我正在寻找一种使用.NET 3.5加密/混淆(以及解密/去混淆)字节数组的方法。在.NET中使用秘密加密/模糊字节数组的简单方法?
基本上是:
byte[] aMixedUp = Encrypt(aMyByteData, "THIS IS THE SECRET KEY USED TO ENCRYPT");
,并在另一侧:
byte[] aDecrypted = Decrypt(aMixedUp, "THIS IS THE SECRET KEY USED TO ENCRYPT");
它不必是防弹。这个想法只是为了防止用户在映射到ASCII时直接看到字节中的内容,但它应该比ROT13更好。
我可以轻松使用.NET库中是否有某些东西?
这是我写的一些代码来加密/解密一个字符串。加密的字符串是Base64编码,便于序列化为XML等。您可以轻松地将此代码转换为直接与字节数组而不是字符串一起工作。
/// <summary>
/// Create and initialize a crypto algorithm.
/// </summary>
/// <param name="password">The password.</param>
private static SymmetricAlgorithm GetAlgorithm(string password)
{
var algorithm = Rijndael.Create();
var rdb = new Rfc2898DeriveBytes(password, new byte[] {
0x53,0x6f,0x64,0x69,0x75,0x6d,0x20, // salty goodness
0x43,0x68,0x6c,0x6f,0x72,0x69,0x64,0x65
});
algorithm.Padding = PaddingMode.ISO10126;
algorithm.Key = rdb.GetBytes(32);
algorithm.IV = rdb.GetBytes(16);
return algorithm;
}
/// <summary>
/// Encrypts a string with a given password.
/// </summary>
/// <param name="clearText">The clear text.</param>
/// <param name="password">The password.</param>
public static string EncryptString(string clearText, string password)
{
var algorithm = GetAlgorithm(password);
var encryptor = algorithm.CreateEncryptor();
var clearBytes = Encoding.Unicode.GetBytes(clearText);
using (var ms = new MemoryStream())
using (var cs = new CryptoStream(ms, encryptor, CryptoStreamMode.Write))
{
cs.Write(clearBytes, 0, clearBytes.Length);
cs.Close();
return Convert.ToBase64String(ms.ToArray());
}
}
/// <summary>
/// Decrypts a string using a given password.
/// </summary>
/// <param name="cipherText">The cipher text.</param>
/// <param name="password">The password.</param>
public static string DecryptString(string cipherText, string password)
{
var algorithm = GetAlgorithm(password);
var decryptor = algorithm.CreateDecryptor();
var cipherBytes = Convert.FromBase64String(cipherText);
using (var ms = new MemoryStream())
using (var cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Write))
{
cs.Write(cipherBytes, 0, cipherBytes.Length);
cs.Close();
return Encoding.Unicode.GetString(ms.ToArray());
}
}
如前所述:这是我的最爱!谢谢! – Krumelur 2011-03-10 09:08:56
在cryptography namespace有各种有趣的事情。
Symmetric-key algorithm将是最简单的方法来做到这一点,你可以在.NET框架中找到它们。
但请注意,黑客可以“轻松”反编译您的应用并找到加密密钥。根据您的senario,您可以使用public/private关键系统。你至少可以控制谁可以加密字节数组。
以下是使用.NET框架中的Rijndael类对字节数组进行加密和解密的代码示例;显然这个班可以代替哪个最适合你。
您只需要定义KEY和IV属性并从某处获取它们(例如应用程序配置文件的加密部分)。
private static byte[] EncryptBytes(IEnumerable<byte> bytes)
{
//The ICryptoTransform is created for each call to this method as the MSDN documentation indicates that the public methods may not be thread-safe and so we cannot hold a static reference to an instance
using (var r = Rijndael.Create())
{
using (var encryptor = r.CreateEncryptor(KEY, IV))
{
return Transform(bytes, encryptor);
}
}
}
private static byte[] DecryptBytes(IEnumerable<byte> bytes)
{
//The ICryptoTransform is created for each call to this method as the MSDN documentation indicates that the public methods may not be thread-safe and so we cannot hold a static reference to an instance
using (var r = Rijndael.Create())
{
using (var decryptor = r.CreateDecryptor(KEY, IV))
{
return Transform(bytes, decryptor);
}
}
}
private static byte[] Transform(IEnumerable<byte> bytes, ICryptoTransform transform)
{
using (var stream = new MemoryStream())
{
using (var cryptoStream = new CryptoStream(stream, transform, CryptoStreamMode.Write))
{
foreach (var b in bytes)
cryptoStream.WriteByte(b);
}
return stream.ToArray();
}
}
如果不需要加密,你可以一切都转换为十六进制或Base 64或诸如此类的东西,它有效地将使它无法读取,除非有人真的专用。 Here is a link that shows how in .NET
我不认为解码十六进制或base64计数为“真正专用”.. – Blorgbeard 2011-05-05 12:17:57
最简单的方法是在[这里我的问题(http://stackoverflow.com/questions/11762/c-cryptographicexception-padding-is-invalid-and-cannot-be-removed) – Blorgbeard 2011-03-09 20:34:17
那么基础转换是不可能的?比方说转换为Base64甚至Base2?我认为这比ROT13更好! – Ali 2011-03-09 22:11:38
@Blorgbeard:为什么不作出答案,我会给你信用!这正是我一直在嘲笑的! – Krumelur 2011-03-09 22:41:43