本文探討了MD5、DES和RAS的工作原理與特點。首先,MD5是一種不可逆的摘要演算法,它將任意長度的數據轉化為固定長度的摘要,用於數據完整性校驗。然而,由於其存在碰撞攻擊的漏洞,MD5已經不再被推薦作為安全加密演算法。其次,DES是一種對稱可逆的加密演算法,它使用相同的密鑰進行加密和解密,適用於保護數據... ...
一、MD5不可逆加密
1.1-理解MD5
- MD5公開的演算法,任何語言實現後其實都是一樣的、通用的
- 不可逆加密:原文——加密——密文,密文無法解密出原文
1.2-MD5封裝
using System.IO;
using System.Security.Cryptography;
/// <summary>
/// 不可逆加密
/// 1 防止被篡改
/// 2 防止明文存儲
/// 3 防止抵賴,數字簽名
/// </summary>
public class MD5Encrypt
{
#region MD5
/// <summary>
/// MD5加密,和動網上的16/32位MD5加密結果相同,
/// 使用的UTF8編碼
/// </summary>
/// <param name="source">待加密字串</param>
/// <param name="length">16或32值之一,其它則採用.net預設MD5加密演算法</param>
/// <returns>加密後的字串</returns>
public static string Encrypt(string source, int length = 32)//預設參數
{
if (string.IsNullOrEmpty(source)) return string.Empty;
HashAlgorithm provider = CryptoConfig.CreateFromName("MD5") as HashAlgorithm;
byte[] bytes = Encoding.UTF8.GetBytes(source);//這裡需要區別編碼的
byte[] hashValue = provider.ComputeHash(bytes);
StringBuilder sb = new StringBuilder();
switch (length)
{
case 16://16位密文是32位密文的9到24位字元
for (int i = 4; i < 12; i++)
{
sb.Append(hashValue[i].ToString("x2"));
}
break;
case 32:
for (int i = 0; i < 16; i++)
{
sb.Append(hashValue[i].ToString("x2"));
}
break;
default:
for (int i = 0; i < hashValue.Length; i++)
{
sb.Append(hashValue[i].ToString("x2"));
}
break;
}
return sb.ToString();
}
#endregion MD5
#region MD5摘要
/// <summary>
/// 獲取文件的MD5摘要
/// </summary>
/// <param name="fileName"></param>
/// <returns></returns>
public static string AbstractFile(string fileName)
{
using (FileStream file = new FileStream(fileName, FileMode.Open))
{
return AbstractFile(file);
}
}
/// <summary>
/// 根據stream獲取文件摘要
/// </summary>
/// <param name="stream"></param>
/// <returns></returns>
public static string AbstractFile(Stream stream)
{
MD5 md5 = new MD5CryptoServiceProvider();
byte[] retVal = md5.ComputeHash(stream);
StringBuilder sb = new StringBuilder();
for (int i = 0; i < retVal.Length; i++)
{
sb.Append(retVal[i].ToString("x2"));
}
return sb.ToString();
}
#endregion
}
1.3-MD5總結
- 相同原文加密的結果是一樣的
- 不同長度的內容加密後都是32位,可以自行改變長度
- 原文件改動差別很小,結果差別很大
- 不管文件多大,都能產生32位長度的【摘要】,就是更具文件流進行加密的結果
- 文件內容有一點改動,結果變化非常大
- 文件內容不變,文件名變了,結果是不變的
1.4-MD5用途?
- 防篡改
- 源代碼管理器
- 急速秒傳
- 在本地進行MD5摘要,到伺服器上去檢查,如果存在就不需要上傳,直接在伺服器上複製一份,或者指向路徑跳轉一下。
- 密碼保存:防止看到明文
- 密文是可見的,所以要求密碼不能太檢查;加鹽(特殊字元+字母+數字)
- MD5是無法全部窮舉出來的,無法全部解密出來的,像網上有很多這種;
- 防止抵賴,數字簽名
- 吧一些內容摘要一下,不能抵賴。
二、對稱可逆加密DES
2.1-理解DES
- 對稱可逆加密是公開的演算法,任何語言實現後其實都一樣,通用的。
- 加密後能解密會原文,但是需要一個Key
- 加密key和加密Key是同一個,也就是開門和鎖門都要用同一吧鑰匙
- 優點:加密解密的速度快
- 缺點:問題是秘鑰的安全(key在網路中傳輸唄竊取),不是很安全
理解什麼是對稱可逆加密:
- 對稱:加密/解密是key要一模一樣的
- 可逆:原文加密到密文,密文解密到原文
2.2-DES封裝
/// <summary>
/// Des加密
/// </summary>
public class DesCrypto
{
//密鑰
private const string sKey = "qJzGEh6hESZDVJeCnFPGuxzaiB7NLQM3";
//矢量,矢量可以為空
private const string sIV = "qcDY6X+aPLw=";
//構造一個對稱演算法
private SymmetricAlgorithm mCSP = new TripleDESCryptoServiceProvider();
/// <summary>
/// 構造函數
/// </summary>
public DesCrypto() {
}
#region public string EncryptString(string Value)
/// <summary>
/// 加密字元串
/// </summary>
/// <param name="Value">輸入的字元串</param>
/// <returns>加密後的字元串</returns>
public string EncryptString(string Value)
{
ICryptoTransform ct;
MemoryStream ms;
CryptoStream cs;
byte[] byt;
mCSP.Key = Convert.FromBase64String(sKey);
mCSP.IV = Convert.FromBase64String(sIV);
//指定加密的運算模式
mCSP.Mode = System.Security.Cryptography.CipherMode.ECB;
//獲取或設置加密演算法的填充模式
mCSP.Padding = System.Security.Cryptography.PaddingMode.PKCS7;
ct = mCSP.CreateEncryptor(mCSP.Key, mCSP.IV);
byt = Encoding.UTF8.GetBytes(Value);
ms = new MemoryStream();
cs = new CryptoStream(ms, ct, CryptoStreamMode.Write);
cs.Write(byt, 0, byt.Length);
cs.FlushFinalBlock();
cs.Close();
return Convert.ToBase64String(ms.ToArray());
}
#endregion
#region public string DecryptString(string Value)
/// <summary>
/// 解密字元串
/// </summary>
/// <param name="Value">加過密的字元串</param>
/// <returns>解密後的字元串</returns>
public string DecryptString(string Value)
{
ICryptoTransform ct;
MemoryStream ms;
CryptoStream cs;
byte[] byt;
mCSP.Key = Convert.FromBase64String(sKey);
mCSP.IV = Convert.FromBase64String(sIV);
mCSP.Mode = System.Security.Cryptography.CipherMode.ECB;
mCSP.Padding = System.Security.Cryptography.PaddingMode.PKCS7;
ct = mCSP.CreateDecryptor(mCSP.Key, mCSP.IV);
byt = Convert.FromBase64String(Value);
ms = new MemoryStream();
cs = new CryptoStream(ms, ct, CryptoStreamMode.Write);
cs.Write(byt, 0, byt.Length);
cs.FlushFinalBlock();
cs.Close();
return Encoding.UTF8.GetString(ms.ToArray());
}
#endregion
}
三、非對稱可逆加密RSA
2.1-理解RSA
- 非對稱可逆加密公開的演算法,任何語言實現後其實都一樣,通用的;
- 加密key和解密key不是一個,而是一對
- 加密key和解密key不能相互推到,有密文,沒有解密key,也推導不出原文
- 缺點:速度不快
- 優點:安全性好
2.2-RSA封裝
/// <summary>
/// RSA加密解密及RSA簽名和驗證
/// </summary>
public class RsaEncrypt
{
public RsaEncrypt()
{
}
#region RSA 的密鑰產生
/// <summary>
/// RSA 的密鑰產生 產生私鑰 和公鑰
/// </summary>
/// <param name="xmlKeys"></param>
/// <param name="xmlPublicKey"></param>
public void RSAKey(out string xmlKeys, out string xmlPublicKey)
{
System.Security.Cryptography.RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
xmlKeys = rsa.ToXmlString(true);
xmlPublicKey = rsa.ToXmlString(false);
}
#endregion
#region RSA的加密函數
//##############################################################################
//RSA 方式加密
//說明KEY必須是XML的行式,返回的是字元串
//在有一點需要說明!!該加密方式有 長度 限制的!!
//##############################################################################
//RSA的加密函數 string
public string RSAEncrypt(string xmlPublicKey, string m_strEncryptString)
{
byte[] PlainTextBArray;
byte[] CypherTextBArray;
string Result;
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.FromXmlString(xmlPublicKey);
PlainTextBArray = (new UnicodeEncoding()).GetBytes(m_strEncryptString);
CypherTextBArray = rsa.Encrypt(PlainTextBArray, false);
Result = Convert.ToBase64String(CypherTextBArray);
return Result;
}
//RSA的加密函數 byte[]
public string RSAEncrypt(string xmlPublicKey, byte[] EncryptString)
{
byte[] CypherTextBArray;
string Result;
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.FromXmlString(xmlPublicKey);
CypherTextBArray = rsa.Encrypt(EncryptString, false);
Result = Convert.ToBase64String(CypherTextBArray);
return Result;
}
#endregion
#region RSA的解密函數
//RSA的解密函數 string
public string RSADecrypt(string xmlPrivateKey, string m_strDecryptString)
{
byte[] PlainTextBArray;
byte[] DypherTextBArray;
string Result;
System.Security.Cryptography.RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.FromXmlString(xmlPrivateKey);
PlainTextBArray = Convert.FromBase64String(m_strDecryptString);
DypherTextBArray = rsa.Decrypt(PlainTextBArray, false);
Result = (new UnicodeEncoding()).GetString(DypherTextBArray);
return Result;
}
//RSA的解密函數 byte
public string RSADecrypt(string xmlPrivateKey, byte[] DecryptString)
{
byte[] DypherTextBArray;
string Result;
System.Security.Cryptography.RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.FromXmlString(xmlPrivateKey);
DypherTextBArray = rsa.Decrypt(DecryptString, false);
Result = (new UnicodeEncoding()).GetString(DypherTextBArray);
return Result;
}
#endregion
#region RSA數字簽名
#region 獲取Hash描述表
//獲取Hash描述表 ,outofmemory.cn
public bool GetHash(string m_strSource, ref byte[] HashData)
{
//從字元串中取得Hash描述
byte[] Buffer;
System.Security.Cryptography.HashAlgorithm MD5 = System.Security.Cryptography.HashAlgorithm.Create("MD5");
Buffer = System.Text.Encoding.GetEncoding("GB2312").GetBytes(m_strSource);
HashData = MD5.ComputeHash(Buffer);
return true;
}
//獲取Hash描述表
public bool GetHash(string m_strSource, ref string strHashData)
{
//從字元串中取得Hash描述
byte[] Buffer;
byte[] HashData;
System.Security.Cryptography.HashAlgorithm MD5 = System.Security.Cryptography.HashAlgorithm.Create("MD5");
Buffer = System.Text.Encoding.GetEncoding("GB2312").GetBytes(m_strSource);
HashData = MD5.ComputeHash(Buffer);
strHashData = Convert.ToBase64String(HashData);
return true;
}
//獲取Hash描述表
public bool GetHash(System.IO.FileStream objFile, ref byte[] HashData)
{
//從文件中取得Hash描述
System.Security.Cryptography.HashAlgorithm MD5 = System.Security.Cryptography.HashAlgorithm.Create("MD5");
HashData = MD5.ComputeHash(objFile);
objFile.Close();
return true;
}
//獲取Hash描述表
public bool GetHash(System.IO.FileStream objFile, ref string strHashData)
{
//從文件中取得Hash描述
byte[] HashData;
System.Security.Cryptography.HashAlgorithm MD5 = System.Security.Cryptography.HashAlgorithm.Create("MD5");
HashData = MD5.ComputeHash(objFile);
objFile.Close();
strHashData = Convert.ToBase64String(HashData);
return true;
}
#endregion
#region RSA簽名
//RSA簽名
public bool SignatureFormatter(string p_strKeyPrivate, byte[] HashbyteSignature, ref byte[] EncryptedSignatureData)
{
System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider();
RSA.FromXmlString(p_strKeyPrivate);
System.Security.Cryptography.RSAPKCS1SignatureFormatter RSAFormatter = new System.Security.Cryptography.RSAPKCS1SignatureFormatter(RSA);
//設置簽名的演算法為MD5
RSAFormatter.SetHashAlgorithm("MD5");
//執行簽名
EncryptedSignatureData = RSAFormatter.CreateSignature(HashbyteSignature);
return true;
}
//RSA簽名
public bool SignatureFormatter(string p_strKeyPrivate, byte[] HashbyteSignature, ref string m_strEncryptedSignatureData)
{
byte[] EncryptedSignatureData;
System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider();
RSA.FromXmlString(p_strKeyPrivate);
System.Security.Cryptography.RSAPKCS1SignatureFormatter RSAFormatter = new System.Security.Cryptography.RSAPKCS1SignatureFormatter(RSA);
//設置簽名的演算法為MD5
RSAFormatter.SetHashAlgorithm("MD5");
//執行簽名
EncryptedSignatureData = RSAFormatter.CreateSignature(HashbyteSignature);
m_strEncryptedSignatureData = Convert.ToBase64String(EncryptedSignatureData);
return true;
}
//RSA簽名
public bool SignatureFormatter(string p_strKeyPrivate, string m_strHashbyteSignature, ref byte[] EncryptedSignatureData)
{
byte[] HashbyteSignature;
HashbyteSignature = Convert.FromBase64String(m_strHashbyteSignature);
System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider();
RSA.FromXmlString(p_strKeyPrivate);
System.Security.Cryptography.RSAPKCS1SignatureFormatter RSAFormatter = new System.Security.Cryptography.RSAPKCS1SignatureFormatter(RSA);
//設置簽名的演算法為MD5
RSAFormatter.SetHashAlgorithm("MD5");
//執行簽名
EncryptedSignatureData = RSAFormatter.CreateSignature(HashbyteSignature);
return true;
}
//RSA簽名
public bool SignatureFormatter(string p_strKeyPrivate, string m_strHashbyteSignature, ref string m_strEncryptedSignatureData)
{
byte[] HashbyteSignature;
byte[] EncryptedSignatureData;
HashbyteSignature = Convert.FromBase64String(m_strHashbyteSignature);
System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider();
RSA.FromXmlString(p_strKeyPrivate);
System.Security.Cryptography.RSAPKCS1SignatureFormatter RSAFormatter = new System.Security.Cryptography.RSAPKCS1SignatureFormatter(RSA);
//設置簽名的演算法為MD5
RSAFormatter.SetHashAlgorithm("MD5");
//執行簽名
EncryptedSignatureData = RSAFormatter.CreateSignature(HashbyteSignature);
m_strEncryptedSignatureData = Convert.ToBase64String(EncryptedSignatureData);
return true;
}
#endregion
#region RSA 簽名驗證
public bool SignatureDeformatter(string p_strKeyPublic, byte[] HashbyteDeformatter, byte[] DeformatterData)
{
System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider();
RSA.FromXmlString(p_strKeyPublic);
System.Security.Cryptography.RSAPKCS1SignatureDeformatter RSADeformatter = new System.Security.Cryptography.RSAPKCS1SignatureDeformatter(RSA);
//指定解密的時候HASH演算法為MD5
RSADeformatter.SetHashAlgorithm("MD5");
if (RSADeformatter.VerifySignature(HashbyteDeformatter, DeformatterData))
{
return true;
}
else
{
return false;
}
}
public bool SignatureDeformatter(string p_strKeyPublic, string p_strHashbyteDeformatter, byte[] DeformatterData)
{
byte[] HashbyteDeformatter;
HashbyteDeformatter = Convert.FromBase64String(p_strHashbyteDeformatter);
System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider();
RSA.FromXmlString(p_strKeyPublic);
System.Security.Cryptography.RSAPKCS1SignatureDeformatter RSADeformatter = new System.Security.Cryptography.RSAPKCS1SignatureDeformatter(RSA);
//指定解密的時候HASH演算法為MD5
RSADeformatter.SetHashAlgorithm("MD5");
if (RSADeformatter.VerifySignature(HashbyteDeformatter, DeformatterData))
{
return true;
}
else
{
return false;
}
}
public bool SignatureDeformatter(string p_strKeyPublic, byte[] HashbyteDeformatter, string p_strDeformatterData)
{
byte[] DeformatterData;
System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider();
RSA.FromXmlString(p_strKeyPublic);
System.Security.Cryptography.RSAPKCS1SignatureDeformatter RSADeformatter = new System.Security.Cryptography.RSAPKCS1SignatureDeformatter(RSA);
//指定解密的時候HASH演算法為MD5
RSADeformatter.SetHashAlgorithm("MD5");
DeformatterData = Convert.FromBase64String(p_strDeformatterData);
if (RSADeformatter.VerifySignature(HashbyteDeformatter, DeformatterData))
{
return true;
}
else
{
return false;
}
}
public bool SignatureDeformatter(string p_strKeyPublic, string p_strHashbyteDeformatter, string p_strDeformatterData)
{
byte[] DeformatterData;
byte[] HashbyteDeformatter;
HashbyteDeformatter = Convert.FromBase64String(p_strHashbyteDeformatter);
System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider();
RSA.FromXmlString(p_strKeyPublic);
System.Security.Cryptography.RSAPKCS1SignatureDeformatter RSADeformatter = new System.Security.Cryptography.RSAPKCS1SignatureDeformatter(RSA);
//指定解密的時候HASH演算法為MD5
RSADeformatter.SetHashAlgorithm("MD5");
DeformatterData = Convert.FromBase64String(p_strDeformatterData);
if (RSADeformatter.VerifySignature(HashbyteDeformatter, DeformatterData))
{
return true;
}
else
{
return false;
}
}
#endregion
#endregion
}
2.3-公鑰/私鑰
- 公鑰:公開的Key
- 私鑰:不公開的Key
- 公開加密Key——>保證數據的安全傳遞
- 公開解密Key——>保證數據的不可抵賴
- C#內置實現了公鑰加密/私鑰解密,如果想要用第三方的DLL-BounccyCastle
四、數字證書
2.1-CA證書
2.2-單邊認證https
2.3-雙邊認證
原文鏈接:https://www.cnblogs.com/kimiliucn/p/17607330.html
