通过

AsymmetricKeyAlgorithmProvider 类

  • 参考

定义

命名空间:
Windows.Security.Cryptography.Core
编辑

表示非对称 (公共) 密钥算法的提供程序。 有关详细信息,请参阅 加密密钥

public ref class AsymmetricKeyAlgorithmProvider sealed
/// [Windows.Foundation.Metadata.ContractVersion(Windows.Foundation.UniversalApiContract, 65536)]
/// [Windows.Foundation.Metadata.MarshalingBehavior(Windows.Foundation.Metadata.MarshalingType.Agile)]
/// [Windows.Foundation.Metadata.Threading(Windows.Foundation.Metadata.ThreadingModel.Both)]
class AsymmetricKeyAlgorithmProvider final
[Windows.Foundation.Metadata.ContractVersion(typeof(Windows.Foundation.UniversalApiContract), 65536)]
[Windows.Foundation.Metadata.MarshalingBehavior(Windows.Foundation.Metadata.MarshalingType.Agile)]
[Windows.Foundation.Metadata.Threading(Windows.Foundation.Metadata.ThreadingModel.Both)]
public sealed class AsymmetricKeyAlgorithmProvider
Public NotInheritable Class AsymmetricKeyAlgorithmProvider
继承
Object Platform::Object IInspectable AsymmetricKeyAlgorithmProvider
属性
ContractVersionAttribute MarshalingBehaviorAttribute ThreadingAttribute

Windows 要求

设备系列
Windows 10 (在 10.0.10240.0 中引入)
API contract
Windows.Foundation.UniversalApiContract (在 v1.0 中引入)

示例

因为非对称加密比对称加密慢得多,所以非对称加密很少用于直接加密大量数据。 非对称加密通常用于按以下方式加密密钥。

  • Alice 要求 Bob 仅向她发送已加密的邮件。
  • Alice 创建了一个私钥/公钥对,将其私钥保密,并发布了其公钥。
  • Bob 有一封要发给 Alice 的邮件。
  • Bob 创建了一个对称密钥。
  • Bob 使用其新对称密钥来加密他要发给 Alice 的邮件。
  • Bob 使用 Alice 的公钥来加密其对称密钥。
  • Bob 将已加密的邮件和已加密的对称密钥发送给 Alice(已包封)。
  • Alice 使用其私钥(来自私钥/公钥对)来解密 Bob 的对称密钥。
  • Alice 使用 Bob 的对称密钥来解密消息。 以下示例演示了可在代码中解决的上述过程的各个方面。

using Windows.Security.Cryptography;
using Windows.Security.Cryptography.Core;
using Windows.Storage.Streams;

namespace SampleAsymmetricKeyAlgorithmProvider
{
    sealed partial class AsymmetricKeyAlgorithmApp : Application
    {
        static IBuffer buffKeyPair;

        public AsymmetricKeyAlgorithmApp()
        {
            // Initialize the application.
            this.InitializeComponent();

            // Create a symmetric session key.
            String strSymmetricAlgName = SymmetricAlgorithmNames.AesCbc;
            UInt32 symmetricKeyLength = 32;
            IBuffer buffSessionKey;
            this.SampleCreateSymmetricSessionKey(
                strSymmetricAlgName, 
                symmetricKeyLength, 
                out buffSessionKey);

            // Create an asymmetric key pair.
            String strAsymmetricAlgName = AsymmetricAlgorithmNames.RsaPkcs1;
            UInt32 asymmetricKeyLength = 512;
            IBuffer buffPublicKey;
            this.SampleCreateAsymmetricKeyPair(
                strAsymmetricAlgName, 
                asymmetricKeyLength, 
                out buffPublicKey);
 
            // Encrypt the symmetric session key by using the asymmetric public key.
            IBuffer buffEncryptedSessionKey;
            this.SampleAsymmetricEncryptSessionKey(
                strAsymmetricAlgName,
                buffSessionKey,
                buffPublicKey,
                out buffEncryptedSessionKey);

            // Decrypt the symmetric session key by using the asymmetric private key
            // that corresponds to the public key used to encrypt the session key.
            this.SampleAsymmetricDecryptSessionKey(
                strAsymmetricAlgName,
                strSymmetricAlgName,
                buffEncryptedSessionKey);
        }

        public void SampleCreateSymmetricSessionKey(
            string strSymmetricAlgName,
            UInt32 keyLength,
            out IBuffer buffSessionKey)
        {
            // Open a symmetric algorithm provider for the specified algorithm.
            SymmetricKeyAlgorithmProvider objAlg = SymmetricKeyAlgorithmProvider.OpenAlgorithm(strSymmetricAlgName);

            // Create a symmetric session key.
            IBuffer keyMaterial = CryptographicBuffer.GenerateRandom(keyLength);
            CryptographicKey sessionKey = objAlg.CreateSymmetricKey(keyMaterial);

            buffSessionKey = keyMaterial;
        }

        public void SampleCreateAsymmetricKeyPair(
            String strAsymmetricAlgName,
            UInt32 keyLength,
            out IBuffer buffPublicKey)
        {
            // Open the algorithm provider for the specified asymmetric algorithm.
            AsymmetricKeyAlgorithmProvider objAlgProv = AsymmetricKeyAlgorithmProvider.OpenAlgorithm(strAsymmetricAlgName);

            // Demonstrate use of the AlgorithmName property (not necessary to create a key pair).
            String strAlgName = objAlgProv.AlgorithmName;

            // Create an asymmetric key pair.
            CryptographicKey keyPair = objAlgProv.CreateKeyPair(keyLength);

            // Export the public key to a buffer for use by others.
            buffPublicKey = keyPair.ExportPublicKey();

            // You should keep your private key (embedded in the key pair) secure. For  
            // the purposes of this example, however, we're just copying it into a
            // static class variable for later use during decryption.
            AsymmetricKeyAlgorithmApp.buffKeyPair = keyPair.Export();
        }
 
        public void SampleAsymmetricEncryptSessionKey(
            String strAsymmetricAlgName,
            IBuffer buffSessionKeyToEncrypt,
            IBuffer buffPublicKey,
            out IBuffer buffEncryptedSessionKey)
        {
            // Open the algorithm provider for the specified asymmetric algorithm.
            AsymmetricKeyAlgorithmProvider objAlgProv = AsymmetricKeyAlgorithmProvider.OpenAlgorithm(strAsymmetricAlgName);

            // Import the public key from a buffer.
            CryptographicKey publicKey = objAlgProv.ImportPublicKey(buffPublicKey);

            // Encrypt the session key by using the public key.
            buffEncryptedSessionKey = CryptographicEngine.Encrypt(publicKey, buffSessionKeyToEncrypt, null);
        }

        public void SampleAsymmetricDecryptSessionKey(
            String strAsymmetricAlgName,
            String strSymmetricAlgName,
            IBuffer buffEncryptedSessionKey)
        {
            // Open the algorithm provider for the specified asymmetric algorithm.
            AsymmetricKeyAlgorithmProvider objAsymmAlgProv = AsymmetricKeyAlgorithmProvider.OpenAlgorithm(strAsymmetricAlgName);

            // Import the public key from a buffer. You should keep your private key
            // secure. For the purposes of this example, however, the private key is
            // just stored in a static class variable.
            CryptographicKey keyPair = objAsymmAlgProv.ImportKeyPair(AsymmetricKeyAlgorithmApp.buffKeyPair);

            // Use the private key embedded in the key pair to decrypt the session key.
            IBuffer buffDecryptedSessionKey = CryptographicEngine.Decrypt(keyPair, buffEncryptedSessionKey, null);

            // Convert the decrypted session key into a CryptographicKey object that
            // can be used to decrypt the message that it previously encrypted (not shown).
            SymmetricKeyAlgorithmProvider objSymmAlgProv = SymmetricKeyAlgorithmProvider.OpenAlgorithm(strSymmetricAlgName);
            CryptographicKey sessionKey = objSymmAlgProv.CreateSymmetricKey(buffDecryptedSessionKey);
        }
    }
}

注解

通过调用静态 OpenAlgorithm 方法创建 AsymmetricKeyAlgorithmProvider 对象。

属性

AlgorithmName

获取开放非对称算法的名称。

方法

CreateKeyPair(UInt32)

创建公钥/私钥对。
CreateKeyPairWithCurveName(String)

使用算法曲线名称创建公钥/私钥对。
CreateKeyPairWithCurveParameters(Byte[])

使用曲线参数创建非对称公钥/私钥对。
ImportKeyPair(IBuffer)

从缓冲区导入公钥/私钥对。
ImportKeyPair(IBuffer, CryptographicPrivateKeyBlobType)

以指定格式从缓冲区导入公钥/私钥对。
ImportPublicKey(IBuffer)

将公钥导入缓冲区。
ImportPublicKey(IBuffer, CryptographicPublicKeyBlobType)

将指定格式的公钥导入缓冲区。
OpenAlgorithm(String)

创建 AsymmetricKeyAlgorithmProvider 类的实例,并打开指定的算法以供使用。

适用于

另请参阅