博客
关于我
强烈建议你试试无所不能的chatGPT,快点击我
33.NET对加密和解密的支持
阅读量:6153 次
发布时间:2019-06-21

本文共 8439 字,大约阅读时间需要 28 分钟。

  散列运算

mscorlib.dll下的System.Security.Cryptography下:

抽象类HashAlgorithm
    抽象类MD5
        MD5CryptoServiceProvider
    SHA1
        SHA1CryptoServiceProvider密封类:调用Windows Crypto API
        SHA1Managed普通类:用托管代码写的
    SHA256
        SHA256CryptoServiceProvider
        SHA256Managed
    SHA384
    SHA512

 

□ 对字节数组或流散列运算

class Program
{
static void Main(string[] args)
{
string str = "Hello World";
HashAlgorithm hashAlgorithm = HashAlgorithm.Create(HashAlgorithmType.SHA1);
byte[] data = Encoding.Default.GetBytes(str);
byte[] digest = hashAlgorithm.ComputeHash(data);
foreach (byte b in digest)
{
Console.Write("{0:X}",b);
}
Console.ReadKey();
}
}
 
public class HashAlgorithmType
{
public const string SHA1 = "SHA1";
public const string SHA256 = "SHA256";
public const string SHA384 = "SHA384";
public const string SHA512 = "SHA512";
public const string MD5 = "MD5";
}

 

□ 密匙散列运算       

string key = "secret key";
byte[] data = Encoding.Default.GetBytes(key);
KeyedHashAlgorithm kha = new HMACSHA1();
byte[] digest = kha.ComputeHash(data);
foreach (byte b in digest)
{
Console.Write("{0:x}",b);
}

 

  对称加密和解密

SymmetricAlgorithm

    DES
        DESCryptoServiceProvider
    TripleDES
        TripleDESCryptoServiceProvider
    Rijndael
        RijindaelManaged
    RC2  
        RC2CryptoServiceProvider

 

IV:Initialization vector初始化向量:

-为了解决加密字符串加密后仍然有重复部分,引入IV,加密字符串即使有重复,也会被打乱。
-IV值可以随意指定,但长度固定,通常为64位byte类型
-密匙长度也是固定的,通常为128位或196位byte类型

 

使用Encoding类将字符串转换为byte[]:

-如果使用UTF8,会变长编码

 

加密解密方法:

-加密方法:CreateEncryptor(),返回ICryptoTransform接口类型
-解密方法:CreateDecryptor(),返回ICrtyptoTransform接口类型

 

明文流和加密流的转换:

public CryptoStream(Stream stream, ICryptoTransform transform, CryptoStreamMode mode)
 
class Program
{
static void Main(string[] args)
{
#region 对称加密和解密
 
string key = "secret key";
string str = "Hello World";
 
//加密
string encryptedText = SymmetricCryptoHelper.Encrypt(str, key);
Console.WriteLine(encryptedText);
 
//解密
string clearText = SymmetricCryptoHelper.Decrypt(encryptedText, key);
Console.WriteLine(clearText);
 
Console.ReadKey();
 
#endregion
}
}
 
//对称加密帮助类
public class SymmetricCryptoHelper
{
private ICryptoTransform encryptor;  //加密器对象
private ICryptoTransform decryptor; //解密器对象
private const int BufferSize = 1024;
 
public SymmetricCryptoHelper(string algorithmName, byte[] key)
{
SymmetricAlgorithm provider = SymmetricAlgorithm.Create(algorithmName);
provider.Key = key;
provider.IV = new byte[] { 0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF };
 
encryptor = provider.CreateEncryptor();
decryptor = provider.CreateDecryptor();
}
 
public SymmetricCryptoHelper(byte[] key) : this("TripleDES", key){}
 
//加密算法
public string Encrypt(string clearText)
{
//创建明文流
byte[] clearBuffer = Encoding.UTF8.GetBytes(clearText);
//byte[] clearBuffer = Encoding.Default.GetBytes(clearText);
MemoryStream clearStream = new MemoryStream(clearBuffer);
 
//创建空的密文流
MemoryStream encryptedStream = new MemoryStream();
 
//明文流和密文流转换流,准备写到密文流中
CryptoStream cryptoStream = new CryptoStream(encryptedStream, encryptor, CryptoStreamMode.Write);
 
int bytesRead = 0;
byte[] buffer = new byte[BufferSize];
do
{
//读取明文流到buffer中
bytesRead = clearStream.Read(buffer, 0, BufferSize);
//通过CryptoStream将buffer中的明文流字节数组写到明文流中
cryptoStream.Write(buffer, 0, bytesRead);
} while (bytesRead > 0);
 
cryptoStream.FlushFinalBlock();
 
//获取加密后的字节数组
buffer = encryptedStream.ToArray();
 
//将加密后的字节数组转换成字符串
string encryptedText = Convert.ToBase64String(buffer);
return encryptedText;
}
 
//解密算法
public string Decrypt(string encryptedText)
{
//把加密字符串转换为加密字节数组
byte[] encryptedBuffer = Convert.FromBase64String(encryptedText);
//创建密文流
Stream encryptedStream = new MemoryStream(encryptedBuffer);
 
//创建空的明文流
MemoryStream clearStream = new MemoryStream();
 
//创建明文流和密文流的转化流,读取密文流
CryptoStream cryptoStream = new CryptoStream(encryptedStream, decryptor, CryptoStreamMode.Read);
 
int bytesRead = 0;
byte[] buffer = new byte[BufferSize];
 
do
{
//通过CryptoStream读取密文流到Buffer
bytesRead = cryptoStream.Read(buffer, 0, BufferSize);
//把Buffer中的密文流写到明文流中
clearStream.Write(buffer, 0, bytesRead);
} while (bytesRead > 0);
 
//将明文流转换成字节数组
buffer = clearStream.GetBuffer();
 
string clearText = Encoding.UTF8.GetString(buffer, 0, (int)clearStream.Length);
//string clearText = Encoding.Default.GetString(buffer, 0, (int)clearStream.Length);
return clearText;
}
 
//密匙加密
public static string Encrypt(string clearText, string key)
{
byte[] keyData = new byte[16]; //TripleDES密匙固定长度为16个字节
 
//把密匙字符串转换成字节数组
byte[] sourceData = Encoding.Default.GetBytes(key);
int copyBytes = 16;
if (sourceData.Length < 16)
{
copyBytes = sourceData.Length;
}
 
//把密匙数组复制到keyData字节数组中
Array.Copy(sourceData,keyData,copyBytes);
 
SymmetricCryptoHelper helper = new SymmetricCryptoHelper(keyData);
return helper.Encrypt(clearText);
}
 
//密匙解密
public static string Decrypt(string encryptedText, string key)
{
byte[] keyData = new byte[16];
byte[] sourceData = Encoding.Default.GetBytes(key);
int copyBytes = 16;
if (sourceData.Length < 16)
{
copyBytes = sourceData.Length;
}
Array.Copy(sourceData,keyData,copyBytes);
 
SymmetricCryptoHelper helper = new SymmetricCryptoHelper(keyData);
return helper.Decrypt(encryptedText);
}
}
 

 

  非对称加密

AsymmetricAlgorithm

    RSA
        RSACryptoServiceProvider
    DSA
        DSACryptoServiceProvider:只能进行认证模式,即数字签名

 

对称加密中的密匙:

密匙为由开发者设定的字符串

 

非对称加密中的密匙:

● 通常是自动生成,不同的算法有不同的密匙格式   
● 在创建RSACryptoServiceProvider实例时,会自动创建一个公/私密匙对。在实例上调用ToXmlString()方法获得。

            RSACryptoServiceProvider provider = new RSACryptoServiceProvider();

            string publicPrivate = provider.ToXmlString(true);//获得公/私匙对
            //string publicOnly = provider.ToXmlString(false); //只获得公匙
            Console.Write(publicPrivate);
            Console.ReadKey();

 

□ 非对称加密帮助类

//非对称加密帮助类
public class RSACryptoHelper
{
//加密
public static string Encrypt(string publicKeyXml, string plainText)
{
RSACryptoServiceProvider provider = new RSACryptoServiceProvider();
provider.FromXmlString(publicKeyXml); //使用公匙初始化对象
byte[] plainData = Encoding.Default.GetBytes(plainText);
byte[] encryptedData = provider.Encrypt(plainData, true);
return Convert.ToBase64String(encryptedData);
}
 
//解密
public static string Decrypt(string privateKeyXml, string encryptedText)
{
RSACryptoServiceProvider provider = new RSACryptoServiceProvider();
provider.FromXmlString(privateKeyXml);
byte[] encryptedData = Convert.FromBase64String(encryptedText);
byte[] plainData = provider.Decrypt(encryptedData, true);
string plainText = Encoding.Default.GetString(plainData);
return plainText;
}
}

 

  数字签名

RSACryptoServiceProvider或DSACryptoServiceProvider

SignData()对摘要进行签名,并返回签名后的摘要。
VerifyData()得出本地摘要,并解密传递进来的原始摘要,对比返回bool类型结果。

 

□ 数字签名帮助类

public class RSACryptoHelper
{
public static string SignData(string plainText, string privateKeyXml)
{
RSACryptoServiceProvider provider = new RSACryptoServiceProvider();
provider.FromXmlString(privateKeyXml);
 
byte[] plainData = Encoding.Default.GetBytes(plainText);
//设置获取摘要的算法
HashAlgorithm sha1 = HashAlgorithm.Create("SHA1");
//获取签名过的摘要,是使用私匙加密过的摘要
byte[] signedDigest = provider.SignData(plainData, sha1);
return Convert.ToBase64String(signedDigest);
}
 
public static bool VerifyData(string plainText, string signature, string publicKeyXml)
{
RSACryptoServiceProvider provider = new RSACryptoServiceProvider();
provider.FromXmlString(publicKeyXml);
 
byte[] plainData = Encoding.Default.GetBytes(plainText);
byte[] signedDigest = Convert.FromBase64String(signature);
 
HashAlgorithm sha1 = HashAlgorithm.Create("SHA1");
bool isDataIntact = provider.VerifyData(plainData, sha1, signedDigest);
return isDataIntact;
}
 
//使用SingnHash
public static string SignData2(string plainText, string privateKeyXml)
{
RSACryptoServiceProvider provider = new RSACryptoServiceProvider();
provider.FromXmlString(privateKeyXml);
byte[] plainData = Encoding.Default.GetBytes(plainText);
 
//设置获取摘要的算法
HashAlgorithm sha1 = HashAlgorithm.Create("SHA1");
//获得原始摘要
byte[] digestData = sha1.ComputeHash(plainData);
//对元素摘要进行签名
byte[] signedDigest = provider.SignHash(digestData, "SHA1");
return Convert.ToBase64String(signedDigest);
}
 
//使用VerifyHash
public static bool VerifyData2(string plainText, string signedDigest, string publicKeyXml)
{
RSACryptoServiceProvider provider = new RSACryptoServiceProvider();
provider.FromXmlString(publicKeyXml);
 
byte[] plainData = Encoding.Default.GetBytes("SHA1");
byte[] signedDigestData = Convert.FromBase64String(signedDigest);
 
//获得本地摘要
HashAlgorithm sha1 = HashAlgorithm.Create("SHA1");
byte[] digest = sha1.ComputeHash(plainData);
 
//解密签名
bool isDataIntact = provider.VerifyHash(digest, "SHA1", signedDigestData);
return isDataIntact;
}
}
 

 

参考资料:

※ ,感谢写了这么好的书!   

转载地址:http://jkbfa.baihongyu.com/

你可能感兴趣的文章
linux:yum和apt-get的区别
查看>>
Sentinel 1.5.0 正式发布,引入 Reactive 支持
查看>>
数据库之MySQL
查看>>
2019/1/15 批量删除数据库相关数据
查看>>
数据类型的一些方法
查看>>
Webpack 2 中一些常见的优化措施
查看>>
移动端响应式
查看>>
js中var、let、const的区别
查看>>
简洁优雅地实现夜间模式
查看>>
react学习总结
查看>>
在soapui上踩过的坑
查看>>
MySQL的字符集和字符编码笔记
查看>>
ntpd同步时间
查看>>
must implement java.io.Serializable hessian
查看>>
Microsoft Licenses Flash Lite for Windows Mobile Users
查看>>
HDOJ 2020 绝对值排序
查看>>
HDOJ/HDU 2560 Buildings(嗯~水题)
查看>>
Maven编译时跳过Test
查看>>
Spring Boot 整合Spring Security 和Swagger2 遇到的问题小结
查看>>
[20170628]12C ORA-54032.txt
查看>>