c# encrypt

2004-11-18 14:26:00 xietangz 阅读数 716
 

给大家一个新的加密方法,C#的
using System;

/* The reason that i am using interface is that, in several
* weeks i will use a bitwise operator for have encryption and decryption
* */
public interface IBindesh
{
string encode(string str);
string decode(string str);
}

namespace EncryptionDecryption
{
/// <summary>
/// Summary description for EncryptionDecryption.
/// </summary>
public class EncryptionDecryption : IBindesh
{
public string encode(string str)
{
string htext = ""; // blank text

for ( int i = 0; i < str.Length; i++)
{
htext = htext + (char) (str[i] + 10 - 1 * 2);
}
return htext;
}

public string decode(string str)
{
string dtext = "";

for ( int i=0; i < str.Length; i++)
{
dtext = dtext + (char) (str[i] - 10 + 1*2);
}
return dtext;
}
}
}
====================================


2019-07-22 03:46:18 weixin_30663391 阅读数 474

 

using System;
using System.Security.Cryptography;
using System.Text;

namespace AttendService
{
    public static class DESEncrypt
    {
        #region ========加密========

        private static string txtKey = "PatrickpanP=";
        private static string txtIV = "LiuJineagel=";

         /// <summary>
        /// 加密数据
        /// </summary>
        /// <param name="Text"></param>
        /// <param name="sKey"></param>
        /// <returns></returns>
        public static string Encrypt(string Text)
        {
            DESCryptoServiceProvider des = new DESCryptoServiceProvider();
            byte[] inputByteArray;
            inputByteArray = Encoding.Default.GetBytes(Text);
            //des.Key = ASCIIEncoding.ASCII.GetBytes(System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8));
            //des.IV = ASCIIEncoding.ASCII.GetBytes(System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8));
            des.Key = Convert.FromBase64String(txtKey);
            des.IV = Convert.FromBase64String(txtIV);
            System.IO.MemoryStream ms = new System.IO.MemoryStream();
            CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(), CryptoStreamMode.Write);
            cs.Write(inputByteArray, 0, inputByteArray.Length);
            cs.FlushFinalBlock();
            StringBuilder ret = new StringBuilder();
            foreach (byte b in ms.ToArray())
            {
                ret.AppendFormat("{0:X2}", b);
            }
            return ret.ToString();
        }

        #endregion

        #region ========解密========


        /// <summary>
        /// 解密数据
        /// </summary>
        /// <param name="Text"></param>
        /// <param name="sKey"></param>
        /// <returns></returns>
        public static string Decrypt(string Text)
        {
            DESCryptoServiceProvider des = new DESCryptoServiceProvider();
            int len;
            len = Text.Length / 2;
            byte[] inputByteArray = new byte[len];
            int x, i;
            for (x = 0; x < len; x++)
            {
                i = Convert.ToInt32(Text.Substring(x * 2, 2), 16);
                inputByteArray[x] = (byte)i;
            }
            //des.Key = ASCIIEncoding.ASCII.GetBytes(System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8));
            //des.IV = ASCIIEncoding.ASCII.GetBytes(System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8));
            des.Key = Convert.FromBase64String(txtKey);
            des.IV = Convert.FromBase64String(txtIV);
            System.IO.MemoryStream ms = new System.IO.MemoryStream();
            CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(), CryptoStreamMode.Write);
            cs.Write(inputByteArray, 0, inputByteArray.Length);
            cs.FlushFinalBlock();
            return Encoding.Default.GetString(ms.ToArray());
        }

        #endregion
    }
}

  

转载于:https://www.cnblogs.com/yjung/p/5672405.html

2016-12-05 14:57:00 anjiaozhang4216 阅读数 285
using System;
using System.Security.Cryptography;  
using System.Text;
namespace DotNet.Utilities
{
  /// <summary>
  /// DES加密/解密类。
  /// </summary>
  public class DESEncrypt
  {
    public DESEncrypt()
    {      
    }
 
    #region ========加密======== 
  
        /// <summary>
        /// 加密
        /// </summary>
        /// <param name="Text"></param>
        /// <returns></returns>
    public static string Encrypt(string Text) 
    {
      return Encrypt(Text,"MATICSOFT");
    }
    /// <summary> 
    /// 加密数据 
    /// </summary> 
    /// <param name="Text"></param> 
    /// <param name="sKey"></param> 
    /// <returns></returns> 
    public static string Encrypt(string Text,string sKey) 
    { 
      DESCryptoServiceProvider des = new DESCryptoServiceProvider(); 
      byte[] inputByteArray; 
      inputByteArray=Encoding.Default.GetBytes(Text); 
      des.Key = ASCIIEncoding.ASCII.GetBytes(System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8)); 
      des.IV = ASCIIEncoding.ASCII.GetBytes(System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8)); 
      System.IO.MemoryStream ms=new System.IO.MemoryStream(); 
      CryptoStream cs=new CryptoStream(ms,des.CreateEncryptor(),CryptoStreamMode.Write); 
      cs.Write(inputByteArray,0,inputByteArray.Length); 
      cs.FlushFinalBlock(); 
      StringBuilder ret=new StringBuilder(); 
      foreach( byte b in ms.ToArray()) 
      { 
        ret.AppendFormat("{0:X2}",b); 
      } 
      return ret.ToString(); 
    } 
 
    #endregion
     
    #region ========解密======== 
    
  
        /// <summary>
        /// 解密
        /// </summary>
        /// <param name="Text"></param>
        /// <returns></returns>
    public static string Decrypt(string Text) 
    {
      return Decrypt(Text,"MATICSOFT");
    }
    /// <summary> 
    /// 解密数据 
    /// </summary> 
    /// <param name="Text"></param> 
    /// <param name="sKey"></param> 
    /// <returns></returns> 
    public static string Decrypt(string Text,string sKey) 
    { 
      DESCryptoServiceProvider des = new DESCryptoServiceProvider(); 
      int len; 
      len=Text.Length/2; 
      byte[] inputByteArray = new byte[len]; 
      int x,i; 
      for(x=0;x<len;x++) 
      { 
        i = Convert.ToInt32(Text.Substring(x * 2, 2), 16); 
        inputByteArray[x]=(byte)i; 
      } 
      des.Key = ASCIIEncoding.ASCII.GetBytes(System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8)); 
      des.IV = ASCIIEncoding.ASCII.GetBytes(System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8)); 
      System.IO.MemoryStream ms=new System.IO.MemoryStream(); 
      CryptoStream cs=new CryptoStream(ms,des.CreateDecryptor(),CryptoStreamMode.Write); 
      cs.Write(inputByteArray,0,inputByteArray.Length); 
      cs.FlushFinalBlock(); 
      return Encoding.Default.GetString(ms.ToArray()); 
    } 
  
    #endregion 
 
 
  }
}

转载于:https://www.cnblogs.com/liubeibei/p/6133959.html

2018-06-11 21:20:47 qq_32688731 阅读数 13034

一、AES加密算法

   AES算法基于排列和置换运算。排列是对数据重新进行安排,置换是将一个数据单元替换为另一个。AES 使用几种不同的方法来执行排列和置换运算。 
   AES是一个迭代的、对称密钥分组的密码,它可以使用128、192 和 256 位密钥,并且用 128 位(16字节)分组加密和解密数据。与公共密钥密码使用密钥对不同,对称密钥密码使用相同的密钥加密和解密数据。通过分组密码返回的加密数据的位数与输入数据相同。迭代加密使用一个循环结构,在该循环中重复置换和替换输入数据。 摘自:互动百科

       几种模式的优缺点对比:

C#代码:

using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.Cryptography;
using System.Text;

namespace PwdDemo
{
    public class AESHelper
    {
        /// <summary>
        ///  AES 加密
        /// </summary>
        /// <param name="str">明文(待加密)</param>
        /// <param name="key">密文</param>
        /// <returns></returns>
        public string AesEncrypt(string str, string key)
        {
            if (string.IsNullOrEmpty(str)) return null;
            Byte[] toEncryptArray = Encoding.UTF8.GetBytes(str);

            RijndaelManaged rm = new RijndaelManaged
            {
                Key = Encoding.UTF8.GetBytes(key),
                Mode = CipherMode.ECB,
                Padding = PaddingMode.PKCS7
            };

            ICryptoTransform cTransform = rm.CreateEncryptor();
            Byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);
            return Convert.ToBase64String(resultArray);
        }

        /// <summary>
        ///  AES 解密
        /// </summary>
        /// <param name="str">明文(待解密)</param>
        /// <param name="key">密文</param>
        /// <returns></returns>
        public string AesDecrypt(string str, string key)
        {
            if (string.IsNullOrEmpty(str)) return null;
            Byte[] toEncryptArray = Convert.FromBase64String(str);

            RijndaelManaged rm = new RijndaelManaged
            {
                Key = Encoding.UTF8.GetBytes(key),
                Mode = CipherMode.ECB,
                Padding = PaddingMode.PKCS7
            };

            ICryptoTransform cTransform = rm.CreateDecryptor();
            Byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);

            return Encoding.UTF8.GetString(resultArray);
        }
    }
}

二、DES加密算法

        DES设计中使用了分组密码设计的两个原则:混淆(confusion)和扩散(diffusion),其目的是抗击敌手对密码系统的统计分析。混淆是使密文的统计特性与密钥的取值之间的关系尽可能复杂化,以使密钥和明文以及密文之间的依赖性对密码分析者来说是无法利用的。扩散的作用就是将每一位明文的影响尽可能迅速地作用到较多的输出密文位中,以便在大量的密文中消除明文的统计结构,并且使每一位密钥的影响尽可能迅速地扩展到较多的密文位中,以防对密钥进行逐段破译。

C#代码:

using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.Cryptography;
using System.Text;

namespace PwdDemo
{
    public class DESHelper
    {
        //密钥
        public static byte[] _KEY  = new byte[] { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 };
        //向量
        public static byte[] _IV = new byte[] { 0x08, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01 };   

        /// <summary>
        /// DES加密操作
        /// </summary>
        /// <param name="normalTxt"></param>
        /// <returns></returns>
        public string DesEncrypt(string normalTxt)
        {
            //byte[] byKey = System.Text.ASCIIEncoding.ASCII.GetBytes(_KEY);
            //byte[] byIV = System.Text.ASCIIEncoding.ASCII.GetBytes(_IV);
            
            DESCryptoServiceProvider cryptoProvider = new DESCryptoServiceProvider();
            int i = cryptoProvider.KeySize;
            MemoryStream ms = new MemoryStream();
            CryptoStream cst = new CryptoStream(ms, cryptoProvider.CreateEncryptor(_KEY, _IV), CryptoStreamMode.Write);

            StreamWriter sw = new StreamWriter(cst);
            sw.Write(normalTxt);
            sw.Flush();
            cst.FlushFinalBlock();
            sw.Flush();

            string strRet = Convert.ToBase64String(ms.GetBuffer(), 0, (int)ms.Length);
            return strRet;
        }

        /// <summary>
        /// DES解密操作
        /// </summary>
        /// <param name="securityTxt">加密字符串</param>
        /// <returns></returns>
        public string DesDecrypt(string securityTxt)//解密  
        {
            //byte[] byKey = System.Text.ASCIIEncoding.ASCII.GetBytes(_KEY);
            //byte[] byIV = System.Text.ASCIIEncoding.ASCII.GetBytes(_IV);
            byte[] byEnc;
            try
            {
                securityTxt.Replace("_%_", "/");
                securityTxt.Replace("-%-", "#");
                byEnc = Convert.FromBase64String(securityTxt);
            }
            catch
            {
                return null;
            }
            DESCryptoServiceProvider cryptoProvider = new DESCryptoServiceProvider();
            MemoryStream ms = new MemoryStream(byEnc);
            CryptoStream cst = new CryptoStream(ms, cryptoProvider.CreateDecryptor(_KEY, _IV), CryptoStreamMode.Read);
            StreamReader sr = new StreamReader(cst);
            return sr.ReadToEnd();
        }
    }
}

 

三、RSA加密算法

        RSA是第一个能同时用于加密和数字签名的算法,也易于理解和操作。RSA是被研究得最广泛的公钥算法,从提出到现在已近二十年,经历了各种攻击的考验,逐渐为人们接受,普遍认为是目前最优秀的公钥方案之一。

C#代码:

using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.Cryptography;
using System.Text;

namespace PwdDemo
{
   public class RSAHelper
    {
        private const int RsaKeySize = 2048;
        private const string publicKeyFileName = "RSA.Pub";
        private const string privateKeyFileName = "RSA.Private";

        /// <summary>
        ///在给定路径中生成XML格式的私钥和公钥。
        /// </summary>
        public void GenerateKeys(string path)
        {
            using (var rsa = new RSACryptoServiceProvider(RsaKeySize))
            {
                try
                {
                    // 获取私钥和公钥。
                    var publicKey = rsa.ToXmlString(false);
                    var privateKey = rsa.ToXmlString(true);

                    // 保存到磁盘
                    File.WriteAllText(Path.Combine(path, publicKeyFileName), publicKey);
                    File.WriteAllText(Path.Combine(path, privateKeyFileName), privateKey);

                    //Console.WriteLine(string.Format("生成的RSA密钥的路径: {0}\\ [{1}, {2}]", path, publicKeyFileName, privateKeyFileName));
                }
                finally
                {
                    rsa.PersistKeyInCsp = false;
                }
            }
        }

        /// <summary>
        /// 用给定路径的RSA公钥文件加密纯文本。
        /// </summary>
        /// <param name="plainText">要加密的文本</param>
        /// <param name="pathToPublicKey">用于加密的公钥路径.</param>
        /// <returns>表示加密数据的64位编码字符串.</returns>
        public string Encrypt(string plainText, string pathToPublicKey)
        {
            using (var rsa = new RSACryptoServiceProvider(RsaKeySize))
            {
                try
                {
                    //加载公钥
                    var publicXmlKey = File.ReadAllText(pathToPublicKey);
                    rsa.FromXmlString(publicXmlKey);

                    var bytesToEncrypt = System.Text.Encoding.Unicode.GetBytes(plainText);

                    var bytesEncrypted = rsa.Encrypt(bytesToEncrypt, false);

                    return Convert.ToBase64String(bytesEncrypted);
                }
                finally
                {
                    rsa.PersistKeyInCsp = false;
                }
            }
        }

        /// <summary>
        /// Decrypts encrypted text given a RSA private key file path.给定路径的RSA私钥文件解密 加密文本
        /// </summary>
        /// <param name="encryptedText">加密的密文</param>
        /// <param name="pathToPrivateKey">用于加密的私钥路径.</param>
        /// <returns>未加密数据的字符串</returns>
        public string Decrypt(string encryptedText, string pathToPrivateKey)
        {
            using (var rsa = new RSACryptoServiceProvider(RsaKeySize))
            {
                try
                {
                    var privateXmlKey = File.ReadAllText(pathToPrivateKey);
                    rsa.FromXmlString(privateXmlKey);

                    var bytesEncrypted = Convert.FromBase64String(encryptedText);

                    var bytesPlainText = rsa.Decrypt(bytesEncrypted, false);

                    return System.Text.Encoding.Unicode.GetString(bytesPlainText);
                }
                finally
                {
                    rsa.PersistKeyInCsp = false;
                }
            }
        }
    }
}

四、SHA加密算法

        SHA,全称SecureHashAlgorithm,是一种数据加密算法,该算法的思想是接收一段明文,然后以一种不可逆的方式将它转换成一段(通常更小)密文,也可以简单的理解为取一串输入码(称为预映射或信息),并把它们转化为长度较短、位数固定的输出序列即散列值(也称为信息摘要或信息认证代码)的过程。

C#代码:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Cryptography;
using System.Text;

namespace PwdDemo
{
    public class SHAHelper
    {
        public string SHAmd5Encrypt(string normalTxt)
        {
            var bytes = Encoding.Default.GetBytes(normalTxt);//求Byte[]数组  
            var Md5 = new MD5CryptoServiceProvider();
            var encryptbytes = Md5.ComputeHash(bytes);//求哈希值  
            return Base64To16(encryptbytes);//将Byte[]数组转为净荷明文(其实就是字符串)  
        }

        public string SHA1Encrypt(string normalTxt)
        {
            var bytes = Encoding.Default.GetBytes(normalTxt);
            var SHA = new SHA1CryptoServiceProvider();
            var encryptbytes = SHA.ComputeHash(bytes);
            return Base64To16(encryptbytes);
        }
        public string SHA256Encrypt(string normalTxt)
        {
            var bytes = Encoding.Default.GetBytes(normalTxt);
            var SHA256 = new SHA256CryptoServiceProvider();
            var encryptbytes = SHA256.ComputeHash(bytes);
            return Base64To16(encryptbytes);
        }
        public string SHA384Encrypt(string normalTxt)
        {
            var bytes = Encoding.Default.GetBytes(normalTxt);
            var SHA384 = new SHA384CryptoServiceProvider();
            var encryptbytes = SHA384.ComputeHash(bytes);
            return Base64To16(encryptbytes);
        }
        public string SHA512Encrypt(string normalTxt)
        {
            var bytes = Encoding.Default.GetBytes(normalTxt);
            var SHA512 = new SHA512CryptoServiceProvider();
            var encryptbytes = SHA512.ComputeHash(bytes);
            return Base64To16(encryptbytes);
        }


        private string Base64To16(byte[] buffer)
        {
            string md_str = string.Empty;
            for (int i = 0; i < buffer.Length; i++)
            {
                md_str += buffer[i].ToString("x2");
            }
            return md_str;
        }
    }
}

以上内容大部分摘自网络,代码根据网上的改的,简单测试过。

2020-01-09 16:07:43 LongtengGensSupreme 阅读数 98

C#数据Encrypt加密Encrypt解密的算法使用

C#数据Encrypt加密Encrypt解密的算法使用,如下图所示的加密和解密的方式

 

该框架还为在System.Security.Cryptography.Xml中创建和验证基于xml的签名以及在System.Security.Cryptography.X509Certificates中使用数字证书的类型提供了更专门的支持

 

 1、Windows Data Protection 数据保护

File.WriteAllText ("myfile.txt", "");
File.Encrypt ("myfile.txt");
File.AppendAllText ("myfile.txt", "sensitive data");
ProtectedData API通过ProtectedData 类-提供了两个静态方法:
public static byte[] Protect (byte[] userData, byte[] optionalEntropy,DataProtectionScope scope);

public static byte[] Unprotect (byte[] encryptedData, byte[] optionalEntropy,DataProtectionScope scope);

很多在的System.Security.Cryptography类都存在mscorlib.dll and System.dll之中,但是ProtectedData 是一个例外,它存在System.Security.dll.

下面是一个加密和解密:

byte[] original = {1, 2, 3, 4, 5};
DataProtectionScope scope = DataProtectionScope.CurrentUser;
byte[] encrypted = ProtectedData.Protect (original, null, scope);
byte[] decrypted = ProtectedData.Unprotect (encrypted, null, scope);
// decrypted is now {1, 2, 3, 4, 5}

2、Hashing 哈希算法

哈希算法主要是使用HashAlgorithm 哈希算法中的ComputeHash 例如 :SHA256 和 MD5 :

哈希可以对数据流stream加密(严格意义上来说,其实md5应用更多的是对文件的完整性的校验,主要是判断文件是都被修改或者损坏等)

byte[] hash;
using (Stream fs = File.OpenRead ("checkme.doc"))
hash = MD5.Create().ComputeHash (fs); // hash is 16 bytes long

或者字节数组

byte[] data = System.Text.Encoding.UTF8.GetBytes ("stRhong%pword");
byte[] hash = SHA256.Create().ComputeHash (data);

3、Symmetric Encryption 对称加密解密

对称加密使用与解密相同的密钥,.NET Framework框架提供了四种对称算法,Rijndael是其中的佼佼者(发音为“Rhine Dahl”或“Rain Doll”)。Rijndael既快速又安全,

•从.NET Framework框架1.0开始就可用Rijndael类

•在框架3.5中引入Aes类

除了Aes不允许您通过更改块大小来削弱密码之外,这两者几乎是相同的。Aes是由CLR的安全团队推荐的。Rijndael和Aes允许长度为16、24或32字节的对称密钥:目前都认为是安全的。

下面是如何使用一个16字节的的密钥加密的一系列字节,并把他们写入文件:

加密

 

byte[] key = {145,12,32,245,98,132,98,214,6,77,131,44,221,3,9,50}; 
byte[] iv = {15,122,132,5,93,198,44,31,9,39,241,49,250,188,80,7}; 
byte[] data = { 1, 2, 3, 4, 5 }; // This is what we're encrypting.
using (SymmetricAlgorithm algorithm = Aes.Create())
 using (ICryptoTransform encryptor = algorithm.CreateEncryptor (key, iv)) 
  using (Stream f = File.Create ("encrypted.bin"))
   using (Stream c = new CryptoStream (f, encryptor, CryptoStreamMode.Write))
     c.Write (data, 0, data.Length);

解密

byte[] key = {145,12,32,245,98,132,98,214,6,77,131,44,221,3,9,50};
byte[] iv = {15,122,132,5,93,198,44,31,9,39,241,49,250,188,80,7};
byte[] decrypted = new byte[5];
using (SymmetricAlgorithm algorithm = Aes.Create())
using (ICryptoTransform decryptor = algorithm.CreateDecryptor (key, iv))
using (Stream f = File.OpenRead ("encrypted.bin"))
using (Stream c = new CryptoStream (f, decryptor, CryptoStreamMode.Read))
for (int b; (b = c.ReadByte()) > −1;)
Console.Write (b + " "); // 1 2 3 4 5

 

C#数据加密解密的key和iv

也可以使用System.Cryptography的RandomNumberGenerator 来产生上面的 key 和 iv,

byte[] key = new byte [16];
byte[] iv = new byte [16];
RandomNumberGenerator rand = RandomNumberGenerator.Create();
rand.GetBytes (key);
rand.GetBytes (iv);

System.Cryptography的RandomNumberGenerator 它产生的数字确实是不可预测的,或者是复杂加密的( 而 System.Random随机类无法保证提供相同的功能)。

 

4、Encrypting in Memory 在内存中的加密解密

加密和解密

public static byte[] Encrypt (byte[] data, byte[] key, byte[] iv)
{
using (Aes algorithm = Aes.Create())
using (ICryptoTransform encryptor = algorithm.CreateEncryptor (key, iv))
return Crypt (data, encryptor);
}
public static byte[] Decrypt (byte[] data, byte[] key, byte[] iv)
{
using (Aes algorithm = Aes.Create())
using (ICryptoTransform decryptor = algorithm.CreateDecryptor (key, iv))
return Crypt (data, decryptor);
}
static byte[] Crypt (byte[] data, ICryptoTransform cryptor)
{
MemoryStream m = new MemoryStream();
using (Stream c = new CryptoStream (m, cryptor, CryptoStreamMode.Write))
c.Write (data, 0, data.Length);
return m.ToArray();
}

下面时调用上面的加密和解密

public static string Encrypt (string data, byte[] key, byte[] iv)
{
return Convert.ToBase64String (Encrypt (Encoding.UTF8.GetBytes (data), key, iv));
}
public static string Decrypt (string data, byte[] key, byte[] iv)
{
return Encoding.UTF8.GetString (Decrypt (Convert.FromBase64String (data), key, iv));
}
byte[] kiv = new byte[16];
RandomNumberGenerator.Create().GetBytes (kiv);
string encrypted = Encrypt ("Yeah!", kiv, kiv);
Console.WriteLine (encrypted); // R1/5gYvcxyR2vzPjnT7yaQ==
string decrypted = Decrypt (encrypted, kiv, kiv);
Console.WriteLine (decrypted); // Yeah!

 

5、Chaining Encryption Streams 链式加密流

key和iv可以使用上述的RandomNumberGenerator来产生,也可以使用默认的

// Use default key/iv for demo.
using (Aes algorithm = Aes.Create())
{
using (ICryptoTransform encryptor = algorithm.CreateEncryptor())
using (Stream f = File.Create ("serious.bin"))
using (Stream c = new CryptoStream (f,encryptor,CryptoStreamMode.Write))
using (Stream d = new DeflateStream (c, CompressionMode.Compress))
using (StreamWriter w = new StreamWriter (d))
await w.WriteLineAsync ("Small and secure!");
using (ICryptoTransform decryptor = algorithm.CreateDecryptor())
using (Stream f = File.OpenRead ("serious.bin"))
using (Stream c = new CryptoStream (f, decryptor, CryptoStreamMode.Read))
using (Stream d = new DeflateStream (c, CompressionMode.Decompress))
using (StreamReader r = new StreamReader (d))
Console.WriteLine (await r.ReadLineAsync()); // Small and secure!
}

链式流加密和压缩的过程如下图所示:

 

 

 

上面的方法可以收用一句嵌套的语法来写

using (ICryptoTransform encryptor = algorithm.CreateEncryptor())
using(StreamWriter w = new StreamWriter 
(new DeflateStream 
(new CryptoStream 
(File.Create ("serious.bin"),
encryptor,
CryptoStreamMode.Write),
CompressionMode.Compress)))

6、Public Key Encryption and Signing  非对称加密解密

6.1 RSA Class

使用默认的公钥和私钥

byte[] data = { 1, 2, 3, 4, 5 }; // This is what we're encrypting.
using (var rsa = new RSACryptoServiceProvider())
{
byte[] encrypted = rsa.Encrypt (data, true);
byte[] decrypted = rsa.Decrypt (encrypted, true);
}

使用自动产生的公钥和私钥,方法ImportCspBlob和ExportCspBlob以字节数组格式加载和保存公钥和私钥。FromXmlString和ToXmlString以字符串格式(包含XML片段的字符串)加载和保存公钥和私钥。方法中的bool标志允许您在保存时指示是否包含私钥。

下面是如何制造一个密钥对,并将其保存到磁盘指定文件:

public static void TestEncryptgrapg()
        {

            //byte[] data = { 1, 2, 3, 4, 5 }; // This is what we're encrypting.
            //using (var rsa = new RSACryptoServiceProvider())
            //{
            //    byte[] encrypted = rsa.Encrypt(data, true);
            //    byte[] decrypted = rsa.Decrypt(encrypted, true);
            //}

            using var rsa = new RSACryptoServiceProvider();
            File.WriteAllText("PublicKeyOnly.xml", rsa.ToXmlString(false));
            File.WriteAllText("PublicPrivate.xml", rsa.ToXmlString(true));

            byte[] data = Encoding.UTF8.GetBytes("Message to encrypt");
            string publicKeyOnly = File.ReadAllText("PublicKeyOnly.xml");
            string publicPrivate = File.ReadAllText("PublicPrivate.xml");
            byte[] encrypted, decrypted;
            using (var rsaPublicOnly = new RSACryptoServiceProvider())
            {
                rsaPublicOnly.FromXmlString(publicKeyOnly);
                encrypted = rsaPublicOnly.Encrypt(data, true);
                // 下面的这解密就会报错,因为需要私钥解密
                // decrypted = rsaPublicOnly.Decrypt (encrypted, true);
            }
            using (var rsaPublicPrivate = new RSACryptoServiceProvider())
            {
                // With the private key we can successfully decrypt:
                rsaPublicPrivate.FromXmlString(publicPrivate);
                decrypted = rsaPublicPrivate.Encrypt(encrypted, true);
                string ss = Encoding.UTF8.GetString(decrypted);
            }
        }

 

6.2 Digital Signing数字签名

公钥算法也可用于对消息或文档进行数字签名。签名类似于散列,只是它的产生需要私钥,因此不能伪造。公钥用于验证签名。这里有一个例子:

byte[] data = Encoding.UTF8.GetBytes ("Message to sign");
byte[] publicKey;
byte[] signature;
object hasher = SHA1.Create(); // Our chosen hashing algorithm.
// Generate a new key pair, then sign the data with it:
using (var publicPrivate = new RSACryptoServiceProvider())
{
signature = publicPrivate.SignData (data, hasher);
publicKey = publicPrivate.ExportCspBlob (false); // get public key
}
// Create a fresh RSA using just the public key, then test the signature.
using (var publicOnly = new RSACryptoServiceProvider())
{
publicOnly.ImportCspBlob (publicKey);
Console.Write (publicOnly.VerifyData (data, hasher, signature)); // True
// Let's now tamper with the data, and recheck the signature:
data[0] = 0;
Console.Write (publicOnly.VerifyData (data, hasher, signature)); // False
// The following throws an exception as we're lacking a private key:
signature = publicOnly.SignData (data, hasher);
}

签名首先对数据进行散列,然后将非对称算法应用于结果散列。由于散列具有较小的固定大小,因此可以相对快速地对大型文档进行签名(公钥加密比散列更加cpu密集型)。如果需要,可以自己进行哈希,然后调用SignHash而不是SignData

using (var rsa = new RSACryptoServiceProvider())
{
byte[] hash = SHA1.Create().ComputeHash (data);
signature = rsa.SignHash (hash, CryptoConfig.MapNameToOID ("SHA1"));
...
}

简单的说就是 signature = publicPrivate.SignData(data, hasher);这一句换成下面两句

byte[] hash = SHA1.Create().ComputeHash(data);

signature = publicPrivate.SignHash(hash, CryptoConfig.MapNameToOID("SHA1"));

与SignData不同的是SignHash仍然需要知道您使用的散列算法;CryptoConfig.MapNameToOID通过友好的名称(如“SHA1”)以正确的格式提供此信息。

RSACryptoServiceProvider生成与密钥大小匹配的签名。目前,主流算法生成的安全签名明显小于128字节(例如,适合产品激活码)。

要使签名有效,接收方必须知道并信任发送方的公钥。这可以通过预先通信、预配置或站点证书实现。站点证书是由独立的可信权威机构签署的发起者的公钥和名称本身的电子记录。名称空间System.Security.Cryptography.X509Certificates定义了使用证书的类型。

 

对称算法使用---RSACryptoServiceProvider   Asymmetric algorithms--Encrypt Encrypt

C#数据Encrypt加密Encrypt解密的相关算法可以参考System.Security.Cryptography,这个类库中包含MD5,SHA1,SHA256,SHA384,SHA512

MD5 and SHA256 are two of the HashAlgorithm subtypes provided by the .NET Framework. Here are all the major algorithms, in ascending order of security (and hash
length, in bytes):
MD5(16) → SHA1(20) → SHA256(32) → SHA384(48) → SHA512(64)
The shorter the algorithm, the faster it executes. MD5 is more than 20 times faster than SHA512 and is well suited to calculating file checksums. You can hash hundreds
of megabytes per second with MD5 , and then store its result in a Guid . (A Guid happens to be exactly 16 bytes long, and as a value type it is more tractable than a byte array;
you can meaningfully compare Guid s with the simple equality operator, for instance.)
However, shorter hashes increase the possibility of collision (two distinct files yielding the same hash).
Use at least SHA256 when hashing passwords or other securitysensitive data. MD5 and SHA1 are considered insecure for this
purpose, and are suitable to protect only against accidental corruption, not deliberate tampering.
SHA384 is no faster than SHA512 , so if you want more security than SHA256 , you may as well use SHA512

 

引用using System.Security.Cryptography;

代码如下:

static void Main(string[] args)
        {
            log4net.Config.XmlConfigurator.Configure();
            Log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
            TestDigitalSigning();

            //TestEncryptgraph();
            TestDigitalSigning();
            Console.ReadLine();
        }

        public static void TestDigitalSigning()
        {

            //byte[] data = Encoding.UTF8.GetBytes("Message to sign");
            //byte[] publicKey;
            //byte[] signature;
            //object hasher = SHA1.Create(); // Our chosen hashing algorithm.
            //// Generate a new key pair, then sign the data with it:
            //using (var publicPrivate = new RSACryptoServiceProvider())
            //{
            //    signature = publicPrivate.SignData(data, hasher);
            //    publicKey = publicPrivate.ExportCspBlob(false); // get public key
            //}
            //// Create a fresh RSA using just the public key, then test the signature.
            //using (var publicOnly = new RSACryptoServiceProvider())
            //{
            //    publicOnly.ImportCspBlob(publicKey);
            //    Console.Write(publicOnly.VerifyData(data, hasher, signature)); // True
            //    string ss = Encoding.UTF8.GetString(data);
            //    WriteLog(ss);

            //    // Let's now tamper with the data, and recheck the signature:
            //    data[0] = 0;
            //    Console.Write(publicOnly.VerifyData(data, hasher, signature)); // False
            //    // The following throws an exception as we're lacking a private key:
            //    signature = publicOnly.SignData(data, hasher);
            //}

            byte[] data = Encoding.UTF8.GetBytes("Message to sign");
            byte[] publicKey;
            byte[] signature;
            object hasher = SHA1.Create(); // Our chosen hashing algorithm.
            // Generate a new key pair, then sign the data with it:
            using (var publicPrivate = new RSACryptoServiceProvider())
            {
                //signature = publicPrivate.SignData(data, hasher);
                byte[] hash = SHA1.Create().ComputeHash(data);
                signature = publicPrivate.SignHash(hash, CryptoConfig.MapNameToOID("SHA1"));
                publicKey = publicPrivate.ExportCspBlob(false); // get public key
            }
           
            // Create a fresh RSA using just the public key, then test the signature.
            using (var publicOnly = new RSACryptoServiceProvider())
            {
                publicOnly.ImportCspBlob(publicKey);
                Console.Write(publicOnly.VerifyData(data, hasher, signature)); // True
                string ss = Encoding.UTF8.GetString(data);
                WriteLog(ss);

                // Let's now tamper with the data, and recheck the signature:
                data[0] = 0;
                Console.Write(publicOnly.VerifyData(data, hasher, signature)); // False
                // The following throws an exception as we're lacking a private key:
                signature = publicOnly.SignData(data, hasher);
            }

        }

        public static void TestEncryptgraph()
        {

            //byte[] data = { 1, 2, 3, 4, 5 }; // This is what we're encrypting.
            //using (var rsa = new RSACryptoServiceProvider())
            //{
            //    byte[] encrypted = rsa.Encrypt(data, true);
            //    byte[] decrypted = rsa.Decrypt(encrypted, true);
            //}

            using var rsa = new RSACryptoServiceProvider();
            File.WriteAllText("PublicKeyOnly.xml", rsa.ToXmlString(false));
            File.WriteAllText("PublicPrivate.xml", rsa.ToXmlString(true));

            byte[] data = Encoding.UTF8.GetBytes("Message to encrypt");
            string publicKeyOnly = File.ReadAllText("PublicKeyOnly.xml");
            string publicPrivate = File.ReadAllText("PublicPrivate.xml");
            byte[] encrypted, decrypted;
            using (var rsaPublicOnly = new RSACryptoServiceProvider())
            {
                rsaPublicOnly.FromXmlString(publicKeyOnly);
                encrypted = rsaPublicOnly.Encrypt(data, true);
                // 下面的这解密就会报错,因为需要私钥解密
                // decrypted = rsaPublicOnly.Decrypt (encrypted, true);
            }
            using (var rsaPublicPrivate = new RSACryptoServiceProvider())
            {
                // With the private key we can successfully decrypt:
                rsaPublicPrivate.FromXmlString(publicPrivate);
                decrypted = rsaPublicPrivate.Encrypt(encrypted, true);
                string ss = Encoding.UTF8.GetString(decrypted);
                Console.ForegroundColor = color;
                Console.WriteLine($"输出信息:回的数据是:{ss}");
            }
        }