我在使用私钥签署数据时遇到问题。我无法获取私有证书中所需的数据;我认为我无法获得适当的特权或许可。 ((System.Security.Cryptography.RSACryptoServiceProvider)privateCertificate.PrivateKey).CspKeyContainerInfo.CryptoKeySecurity = '((System.Security.Cryptography.RSACryptoServiceProvider)privateCertificate.PrivateKey).CspKeyContainerInfo.CryptoKeySecurity' 引发类型为“System.Security.AccessControl”的异常.PrivilegeNotHeldException'
using System;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.Text;
class Program
{
static void Main(string[] args)
{
try
{
// Load the public key from the .cer file
X509Certificate2 publicCertificate = new X509Certificate2("public.cer");
RSAParameters publicKey = ((RSA)publicCertificate.PublicKey.Key).ExportParameters(false);
// Load the private key from the .pfx file
X509Certificate2 privateCertificate = new X509Certificate2("private.pfx", "marwadi", X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);
RSACryptoServiceProvider privateKey = (RSACryptoServiceProvider)privateCertificate.PrivateKey;
// Message to be encrypted
string originalMessage = "Vivek";
// Convert the message to bytes
byte[] originalBytes = Encoding.UTF8.GetBytes(originalMessage);
// Encrypt the message using the public key
byte[] encryptedBytes = Encryption(originalBytes, publicKey, true);
// Generate a signature for the encrypted data
byte[] signature = GenerateSignature(encryptedBytes, privateKey);
// Verify the signature before decryption
if (VerifySignature(encryptedBytes, signature, publicKey))
{
// Decrypt the message using the private key
byte[] decryptedData = Decryption(encryptedBytes, privateKey);
// Convert the decrypted bytes back to a string
string decryptedMessage = Encoding.UTF8.GetString(decryptedData);
// Display the results
Console.WriteLine("Original Message: " + originalMessage);
Console.WriteLine("Encrypted Message: " + Convert.ToBase64String(encryptedBytes));
Console.WriteLine("Signature: " + Convert.ToBase64String(signature));
Console.WriteLine("Decrypted Message: " + decryptedMessage);
}
else
{
Console.WriteLine("Invalid Signature. Aborting decryption.");
}
}
catch (Exception e)
{
Console.WriteLine("An error occurred: " + e.Message);
Console.WriteLine("StackTrace: " + e.StackTrace);
}
Console.ReadKey();
}
static public byte[] Encryption(byte[] data, RSAParameters publicKey, bool doOAEPPadding)
{
try
{
byte[] encryptedData;
using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
{
rsa.ImportParameters(publicKey);
encryptedData = rsa.Encrypt(data, doOAEPPadding);
}
return encryptedData;
}
catch (CryptographicException e)
{
Console.WriteLine("Encryption error: " + e.Message);
Console.WriteLine("StackTrace: " + e.StackTrace);
return null;
}
}
static public byte[] GenerateSignature(byte[] data, RSACryptoServiceProvider privateKey)
{
try
{
RSAPKCS1SignatureFormatter rsaFormatter = new RSAPKCS1SignatureFormatter(privateKey);
rsaFormatter.SetHashAlgorithm(nameof(SHA256));
return rsaFormatter.CreateSignature(data);
}
catch (CryptographicException e)
{
Console.WriteLine("Signature generation error: " + e.Message);
Console.WriteLine("StackTrace: " + e.StackTrace);
return null;
}
}
static public bool VerifySignature(byte[] data, byte[] signature, RSAParameters publicKey)
{
try
{
using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
{
rsa.ImportParameters(publicKey);
RSAPKCS1SignatureDeformatter rsaDeformatter = new RSAPKCS1SignatureDeformatter(rsa);
rsaDeformatter.SetHashAlgorithm(nameof(SHA256));
return rsaDeformatter.VerifySignature(data, signature);
}
}
catch (CryptographicException e)
{
Console.WriteLine("Signature verification error: " + e.Message);
Console.WriteLine("StackTrace: " + e.StackTrace);
return false;
}
}
static public byte[] Decryption(byte[] data, RSACryptoServiceProvider privateKey)
{
try
{
return privateKey.Decrypt(data, true);
}
catch (CryptographicException e)
{
Console.WriteLine("Decryption error: " + e.Message);
Console.WriteLine("StackTrace: " + e.StackTrace);
return null;
}
}
}
using System;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.Text;
class Program
{
static void Main(string[] args)
{
try
{
// Load the public key from the .cer file
X509Certificate2 publicCertificate = new X509Certificate2("Your public cer");
RSA publicRSA = publicCertificate.GetRSAPublicKey(); // Using GetRSAPublicKey for better compatibility
// Load the private key from the .pfx file
X509Certificate2 privateCertificate = new X509Certificate2("Your private pfx", "password", X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet);
RSA privateRSA = privateCertificate.GetRSAPrivateKey(); // Using GetRSAPrivateKey for better compatibility
// Message to be encrypted
string originalMessage = "Vivek";
byte[] originalBytes = Encoding.UTF8.GetBytes(originalMessage);
// Encrypt the message using the public key
byte[] encryptedBytes = EncryptData(originalBytes, publicRSA);
// Generate a signature for the encrypted data
byte[] signature = GenerateSignature(encryptedBytes, privateRSA);
// Verify the signature before decryption
if (VerifySignature(encryptedBytes, signature, publicRSA))
{
// Decrypt the message using the private key
byte[] decryptedData = DecryptData(encryptedBytes, privateRSA);
// Convert the decrypted bytes back to a string
string decryptedMessage = Encoding.UTF8.GetString(decryptedData);
// Display the results
Console.WriteLine("Original Message: " + originalMessage);
Console.WriteLine("Encrypted Message: " + Convert.ToBase64String(encryptedBytes));
Console.WriteLine("Signature: " + Convert.ToBase64String(signature));
Console.WriteLine("Decrypted Message: " + decryptedMessage);
}
else
{
Console.WriteLine("Invalid Signature. Aborting decryption.");
}
}
catch (Exception e)
{
Console.WriteLine("An error occurred: " + e.Message);
}
Console.ReadKey();
}
static byte[] EncryptData(byte[] data, RSA publicKey)
{
return publicKey.Encrypt(data, RSAEncryptionPadding.OaepSHA256);
}
static byte[] DecryptData(byte[] data, RSA privateKey)
{
return privateKey.Decrypt(data, RSAEncryptionPadding.OaepSHA256);
}
static byte[] GenerateSignature(byte[] data, RSA privateKey)
{
return privateKey.SignData(data, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
}
static bool VerifySignature(byte[] data, byte[] signature, RSA publicKey)
{
return publicKey.VerifyData(data, signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
}
}
This code will solve the issue as it uses getter for both public and private RSA if you face any other error feel free to post it