最近一段時間,集團加強了資安方面的管理,所有敏感的配置字節都必須經過加密處理,把最近用到的幾個加解密類整理了一下,以做備忘.
其實這兩個類實現的方法差不多,只是有些細微區別:
對稱加密演算法類 SymmetricMethodHelper
usingSystem;
usingSystem.IO;
usingSystem.Security.Cryptography;
usingSystem.Text;
///<summary>
///對稱加密演算法類
///</summary>
publicclassSymmetricMethodHelper
{
privateSymmetricAlgorithmmobjCryptoService;
privatestringKey;
///<summary>
///對稱加密類的構造函數
///</summary>
publicSymmetricMethodHelper()
{
mobjCryptoService=newRijndaelManaged();
Key="Guz(%&hj7x89H$yuBI0456FtmaT5&fvHUFCy76*h%(HilJ$lhj!y6&(*jkP87jH7";
}
///<summary>
///對稱加密類的構造函數
///</summary>
publicSymmetricMethodHelper(stringkey)
{
mobjCryptoService=newRijndaelManaged();
Key=key+"Guz(%&hj7x89H$yuBI0456FtmaT5&fvHUFCy76*h%(HilJ$lhj!y6&(*jkP87jH7";
}
///<summary>
///獲得密鑰
///</summary>
///<returns>密鑰</returns>
privatebyte[]GetLegalKey()
{
stringsTemp=Key;
mobjCryptoService.GenerateKey();
byte[]bytTemp=mobjCryptoService.Key;
intKeyLength=bytTemp.Length;
if(sTemp.Length>KeyLength)
sTemp=sTemp.Substring(0,KeyLength);
elseif(sTemp.Length<KeyLength)
sTemp=sTemp.PadRight(KeyLength,'');
returnASCIIEncoding.ASCII.GetBytes(sTemp);
}
///<summary>
///獲得初始向量IV
///</summary>
///<returns>初試向量IV</returns>
privatebyte[]GetLegalIV()
{
stringsTemp="E4ghj*Ghg7!rNIfb&95GUY86GfghUb#er57HBh(u%g6HJ($jhWk7&!hg4ui%$hjk";
mobjCryptoService.GenerateIV();
byte[]bytTemp=mobjCryptoService.IV;
intIVLength=bytTemp.Length;
if(sTemp.Length>IVLength)
sTemp=sTemp.Substring(0,IVLength);
elseif(sTemp.Length<IVLength)
sTemp=sTemp.PadRight(IVLength,'');
returnASCIIEncoding.ASCII.GetBytes(sTemp);
}
///<summary>
///加密方法
///</summary>
///<paramname="Source">待加密的串</param>
///<returns>經過加密的串</returns>
publicstringEncrypto(stringSource)
{
byte[]bytIn=UTF8Encoding.UTF8.GetBytes(Source);
MemoryStreamms=newMemoryStream();
mobjCryptoService.Key=GetLegalKey();
mobjCryptoService.IV=GetLegalIV();
ICryptoTransformencrypto=mobjCryptoService.CreateEncryptor();
CryptoStreamcs=newCryptoStream(ms,encrypto,CryptoStreamMode.Write);
cs.Write(bytIn,0,bytIn.Length);
cs.FlushFinalBlock();
ms.Close();
byte[]bytOut=ms.ToArray();
returnConvert.ToBase64String(bytOut);
}
///<summary>
///解密方法
///</summary>
///<paramname="Source">待解密的串</param>
///<returns>經過解密的串</returns>
publicstringDecrypto(stringSource)
{
byte[]bytIn=Convert.FromBase64String(Source);
MemoryStreamms=newMemoryStream(bytIn,0,bytIn.Length);
mobjCryptoService.Key=GetLegalKey();
mobjCryptoService.IV=GetLegalIV();
ICryptoTransformencrypto=mobjCryptoService.CreateDecryptor();
CryptoStreamcs=newCryptoStream(ms,encrypto,CryptoStreamMode.Read);
StreamReadersr=newStreamReader(cs);
returnsr.ReadToEnd();
}
} Code
usingSystem;
usingSystem.Text;
usingSystem.IO;
usingSystem.Security.Cryptography;
publicclassEncryptUtil{
///<summary>
///Des加密
///</summary>
///<paramname="clearText"></param>
///<returns></returns>
publicstaticstringDesEncrypt(stringclearText){
byte[]byKey=System.Text.ASCIIEncoding.UTF8.GetBytes(KEY_64);
byte[]byIV=System.Text.ASCIIEncoding.UTF8.GetBytes(IV_64);
DESCryptoServiceProvidercryptoProvider=newDESCryptoServiceProvider();
MemoryStreammemStream=newMemoryStream();
//以寫模式把數據流和要加密的數據流建立連接
CryptoStreamcryStream=newCryptoStream(memStream,cryptoProvider.CreateEncryptor(byKey,byIV),CryptoStreamMode.Write);
//將要加密的數據轉換為UTF8編碼的數組
byte[]clearTextArray=Encoding.UTF8.GetBytes(clearText);
//加密並寫到内存流memStream中
cryStream.Write(clearTextArray,0,clearTextArray.Length);
//清空緩衝區
cryStream.FlushFinalBlock();
//將8位無符號整數數組轉換為等效的System.String的形式.
returnConvert.ToBase64String(memStream.ToArray());
}
///<summary>
///Des解密
///</summary>
///<paramname="data"></param>
///<returns></returns>
publicstaticstringDesDecrypt(stringencryptedText){
byte[]byKey=System.Text.ASCIIEncoding.UTF8.GetBytes(KEY_64);
byte[]byIV=System.Text.ASCIIEncoding.UTF8.GetBytes(IV_64);
//
byte[]byteArray=Convert.FromBase64String(encryptedText);
MemoryStreammemStream=newMemoryStream();
DESCryptoServiceProvidercryptoProvider=newDESCryptoServiceProvider();
CryptoStreamcryStream=newCryptoStream(memStream,cryptoProvider.CreateDecryptor(byKey,byIV),CryptoStreamMode.Write);
cryStream.Write(byteArray,0,byteArray.Length);
//清空緩衝區
cryStream.FlushFinalBlock();
System.Text.Encodingencoding=newSystem.Text.UTF8Encoding();
//把字節數組轉換為等效的System.String的形式.
returnencoding.GetString(memStream.ToArray());
}
///<summary>
///Des加密,功能同DesEncrypt相同
///</summary>
///<paramname="clearText"></param>
///<returns></returns>
publicstaticstringDesEncode(stringclearText){
byte[]byKey=System.Text.ASCIIEncoding.ASCII.GetBytes(KEY_64);
byte[]byIV=System.Text.ASCIIEncoding.ASCII.GetBytes(IV_64);
DESCryptoServiceProvidercryptoProvider=newDESCryptoServiceProvider();
MemoryStreammemStream=newMemoryStream();
CryptoStreamcryStream=newCryptoStream(memStream,cryptoProvider.CreateEncryptor(byKey,byIV),CryptoStreamMode.Write);
StreamWritersw=newStreamWriter(cryStream);
sw.Write(clearText);
sw.Flush();
cryStream.FlushFinalBlock();
sw.Flush();
returnConvert.ToBase64String(memStream.GetBuffer(),0,(int)memStream.Length);
}
///<summary>
///Des解密,功能同DesDecrypt相同
///</summary>
///<paramname="encryptedText"></param>
///<returns></returns>
publicstaticstringDesDecode(stringencryptedText){
byte[]byKey=System.Text.ASCIIEncoding.ASCII.GetBytes(KEY_64);
byte[]byIV=System.Text.ASCIIEncoding.ASCII.GetBytes(IV_64);
byte[]byteArray;
try{
byteArray=Convert.FromBase64String(encryptedText);
}
catch{
returnnull;
}
DESCryptoServiceProvidercryptoProvider=newDESCryptoServiceProvider();
MemoryStreammemStream=newMemoryStream(byteArray);
CryptoStreamcryStream=newCryptoStream(memStream,cryptoProvider.CreateDecryptor(byKey,byIV),CryptoStreamMode.Read);
StreamReadersr=newStreamReader(cryStream);
returnsr.ReadToEnd();
}
privateconststringKEY_64="MyPubKey";//公鈅
privateconststringIV_64="MyPriKey";//私鈅,注意了:是8个字符,64位
}
注意這兩段代碼標注為紅色部分的差异,其中SymmetricMethodHelper類支持超過8位的私鑰,而EncryptUtil類不支持超過8位的私鑰.