AsymmetricKeyAlgorithmProvider 類別

  • 參考

定義

命名空間:
Windows.Security.Cryptography.Core
編輯

表示非對稱 (公用) 金鑰演算法的提供者。 如需詳細資訊,請參閱 密碼編譯金鑰

public ref class AsymmetricKeyAlgorithmProvider sealed
/// [Windows.Foundation.Metadata.ContractVersion(Windows.Foundation.UniversalApiContract, 65536)]
/// [Windows.Foundation.Metadata.MarshalingBehavior(Windows.Foundation.Metadata.MarshalingType.Agile)]
/// [Windows.Foundation.Metadata.Threading(Windows.Foundation.Metadata.ThreadingModel.Both)]
class AsymmetricKeyAlgorithmProvider final
[Windows.Foundation.Metadata.ContractVersion(typeof(Windows.Foundation.UniversalApiContract), 65536)]
[Windows.Foundation.Metadata.MarshalingBehavior(Windows.Foundation.Metadata.MarshalingType.Agile)]
[Windows.Foundation.Metadata.Threading(Windows.Foundation.Metadata.ThreadingModel.Both)]
public sealed class AsymmetricKeyAlgorithmProvider
Public NotInheritable Class AsymmetricKeyAlgorithmProvider
繼承
Object Platform::Object IInspectable AsymmetricKeyAlgorithmProvider
屬性
ContractVersionAttribute MarshalingBehaviorAttribute ThreadingAttribute

Windows 需求

裝置系列
Windows 10 (已於 10.0.10240.0 引進)
API contract
Windows.Foundation.UniversalApiContract (已於 v1.0 引進)

範例

因為非對稱式密碼編譯比對稱式密碼編譯慢很多,所以很少使用它來直接加密大量資料。 通常是改用下列方式來加密金鑰。

  • Alice 要求 Bob 只傳送加密的電子郵件給她。
  • Alice 建立一個私密/公開金鑰組,保密她的私密金鑰並發佈她的公開金鑰。
  • Bob 有一封電子郵件要傳送給 Alice。
  • Bob 建立一個對稱金鑰。
  • Bob 使用這個新的對稱金鑰來加密要傳送給 Alice 的電子郵件。
  • Bob 會使用 Alice 的公開金鑰來加密其對稱金鑰。
  • Bob 將加密的電子郵件及經過加密的對稱金鑰傳送給 Alice (以封住的方式)。
  • Alice 使用她的私密金鑰 (從私密/公開金鑰組) 來解密 Bob 的對稱金鑰。
  • Alice 會使用 Bob 的對稱金鑰來解密訊息。 在程式碼中可定址的上述程式層面,如下列範例所示。

using Windows.Security.Cryptography;
using Windows.Security.Cryptography.Core;
using Windows.Storage.Streams;

namespace SampleAsymmetricKeyAlgorithmProvider
{
    sealed partial class AsymmetricKeyAlgorithmApp : Application
    {
        static IBuffer buffKeyPair;

        public AsymmetricKeyAlgorithmApp()
        {
            // Initialize the application.
            this.InitializeComponent();

            // Create a symmetric session key.
            String strSymmetricAlgName = SymmetricAlgorithmNames.AesCbc;
            UInt32 symmetricKeyLength = 32;
            IBuffer buffSessionKey;
            this.SampleCreateSymmetricSessionKey(
                strSymmetricAlgName, 
                symmetricKeyLength, 
                out buffSessionKey);

            // Create an asymmetric key pair.
            String strAsymmetricAlgName = AsymmetricAlgorithmNames.RsaPkcs1;
            UInt32 asymmetricKeyLength = 512;
            IBuffer buffPublicKey;
            this.SampleCreateAsymmetricKeyPair(
                strAsymmetricAlgName, 
                asymmetricKeyLength, 
                out buffPublicKey);
 
            // Encrypt the symmetric session key by using the asymmetric public key.
            IBuffer buffEncryptedSessionKey;
            this.SampleAsymmetricEncryptSessionKey(
                strAsymmetricAlgName,
                buffSessionKey,
                buffPublicKey,
                out buffEncryptedSessionKey);

            // Decrypt the symmetric session key by using the asymmetric private key
            // that corresponds to the public key used to encrypt the session key.
            this.SampleAsymmetricDecryptSessionKey(
                strAsymmetricAlgName,
                strSymmetricAlgName,
                buffEncryptedSessionKey);
        }

        public void SampleCreateSymmetricSessionKey(
            string strSymmetricAlgName,
            UInt32 keyLength,
            out IBuffer buffSessionKey)
        {
            // Open a symmetric algorithm provider for the specified algorithm.
            SymmetricKeyAlgorithmProvider objAlg = SymmetricKeyAlgorithmProvider.OpenAlgorithm(strSymmetricAlgName);

            // Create a symmetric session key.
            IBuffer keyMaterial = CryptographicBuffer.GenerateRandom(keyLength);
            CryptographicKey sessionKey = objAlg.CreateSymmetricKey(keyMaterial);

            buffSessionKey = keyMaterial;
        }

        public void SampleCreateAsymmetricKeyPair(
            String strAsymmetricAlgName,
            UInt32 keyLength,
            out IBuffer buffPublicKey)
        {
            // Open the algorithm provider for the specified asymmetric algorithm.
            AsymmetricKeyAlgorithmProvider objAlgProv = AsymmetricKeyAlgorithmProvider.OpenAlgorithm(strAsymmetricAlgName);

            // Demonstrate use of the AlgorithmName property (not necessary to create a key pair).
            String strAlgName = objAlgProv.AlgorithmName;

            // Create an asymmetric key pair.
            CryptographicKey keyPair = objAlgProv.CreateKeyPair(keyLength);

            // Export the public key to a buffer for use by others.
            buffPublicKey = keyPair.ExportPublicKey();

            // You should keep your private key (embedded in the key pair) secure. For  
            // the purposes of this example, however, we're just copying it into a
            // static class variable for later use during decryption.
            AsymmetricKeyAlgorithmApp.buffKeyPair = keyPair.Export();
        }
 
        public void SampleAsymmetricEncryptSessionKey(
            String strAsymmetricAlgName,
            IBuffer buffSessionKeyToEncrypt,
            IBuffer buffPublicKey,
            out IBuffer buffEncryptedSessionKey)
        {
            // Open the algorithm provider for the specified asymmetric algorithm.
            AsymmetricKeyAlgorithmProvider objAlgProv = AsymmetricKeyAlgorithmProvider.OpenAlgorithm(strAsymmetricAlgName);

            // Import the public key from a buffer.
            CryptographicKey publicKey = objAlgProv.ImportPublicKey(buffPublicKey);

            // Encrypt the session key by using the public key.
            buffEncryptedSessionKey = CryptographicEngine.Encrypt(publicKey, buffSessionKeyToEncrypt, null);
        }

        public void SampleAsymmetricDecryptSessionKey(
            String strAsymmetricAlgName,
            String strSymmetricAlgName,
            IBuffer buffEncryptedSessionKey)
        {
            // Open the algorithm provider for the specified asymmetric algorithm.
            AsymmetricKeyAlgorithmProvider objAsymmAlgProv = AsymmetricKeyAlgorithmProvider.OpenAlgorithm(strAsymmetricAlgName);

            // Import the public key from a buffer. You should keep your private key
            // secure. For the purposes of this example, however, the private key is
            // just stored in a static class variable.
            CryptographicKey keyPair = objAsymmAlgProv.ImportKeyPair(AsymmetricKeyAlgorithmApp.buffKeyPair);

            // Use the private key embedded in the key pair to decrypt the session key.
            IBuffer buffDecryptedSessionKey = CryptographicEngine.Decrypt(keyPair, buffEncryptedSessionKey, null);

            // Convert the decrypted session key into a CryptographicKey object that
            // can be used to decrypt the message that it previously encrypted (not shown).
            SymmetricKeyAlgorithmProvider objSymmAlgProv = SymmetricKeyAlgorithmProvider.OpenAlgorithm(strSymmetricAlgName);
            CryptographicKey sessionKey = objSymmAlgProv.CreateSymmetricKey(buffDecryptedSessionKey);
        }
    }
}

備註

您可以藉由呼叫靜態 OpenAlgorithm 方法來建立 AsymmetricKeyAlgorithmProvider 物件。

屬性

AlgorithmName

取得開放式非對稱演算法的名稱。

方法

CreateKeyPair(UInt32)

建立公開/私密金鑰組。
CreateKeyPairWithCurveName(String)

使用演算法曲線名稱建立公開/私密金鑰組。
CreateKeyPairWithCurveParameters(Byte[])

使用曲線參數建立非對稱公用/私密金鑰組。
ImportKeyPair(IBuffer)

從緩衝區匯入公開/私密金鑰組。
ImportKeyPair(IBuffer, CryptographicPrivateKeyBlobType)

從指定格式的緩衝區匯入公用/私密金鑰組。
ImportPublicKey(IBuffer)

將公開金鑰匯入緩衝區。
ImportPublicKey(IBuffer, CryptographicPublicKeyBlobType)

將公開金鑰匯入至指定格式的緩衝區。
OpenAlgorithm(String)

建立 AsymmetricKeyAlgorithmProvider 類別的實例,並開啟指定的演算法以供使用。

適用於

另請參閱