[ASP.NET]AES加解密
Memo一下,這東西以後應該也會很容易用的到。
(感謝同事Jeff哥的指導與分享)
using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;
namespace Core.Utility
{
public class Encrypt
{
private static string superKey = "your key";
private static string vectoryString = "your vector string";
private static RijndaelManaged rijndael = new RijndaelManaged();
private static byte[] key;
private static byte[] iv;
private static void InitialKeyAndIV()
{
key = new byte[32];
Array.Copy(Encoding.UTF8.GetBytes(superKey), key, 32);
iv = new byte[16];
Array.Copy(Encoding.UTF8.GetBytes(vectoryString), key, 16);
}
public static string EncryptInforamtion(string dataString)
{
UTF32Encoding utf32Encoding = new UTF32Encoding();
if (key == null || iv == null)
{
InitialKeyAndIV();
}
Byte[] returnVal = AESEncrypt(utf32Encoding.GetBytes(dataString), rijndael.CreateEncryptor(key, iv));
return Convert.ToBase64String(returnVal);
}
public static string DecryptInformation(string dataString)
{
UTF32Encoding utf32Encoding = new UTF32Encoding();
if (key == null || iv == null)
{
InitialKeyAndIV();
}
Byte[] returnVal = AESDencrypt(Convert.FromBase64String(dataString), rijndael.CreateDecryptor(key, iv));
//因為加解密會對byte[]做填充,所以解完密後要去掉。
return utf32Encoding.GetString(returnVal).Replace("\0", "");
}
/// <summary>
/// AES 加密
/// </summary>
/// <param name="input"></param>
/// <param name="encryptor"></param>
/// <returns></returns>
private static byte[] AESEncrypt(byte[] input, ICryptoTransform encryptor)
{
//Encrypt the data.
MemoryStream msEncrypt = new MemoryStream();
CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write);
//Write all data to the crypto stream and flush it.
csEncrypt.Write(input, 0, input.Length);
csEncrypt.FlushFinalBlock();
//Get encrypted array of bytes.
return msEncrypt.ToArray();
}
/// <summary>
/// AES 解密
/// </summary>
/// <param name="input"></param>
/// <param name="decryptor"></param>
/// <returns></returns>
private static byte[] AESDencrypt(byte[] input, ICryptoTransform decryptor)
{
//Now decrypt the previously encrypted message using the decryptor
// obtained in the above step.
MemoryStream msDecrypt = new MemoryStream(input);
CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read);
byte[] fromEncrypt = new byte[input.Length];
//Read the data out of the crypto stream.
csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);
return fromEncrypt;
}
}
}SuperKey的部分可以考慮使用hash後的值
例如:
//密碼轉譯一定都是用byte[] 所以把string都換成byte[]
byte[] byte_pwd = Encoding.UTF8.GetBytes(string_pwd);
//加解密函數的key通常都會有固定的長度 而使用者輸入的key長度不定 因此用hash過後的值當做key
MD5CryptoServiceProvider provider_MD5 = new MD5CryptoServiceProvider();
byte[] byte_pwdMD5 = provider_MD5.ComputeHash(byte_pwd);
最後的byte_pwdMD5就可以拿來當Key。
可以拿來當作加解密connectionStrings跟敏感性資料存取DB的加解密演算法…
歡迎各位資安界的前輩和有經驗的前輩給予指導…因為小的這方面的經驗也不夠多,不知道有沒什麼地方要注意的漏掉了…
相關範例網站:
- http://samples.dart.com/cryptdecrypt/default.aspx
- http://blog.wahahajk.com/2008/08/c-demo-aes-3des.html
- http://www.gutgames.com/post/AES-Encryption-in-C.aspx
blog 與課程更新內容,請前往新站位置:http://tdd.best/
