|
|
数据的加密重要性大家皆知,很多情况下需要对数据进行加密处理,但各种重要数据的加密要求不一样,有些需要时可逆的,有些是不要求可逆的,可逆的一般称之为对称加密算法,不可逆的一般可以成为非对称加密算法。如登录密码,一般较好的方式是采用不可逆的加密算法,如MD5、SHA256、哈希数值等,当然也有的采用可逆的强度好一些的加密方式,在选择加密键值的时候,变化一下也算是比较不错的选择。另外一些为了掩人耳目或者不让别人直接可以查看到,就采用其他的加密算法,如DES加密算法、AES的RijndaelManaged加密算法,或者也可以采用Base64加密,甚至我看到一个很变态的方式,就是用MD5加密的头,内容则采用Base64的方式加密,一般不知道内情的还真的不好处理。
在吉日《[走火入魔失眠夜]浅谈管理软件信息安全,用户名、密码的加密解密【附C#配套加密解密源码】》 的文章中也对加密做了一些介绍和分析,并贴出了MD5、DES的加密方式代码,吉日的文章图文并茂、哲理及诙谐例子并存,本文有感而发,做一些补充,希望园子同行共通过切磋,交流心得。
加密字符串的方式有很多,也都可以通过这样的加密文件内容,不过较好的方式可能是采用DES及AES两种方式来加密文件了,下面贴出的代码中包含了加解密文件的算法。下面具体贴出本人收藏的各种加密算法代码。
1、DES加密字符串及文件等
如果想可逆的算法,这种方式一般不错,只要结合动态密钥,就可以做出强度比较高的加密应用了。
public const string DEFAULT_ENCRYPT_KEY = "12345678";/// <summary>
/// 使用默认加密
/// </summary>
/// <param name="strText"></param>
/// <returns></returns>
public static string DesEncrypt(string strText)
{
try
{
return DesEncrypt(strText, DEFAULT_ENCRYPT_KEY);
}
catch
{
return "";
}
}
/// <summary>
/// 使用默认解密
/// </summary>
/// <param name="strText"></param>
/// <returns></returns>
public static string DesDecrypt(string strText)
{
try
{
return DesDecrypt(strText, DEFAULT_ENCRYPT_KEY);
}
catch
{
return "";
}
}
/// <summary>
/// Encrypt the string
/// Attention:key must be 8 bits
/// </summary>
/// <param name="strText">string</param>
/// <param name="strEncrKey">key</param>
/// <returns></returns>
public static string DesEncrypt(string strText, string strEncrKey)
{
byte[] byKey = null;
byte[] IV = { 0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF };
byKey = Encoding.UTF8.GetBytes(strEncrKey.Substring(0, 8));
DESCryptoServiceProvider des = new DESCryptoServiceProvider();
byte[] inputByteArray = Encoding.UTF8.GetBytes(strText);
MemoryStream ms = new MemoryStream();
CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(byKey, IV), CryptoStreamMode.Write);
cs.Write(inputByteArray, 0, inputByteArray.Length);
cs.FlushFinalBlock();
return Convert.ToBase64String(ms.ToArray());
}
/// <summary>
/// Decrypt string
/// Attention:key must be 8 bits
/// </summary>
/// <param name="strText">Decrypt string</param>
/// <param name="sDecrKey">key</param>
/// <returns>output string</returns>
public static string DesDecrypt(string strText, string sDecrKey)
{
byte[] byKey = null;
byte[] IV = { 0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF };
byte[] inputByteArray = new Byte[strText.Length];
byKey = Encoding.UTF8.GetBytes(sDecrKey.Substring(0, 8));
DESCryptoServiceProvider des = new DESCryptoServiceProvider();
inputByteArray = Convert.FromBase64String(strText);
MemoryStream ms = new MemoryStream();
CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(byKey, IV), CryptoStreamMode.Write);
cs.Write(inputByteArray, 0, inputByteArray.Length);
cs.FlushFinalBlock();
Encoding encoding = new UTF8Encoding();
return encoding.GetString(ms.ToArray());
}
/// <summary>
/// Encrypt files
/// Attention:key must be 8 bits
/// </summary>
/// <param name="m_InFilePath">Encrypt file path</param>
/// <param name="m_OutFilePath">output file</param>
/// <param name="strEncrKey">key</param>
public static void DesEncrypt(string m_InFilePath, string m_OutFilePath, string strEncrKey)
{
byte[] byKey = null;
byte[] IV = { 0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF };
byKey = Encoding.UTF8.GetBytes(strEncrKey.Substring(0, 8));
FileStream fin = new FileStream(m_InFilePath, FileMode.Open, FileAccess.Read);
FileStream fout = new FileStream(m_OutFilePath, FileMode.OpenOrCreate, FileAccess.Write);
fout.SetLength(0);
//Create variables to help with read and write.
byte[] bin = new byte[100]; //This is intermediate storage for the encryption.
long rdlen = 0; //This is the total number of bytes written.
long totlen = fin.Length; //This is the total length of the input file.
int len; //This is the number of bytes to be written at a time.
DES des = new DESCryptoServiceProvider();
CryptoStream encStream = new CryptoStream(fout, des.CreateEncryptor(byKey, IV), CryptoStreamMode.Write);
//Read from the input file, then encrypt and write to the output file.
while (rdlen < totlen)
{
len = fin.Read(bin, 0, 100);
encStream.Write(bin, 0, len);
rdlen = rdlen + len;
}
encStream.Close();
fout.Close();
fin.Close();
}
/// <summary>
/// Decrypt files
/// Attention:key must be 8 bits
/// </summary>
/// <param name="m_InFilePath">Decrypt filepath</param>
/// <param name="m_OutFilePath">output filepath</param>
/// <param name="sDecrKey">key</param>
public static void DesDecrypt(string m_InFilePath, string m_OutFilePath, string sDecrKey)
{
byte[] byKey = null;
byte[] IV = { 0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF };
byKey = Encoding.UTF8.GetBytes(sDecrKey.Substring(0, 8));
FileStream fin = new FileStream(m_InFilePath, FileMode.Open, FileAccess.Read);
FileStream fout = new FileStream(m_OutFilePath, FileMode.OpenOrCreate, FileAccess.Write);
fout.SetLength(0);
//Create variables to help with read and write.
byte[] bin = new byte[100]; //This is intermediate storage for the encryption.
long rdlen = 0; //This is the total number of bytes written.
long totlen = fin.Length; //This is the total length of the input file.
int len; //This is the number of bytes to be written at a time.
DES des = new DESCryptoServiceProvider();
CryptoStream encStream = new CryptoStream(fout, des.CreateDecryptor(byKey, IV), CryptoStreamMode.Write);
//Read from the input file, then encrypt and write to the output file.
while (rdlen < totlen)
{
len = fin.Read(bin, 0, 100);
encStream.Write(bin, 0, len);
rdlen = rdlen + len;
}
encStream.Close();
fout.Close();
fin.Close();
}
2、 对称加密算法AES RijndaelManaged加密解密
private static readonly string Default_AES_Key = "@#kim123";
private static byte[] Keys = { 0x41, 0x72, 0x65, 0x79, 0x6F, 0x75, 0x6D, 0x79,
0x53,0x6E, 0x6F, 0x77, 0x6D, 0x61, 0x6E, 0x3F };
/// <summary>
/// 对称加密算法AES RijndaelManaged加密(RijndaelManaged(AES)算法是块式加密算法)
/// </summary>
/// <param name="encryptString">待加密字符串</param>
/// <returns>加密结果字符串</returns>
public static string AES_Encrypt(string encryptString)
{
return AES_Encrypt(encryptString, Default_AES_Key);
}
/// <summary>
/// 对称加密算法AES RijndaelManaged加密(RijndaelManaged(AES)算法是块式加密算法)
/// </summary>
/// <param name="encryptString">待加密字符串</param>
/// <param name="encryptKey">加密密钥,须半角字符</param>
/// <returns>加密结果字符串</returns>
public static string AES_Encrypt(string encryptString, string encryptKey)
{
encryptKey = GetSubString(encryptKey, 32, "");
encryptKey = encryptKey.PadRight(32, ' ');
RijndaelManaged rijndaelProvider = new RijndaelManaged();
rijndaelProvider.Key = Encoding.UTF8.GetBytes(encryptKey.Substring(0, 32));
rijndaelProvider.IV = Keys;
ICryptoTransform rijndaelEncrypt = rijndaelProvider.CreateEncryptor();
byte[] inputData = Encoding.UTF8.GetBytes(encryptString);
byte[] encryptedData = rijndaelEncrypt.TransformFinalBlock(inputData, 0, inputData.Length);
return Convert.ToBase64String(encryptedData);
}
/// <summary>
/// 对称加密算法AES RijndaelManaged解密字符串
/// </summary>
/// <param name="decryptString">待解密的字符串</param>
/// <returns>解密成功返回解密后的字符串,失败返源串</returns>
public static string AES_Decrypt(string decryptString)
{
return AES_Decrypt(decryptString, Default_AES_Key);
}
/// <summary>
/// 对称加密算法AES RijndaelManaged解密字符串
/// </summary>
/// <param name="decryptString">待解密的字符串</param>
/// <param name="decryptKey">解密密钥,和加密密钥相同</param>
/// <returns>解密成功返回解密后的字符串,失败返回空</returns>
public static string AES_Decrypt(string decryptString, string decryptKey)
{
try
{
decryptKey = GetSubString(decryptKey, 32, "");
decryptKey = decryptKey.PadRight(32, ' ');
RijndaelManaged rijndaelProvider = new RijndaelManaged();
rijndaelProvider.Key = Encoding.UTF8.GetBytes(decryptKey);
rijndaelProvider.IV = Keys;
ICryptoTransform rijndaelDecrypt = rijndaelProvider.CreateDecryptor();
byte[] inputData = Convert.FromBase64String(decryptString);
byte[] decryptedData = rijndaelDecrypt.TransformFinalBlock(inputData, 0, inputData.Length);
return Encoding.UTF8.GetString(decryptedData);
}
catch
{
return string.Empty;
}
}
/// <summary>
/// 按字节长度(按字节,一个汉字为2个字节)取得某字符串的一部分
/// </summary>
/// <param name="sourceString">源字符串</param>
/// <param name="length">所取字符串字节长度</param>
/// <param name="tailString">附加字符串(当字符串不够长时,尾部所添加的字符串,一般为"...")</param>
/// <returns>某字符串的一部分</returns>
private static string GetSubString(string sourceString, int length, string tailString)
{
return GetSubString(sourceString, 0, length, tailString);
}
/// <summary>
/// 按字节长度(按字节,一个汉字为2个字节)取得某字符串的一部分
/// </summary>
/// <param name="sourceString">源字符串</param>
/// <param name="startIndex">索引位置,以0开始</param>
/// <param name="length">所取字符串字节长度</param>
/// <param name="tailString">附加字符串(当字符串不够长时,尾部所添加的字符串,一般为"...")</param>
/// <returns>某字符串的一部分</returns>
private static string GetSubString(string sourceString, int startIndex, int length, string tailString)
{
string myResult = sourceString;
//当是日文或韩文时(注:中文的范围:/u4e00 - /u9fa5, 日文在/u0800 - /u4e00, 韩文为/xAC00-/xD7A3)
if (System.Text.RegularExpressions.Regex.IsMatch(sourceString, "[/u0800-/u4e00]+") ||
System.Text.RegularExpressions.Regex.IsMatch(sourceString, "[/xAC00-/xD7A3]+"))
{
//当截取的起始位置超出字段串长度时
if (startIndex >= sourceString.Length)
{
return string.Empty;
}
else
{
return sourceString.Substring(startIndex,
((length + startIndex) > sourceString.Length) ? (sourceString.Length - startIndex) : length);
}
}
//中文字符,如"中国人民abcd123"
if (length <= 0)
{
return string.Empty;
}
byte[] bytesSource = Encoding.Default.GetBytes(sourceString);
//当字符串长度大于起始位置
if (bytesSource.Length > startIndex)
{
int endIndex = bytesSource.Length;
//当要截取的长度在字符串的有效长度范围内
if (bytesSource.Length > (startIndex + length))
{
endIndex = length + startIndex;
}
else
{ //当不在有效范围内时,只取到字符串的结尾
length = bytesSource.Length - startIndex;
tailString = "";
}
int[] anResultFlag = new int[length];
int nFlag = 0;
//字节大于127为双字节字符
for (int i = startIndex; i < endIndex; i++)
{
if (bytesSource[i] > 127)
{
nFlag++;
if (nFlag == 3)
{
nFlag = 1;
}
}
else
{
nFlag = 0;
}
anResultFlag[i] = nFlag;
}
//最后一个字节为双字节字符的一半
if ((bytesSource[endIndex - 1] > 127) && (anResultFlag[length - 1] == 1))
{
length = length + 1;
}
byte[] bsResult = new byte[length];
Array.Copy(bytesSource, startIndex, bsResult, 0, length);
myResult = Encoding.Default.GetString(bsResult);
myResult = myResult + tailString;
return myResult;
}
return string.Empty;
}
/// <summary>
/// 加密文件流
/// </summary>
/// <param name="fs"></param>
/// <returns></returns>
public static CryptoStream AES_EncryptStrream(FileStream fs, string decryptKey)
{
decryptKey = GetSubString(decryptKey, 32, "");
decryptKey = decryptKey.PadRight(32, ' ');
RijndaelManaged rijndaelProvider = new RijndaelManaged();
rijndaelProvider.Key = Encoding.UTF8.GetBytes(decryptKey);
rijndaelProvider.IV = Keys;
ICryptoTransform encrypto = rijndaelProvider.CreateEncryptor();
CryptoStream cytptostreamEncr = new CryptoStream(fs, encrypto, CryptoStreamMode.Write);
return cytptostreamEncr;
}
/// <summary>
/// 解密文件流
/// </summary>
/// <param name="fs"></param>
/// <returns></returns>
public static CryptoStream AES_DecryptStream(FileStream fs, string decryptKey)
{
decryptKey = GetSubString(decryptKey, 32, "");
decryptKey = decryptKey.PadRight(32, ' ');
RijndaelManaged rijndaelProvider = new RijndaelManaged();
rijndaelProvider.Key = Encoding.UTF8.GetBytes(decryptKey);
rijndaelProvider.IV = Keys;
ICryptoTransform Decrypto = rijndaelProvider.CreateDecryptor();
CryptoStream cytptostreamDecr = new CryptoStream(fs, Decrypto, CryptoStreamMode.Read);
return cytptostreamDecr;
}
/// <summary>
/// 对指定文件加密
/// </summary>
/// <param name="InputFile"></param>
/// <param name="OutputFile"></param>
/// <returns></returns>
public static bool AES_EncryptFile(string InputFile, string OutputFile)
{
try
{
string decryptKey = "www.iqidi.com";
FileStream fr = new FileStream(InputFile, FileMode.Open);
FileStream fren = new FileStream(OutputFile, FileMode.Create);
CryptoStream Enfr = AES_EncryptStrream(fren, decryptKey);
byte[] bytearrayinput = new byte[fr.Length];
fr.Read(bytearrayinput, 0, bytearrayinput.Length);
Enfr.Write(bytearrayinput, 0, bytearrayinput.Length);
Enfr.Close();
fr.Close();
fren.Close();
}
catch
{
//文件异常
return false;
}
return true;
}
/// <summary>
/// 对指定的文件解压缩
/// </summary>
/// <param name="InputFile"></param>
/// <param name="OutputFile"></param>
/// <returns></returns>
public static bool AES_DecryptFile(string InputFile, string OutputFile)
{
try
{
string decryptKey = "www.iqidi.com";
FileStream fr = new FileStream(InputFile, FileMode.Open);
FileStream frde = new FileStream(OutputFile, FileMode.Create);
CryptoStream Defr = AES_DecryptStream(fr, decryptKey);
byte[] bytearrayoutput = new byte[1024];
int m_count = 0;
do
{
m_count = Defr.Read(bytearrayoutput, 0, bytearrayoutput.Length);
frde.Write(bytearrayoutput, 0, m_count);
if (m_count < bytearrayoutput.Length)
break;
} while (true);
Defr.Close();
fr.Close();
frde.Close();
}
catch
{
//文件异常
return false;
}
return true;
}
#endregion
3、 Base64加密解密算法
#region Base64加密解密/// <summary>
/// Base64是一種使用64基的位置計數法。它使用2的最大次方來代表僅可列印的ASCII 字元。
/// 這使它可用來作為電子郵件的傳輸編碼。在Base64中的變數使用字元A-Z、a-z和0-9 ,
/// 這樣共有62個字元,用來作為開始的64個數字,最後兩個用來作為數字的符號在不同的
/// 系統中而不同。
/// Base64加密
/// </summary>
/// <param name="str"></param>
/// <returns></returns>
public static string Base64Encrypt(string str)
{
byte[] encbuff = System.Text.Encoding.UTF8.GetBytes(str);
return Convert.ToBase64String(encbuff);
}
/// <summary>
/// Base64解密
/// </summary>
/// <param name="str"></param>
/// <returns></returns>
public static string Base64Decrypt(string str)
{
byte[] decbuff = Convert.FromBase64String(str);
return System.Text.Encoding.UTF8.GetString(decbuff);
}
#endregion
7、 MD5及Base64结合加密
这种结合方式也是比较不错的算法,至少是四不像,一般分析比较困难,比较有迷惑性,就是挂羊头,卖狗肉的行为,其实Base64加密方式,也可以做的比较复杂,不一定是上面的那种解决方式的,你可以添加一些较为复杂的算法在里面的。
/// <summary>/// 加密字符串
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
public static string EncryptString(string input)
{
return MD5Util.AddMD5Profix(Base64Util.Encrypt(MD5Util.AddMD5Profix(input)));
//return Base64.Encrypt(MD5.AddMD5Profix(Base64.Encrypt(input)));
}
/// <summary>
/// 解密加过密的字符串
/// </summary>
/// <param name="input"></param>
/// <param name="throwException">解密失败是否抛异常</param>
/// <returns></returns>
public static string DecryptString(string input, bool throwException)
{
string res = "";
try
{
res = input;// Base64.Decrypt(input);
if (MD5Util.ValidateValue(res))
{
return MD5Util.RemoveMD5Profix(Base64Util.Decrypt(MD5Util.RemoveMD5Profix(res)));
}
else
{
throw new Exception("字符串无法转换成功!");
}
}
catch
{
if (throwException)
{
throw;
}
else
{
return "";
}
}
}
//-----------下面是MD5Util下面的函数
/// <summary>
/// 添加MD5的前缀,便于检查有无篡改
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
public static string AddMD5Profix(string input)
{
return GetMD5_4(input) + input;
}
/// <summary>
/// 移除MD5的前缀
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
public static string RemoveMD5Profix(string input)
{
return input.Substring(4);
}
/// <summary>
/// 验证MD5前缀处理的字符串有无被篡改
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
public static bool ValidateValue(string input)
{
bool res = false;
if (input.Length >= 4)
{
string tmp = input.Substring(4);
if (input.Substring(0, 4) == GetMD5_4(tmp))
{
res = true;
}
}
return res;
}
NET技术:谈谈数据加密的处理--提供各种算法处理,转载需保留来源!
郑重声明:本文版权归原作者所有,转载文章仅为传播更多信息之目的,如作者信息标记有误,请第一时间联系我们修改或删除,多谢。
