为 RSA dotnet 核心生成密钥

Generating keys for RSA dotnet core

我正在尝试使用以下内容将 RSA Public 密钥导入 dotnet:

var rsa = RSA.Create();
rsa.ImportRSAPublicKey(Convert.FromBase64String(PublicKey), out _);

密钥生成方式:

openssl genrsa -out name_of_private_key.pem 2048
openssl rsa -in name_of_private_key.pem -pubout > name_of_public_key.pem

输出:

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZL7iKRPSxrCflER6j/I
wB9fODXJgfxR4UBSU3oUJ8tIaBBnDrcutfXDfc7lZ9HcCZccvUsMzFKGJuvHthCE
/LNJmZtRRd02aLynoZSWqDBerCdRqXHbecMfK8KPxQSsWfinNiyFG76vTX2+V8P6
t4Cu8bM8j7foSBgOmECCSOjTuCG4bvKVS3bnu2lSBNgCjEMltk9W/3oSzKbN/mwn
GfViaXU5a1Zps3jLbx/z58o3Sb25QfQKU4xeohcx+Wj6d14lI80RErS1QTqSQ1rz
10Cs/Q1MudWstckqyE/u048GtXzQCzQOe4hWlyrcFqfiEAbV2jPLU61oer4/wT+0
7QIDAQAB
-----END PUBLIC KEY-----

然而这returns

System.Security.Cryptography.CryptographicException: ASN1 corrupted data.

为了导入密钥,我使用 headers 之间的文本并删除换行符,仅此而已。我注意到 rsa.ImportSubjectPublicKeyInfo 似乎有效,但我并没有尝试生成 X.509 密钥,我想要一个 PKCS#1 密钥,以便我可以使用上面的代码。

我猜我弄乱了 openssl 命令?

您可以使用以下 OpenSSL 语句将发布的 X.509/SPKI 密钥转换为 PKCS#1 public 密钥:

openssl rsa -pubin -RSAPublicKey_out -in name_of_public_key.pem > name_of_public_key_conv_pkcs1.pem

此 returns name_of_public_key_conv_pkcs1.pem 的以下键:

-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAtZL7iKRPSxrCflER6j/IwB9fODXJgfxR4UBSU3oUJ8tIaBBnDrcu
tfXDfc7lZ9HcCZccvUsMzFKGJuvHthCE/LNJmZtRRd02aLynoZSWqDBerCdRqXHb
ecMfK8KPxQSsWfinNiyFG76vTX2+V8P6t4Cu8bM8j7foSBgOmECCSOjTuCG4bvKV
S3bnu2lSBNgCjEMltk9W/3oSzKbN/mwnGfViaXU5a1Zps3jLbx/z58o3Sb25QfQK
U4xeohcx+Wj6d14lI80RErS1QTqSQ1rz10Cs/Q1MudWstckqyE/u048GtXzQCzQO
e4hWlyrcFqfiEAbV2jPLU61oer4/wT+07QIDAQAB
-----END RSA PUBLIC KEY-----

或者,您可以使用以下 OpenSSL 语句直接生成 PKCS#1 public 密钥:

openssl genrsa -out name_of_private_key.pem 2048
openssl rsa -in name_of_private_key.pem -RSAPublicKey_out > name_of_public_key_pkcs1.pem

Public PKCS#1 格式的密钥可以使用您发布的代码导入,例如

var PublicKey = @"-----BEGIN RSA PUBLIC KEY-----
                MIIBCgKCAQEAtZL7iKRPSxrCflER6j/IwB9fODXJgfxR4UBSU3oUJ8tIaBBnDrcu
                tfXDfc7lZ9HcCZccvUsMzFKGJuvHthCE/LNJmZtRRd02aLynoZSWqDBerCdRqXHb
                ecMfK8KPxQSsWfinNiyFG76vTX2+V8P6t4Cu8bM8j7foSBgOmECCSOjTuCG4bvKV
                S3bnu2lSBNgCjEMltk9W/3oSzKbN/mwnGfViaXU5a1Zps3jLbx/z58o3Sb25QfQK
                U4xeohcx+Wj6d14lI80RErS1QTqSQ1rz10Cs/Q1MudWstckqyE/u048GtXzQCzQO
                e4hWlyrcFqfiEAbV2jPLU61oer4/wT+07QIDAQAB
                -----END RSA PUBLIC KEY-----".
                Replace("-----BEGIN RSA PUBLIC KEY-----", "").
                Replace("-----END RSA PUBLIC KEY-----", "").
                Replace("\r\n", "");
var rsa = RSA.Create();
rsa.ImportRSAPublicKey(Convert.FromBase64String(PublicKey), out _);

RSAParameters parameters = rsa.ExportParameters(false);
Console.WriteLine(new BigInteger(parameters.Exponent, true, true)); // 65537
Console.WriteLine(new BigInteger(parameters.Modulus, true, true));  // 22921612997464368147681940553984745387167552018036344531503795467063837226615581953768444015539628345845035732103113334279875993301411098168640007990192163617624452836576802897196284289413557038039593995983320236405640276117810563150914793233680115042600127677172037054986051882799772185194759951925398974095268701931531156047608941244890064857847352301510189736406400522269201574332107656671336685945934753045233371160604896169352804846566979618872110365310073347596127824815830796826711019699206801083371733500629381548849681219453339114997443300562712444634750316194264179142382642144192449752430619501209065600237