSACryptoServiceProvider decryptorPrivateKeyPfxProvider = null;
static void Run()
{
/// X509Certificate2 cerA = null;// = new X509Certificate2(@"C:\Documents and Settings\xiyueyu\桌面\a.cer");
/// X509Certificate2 pfxA = null;// = new X509Certificate2(@"C:\Documents and Settings\xiyueyu\桌面\a.pfx", "123");
/// X509Certificate2 cerB = null;// = new X509Certificate2(@"C:\Documents and Settings\xiyueyu\桌面\b.cer");
/// X509Certificate2 pfxB = null;// = new X509Certificate2(@"C:\Documents and Settings\xiyueyu\桌面\b.pfx", "abc");
//lock (_syncLockObject)
{
try
{
//Thread.Sleep(50);
/// cerA = new X509Certificate2(@"C:\Documents and Settings\xiyueyu\桌面\a.cer");
/// pfxA = new X509Certificate2(@"C:\Documents and Settings\xiyueyu\桌面\a.pfx", "123");
/// cerB = new X509Certificate2(@"C:\Documents and Settings\xiyueyu\桌面\b.cer");
/// pfxB = new X509Certificate2(@"C:\Documents and Settings\xiyueyu\桌面\b.pfx", "abc");
UTF8Encoding e = new UTF8Encoding();
string s;
byte[] data = e.GetBytes
(
@"并发测试@microshaoft.com并发测试@microshaoft.com并发测试@microshaoft.com
并发测试@microshaoft.com并发测试@microshaoft.com并发测试@microshaoft.com
并发测试@microshaoft.com并发测试@microshaoft.com并发测试@microshaoft.com
并发测试@microshaoft.com并发测试@microshaoft.com并发测试@microshaoft.com
并发测试@microshaoft.com并发测试@microshaoft.com并发测试@microshaoft.com
并发测试@microshaoft.com并发测试@microshaoft.com并发测试@microshaoft.com
并发测试@microshaoft.com并发测试@microshaoft.com并发测试@microshaoft.com");
//byte[] encryptedData;
// Hybird
//Console.WriteLine("Hybird(X509+3DES):=====================");
Secret secret = CryptoHelper.HybridEncrypt
(
encryptorPrivateKeyPfxProvider
, encryptorPublicKeyCer
, decryptorPublicKeyCerProvider
, HashSignatureMode.SHA1
, false
, data
);
data = CryptoHelper.HybridDecrypt
(
decryptorPrivateKeyPfxProvider
, encryptorPublicKeyCerProvider
, secret
);
s = e.GetString(data);
Console.WriteLine("Hybird decrypted plain text: {0}", Thread.CurrentThread.Name);
Console.WriteLine(s);}
catch (Exception e)
{
// Thread.Sleep(1200);
Console.WriteLine("exception sleep: {0}", e.ToString());
Console.WriteLine("exception sleep: {0}", Thread.CurrentThread.Name);
// Run();
}
finally
{
/// cerA.Reset();
/// pfxA.Reset();
/// cerB.Reset();
/// cerB.Reset();
}
}}
}
}
namespace Microshaoft
{
using System;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
public static class X509CertificateHelper
{
public static X509Certificate2[] LoadCertificatesFromStore
(
StoreName storeName
, StoreLocation storeLocation
, string findValue
, X509FindType findType
)
{
X509Certificate2[] certs = null;
X509Store store = new X509Store(storeName, storeLocation);
store.Open(OpenFlags.ReadOnly);
try
{
X509Certificate2Collection matches = store.Certificates.Find(findType, findValue, false);
certs = new X509Certificate2[matches.Count];
matches.CopyTo(certs, 0);
}
finally
{
store.Close();
}
return certs;
}
}
}
namespace Microshaoft
{
using System;
using System.IO;
using System.Text;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
public class Secret
{
public byte[] EncryptorSharedEncryptedOnceKey;
public byte[] EncryptorSharedEncryptedOnceIV;
public byte[] EncryptorHashSignature;
public byte[] EncryptorPublicKeyCerRawData;
public byte[] EncryptedData;
public HashSignatureMode SignHashMode;
public bool DoOAEPadding;
}
public enum HashSignatureMode
{
MD5
, SHA1
}
public static class CryptoHelper
{
public static byte[] HybridDecrypt
(
X509Certificate2 decryptorPrivateKeyPfx
, Secret data
)
{
X509Certificate2 encryptorPublicKeyCer = null;
try
{
RSACryptoServiceProvider decryptorPrivateKeyPfxProvider = decryptorPrivateKeyPfx.PrivateKey as RSACryptoServiceProvider;
encryptorPublicKeyCer = new X509Certificate2(data.EncryptorPublicKeyCerRawData);
RSACryptoServiceProvider encryptorPublicKeyCerProvider = encryptorPublicKeyCer.PublicKey.Key as RSACryptoServiceProvider;
return HybridDecrypt
(
decryptorPrivateKeyPfxProvider
, encryptorPublicKeyCerProvider
, data
);
}
catch
{
return null;
}
finally
{
if (encryptorPublicKeyCer != null)
{
encryptorPublicKeyCer.Reset();
}
}
}public static byte[] HybridDecrypt
(
RSACryptoServiceProvider decryptorPrivateKeyPfxProvider
, RSACryptoServiceProvider encryptorPublicKeyCerProvider
, Secret data
)
{
byte[] buffer = null;
HashAlgorithm hashAlgorithm;
if (data.SignHashMode == HashSignatureMode.SHA1)
{
hashAlgorithm = new SHA1CryptoServiceProvider();
}
else //(hashSignatureMode == HashSignatureMode.MD5)
{
hashAlgorithm = new MD5CryptoServiceProvider();
}
using (MemoryStream stream = new MemoryStream())
{
buffer = data.EncryptorSharedEncryptedOnceIV;
stream.Write(buffer, 0, buffer.Length);
buffer = data.EncryptorSharedEncryptedOnceKey;
stream.Write(buffer, 0, buffer.Length);
buffer = data.EncryptedData;
stream.Position = 0;
buffer = hashAlgorithm.ComputeHash(stream);
stream.Close();
}
//X509Certificate2 encryptorPublicKeyCer = new X509Certificate2(data.EncryptorPublicKeyCerRawData);
//RSACryptoServiceProvider encryptorPublicKeyCerProvider = encryptorPublicKeyCer.PublicKey.Key as RSACryptoServiceProvider;
if (encryptorPublicKeyCerProvider.VerifyHash
(
buffer
, Enum.GetName
(
data.SignHashMode.GetType()
, data.SignHashMode
)
, data.EncryptorHashSignature
)
)
{
//decryptorPrivateKeyPfxProvider = decryptorPrivateKeyPfx.PrivateKey as RSACryptoServiceProvider;
using (TripleDESCryptoServiceProvider des = new TripleDESCryptoServiceProvider())
{
buffer = data.EncryptorSharedEncryptedOnceIV;
buffer = decryptorPrivateKeyPfxProvider.Decrypt(buffer, data.DoOAEPadding);
des.IV = buffer;
buffer = data.EncryptorSharedEncryptedOnceKey;
buffer = decryptorPrivateKeyPfxProvider.Decrypt(buffer, data.DoOAEPadding);
des.Key = buffer;
buffer = data.EncryptedData;
buffer = des.CreateDecryptor().TransformFinalBlock(buffer, 0, buffer.Length);
}
}
else
{
buffer = null;
}
return buffer;
}
public static Secret HybridEncrypt
(
byte[] encryptorPrivateKeyPfxRawData
, byte[] encryptorPublicKeyCerRawData
, byte[] decryptorPublicKeyCerRawData
, HashSignatureMode hashSignatureMode
, bool DoOAEPadding
, byte[] data
)
{
X509Certificate2 encryptorPrivateKeyPfx = null;
X509Certificate2 encryptorPublicKeyCer = null;
X509Certificate2 decryptorPublicKeyCer = null;
try
{
encryptorPrivateKeyPfx = null;
encryptorPublicKeyCer = null;
decryptorPublicKeyCer = null;
return HybridEncrypt
(
encryptorPrivateKeyPfx
, encryptorPublicKeyCer
, decryptorPublicKeyCer
, hashSignatureMode
, DoOAEPadding
, data
);
}
catch
{
return null;
}
finally
{
if (encryptorPrivateKeyPfx != null)
{
encryptorPrivateKeyPfx.Reset();
}
if (encryptorPublicKeyCer != null)
{
encryptorPublicKeyCer.Reset();
}
if (decryptorPublicKeyCer != null)
{
decryptorPublicKeyCer.Reset();
}
}
}
public static Secret HybridEncrypt
(
string encryptorPrivateKeyPfxFileName
, string encryptorPublicKeyCerFileName
, string decryptorPublicKeyCerFileName
, HashSignatureMode hashSignatureMode
, bool DoOAEPadding
, byte[] data
)
{
X509Certificate2 encryptorPrivateKeyPfx = null;
X509Certificate2 encryptorPublicKeyCer = null;
X509Certificate2 decryptorPublicKeyCer = null;
try
{
encryptorPrivateKeyPfx = new X509Certificate2(encryptorPrivateKeyPfxFileName