使用 DES 类 C# 使用 System.Security.Cryptography 进行加密
我尝试使用 System.Security.Cryptography.DES 加密字符串,但我发现每次运行该程序时加密结果都会改变! 我不知道如何在每次运行应用程序时获得相同的结果?是否需要添加常量键或其他任何内容才能获得相同的结果? 我希望当我在这段代码中输入“google”时,
byte[] plaintextBytes = (new UnicodeEncoding()).GetBytes(expireddate);
SymmetricAlgorithm sa = DES.Create();
MemoryStream msEncrypt = new MemoryStream();
CryptoStream csEncrypt = new CryptoStream(msEncrypt, sa.CreateEncryptor(), CryptoStreamMode.Write);
csEncrypt.Write(plaintextBytes, 0, plaintextBytes.Length);
csEncrypt.Close();
byte[] encryptedTextBytes = msEncrypt.ToArray();
当我下次打开应用程序时输入字节数组的结果时,从这段代码中获取“google”?
MemoryStream msDecrypt = new MemoryStream(decodedlistbyte.ToArray());
CryptoStream csDecrypt = new CryptoStream(msDecrypt, sa.CreateDecryptor(), CryptoStreamMode.Read);
byte[] decryptedTextBytes = new Byte[decodedlistbyte.Count];
csDecrypt.Read(decryptedTextBytes, 0, decodedlistbyte.Count);
csDecrypt.Close();
msDecrypt.Close();
string decrypteddate = (new UnicodeEncoding()).GetString(decryptedTextBytes);
I tried to encrypt a string with System.Security.Cryptography.DES but I found that every time I run The program the result of encryption changed !
I don't know how to get the same result each time I run the application ? IS there constant key or anything else to add to get the same result ?
I want when I enter "google" in this code
byte[] plaintextBytes = (new UnicodeEncoding()).GetBytes(expireddate);
SymmetricAlgorithm sa = DES.Create();
MemoryStream msEncrypt = new MemoryStream();
CryptoStream csEncrypt = new CryptoStream(msEncrypt, sa.CreateEncryptor(), CryptoStreamMode.Write);
csEncrypt.Write(plaintextBytes, 0, plaintextBytes.Length);
csEncrypt.Close();
byte[] encryptedTextBytes = msEncrypt.ToArray();
get "google" from this code when I entered the result of array of bytes in next time i opened the application ?
MemoryStream msDecrypt = new MemoryStream(decodedlistbyte.ToArray());
CryptoStream csDecrypt = new CryptoStream(msDecrypt, sa.CreateDecryptor(), CryptoStreamMode.Read);
byte[] decryptedTextBytes = new Byte[decodedlistbyte.Count];
csDecrypt.Read(decryptedTextBytes, 0, decodedlistbyte.Count);
csDecrypt.Close();
msDecrypt.Close();
string decrypteddate = (new UnicodeEncoding()).GetString(decryptedTextBytes);
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
每次重新加密纯文本时,您都会生成一个加密安全的 IV(初始化向量)——这很好,并且该值每次都应该改变。 IV 可以公开,并且不应与加密密钥相关。
然而 Des 不再是一个非常安全的算法,我建议切换到 Rijndael 或 Triple des。
You are generating a cryptographically secure IV (initialization vector) each time you re-encrypt the plain text - this is good, and the value should change each time. The IV can be kept public and should in no way relate to the encryption key.
However Des is not a very secure algorithm any more and I would recommend switching to Rijndael or tripple des.
我建议您使用强大的对称密钥算法,例如 AES(即 Rijndael)。查看 .NET 中的
RijndaelManaged类。相同的密钥可用于加密和解密,这就是它是对称算法的原因。密钥的安全至关重要,因此请保持其私密性并安全存储。I recommend you use a strong symmetric key algorithm such as AES (i.e. Rijndael). Have a look at the
RijndaelManagedclass in .NET. The same key can be used for encryption and decryption, which is why it's a symmetric algorithm. The security of the key is vital, so keep it private and store it securely.就像 @Ross 所说,加密的字符串会有所不同,因为每次都应该使用新的 IV。
但是,您当前的代码每次都使用新的Key和IV。如果您希望能够在另一台计算机上解密,那么您应该自己设置密钥和 IV,或者保留加密时自动生成的密钥和 IV。
,当加密时
例如 解密时(在另一台计算机上)
您可以传输带有加密数据的 IV。当然,密钥应该在带外传输/共享。
Like @Ross said the encrypted string will be different because a new IV should be used each time.
However you current code is using a new Key and IV each time. If you want to be able to decrypt on another computer then you should set the Key and IV yourself - or keep the one automagically produced while encrypting.
E.g. when encrypting
E.g. while decrypting (on another computer)
You can transmit the IV with the encrypted data. The secret key should, of course, be transmitted/shared out-of-band.
你的问题不在于他的密文不同。这实际上是加密方案的一个重要属性。
你的问题是要么你重用相同的对称算法对象而不重置其状态,要么 - 更有可能,但我无法从代码片段中看出, - 使用不同的密钥和 iv 重新集成对称算法。
对于解密,生成一种新的对称算法,然后将 sa.Key 和 sa.IV 设置为您加密时使用的值。重要的是,请确保安全地存储密钥并确保您的 IV 是随机的(您需要将其包含在存储的数据中)。不要对 IV 进行硬编码。这完全不安全。
顺便说一句,DES 相当不安全(10 年前我可以在大约 3 天的时间内尝试所有可能的密钥)。使用 AES 托管。另外,加密很难,我不建议你自己做。如果您确实想要,请考虑查看此,它可以完成您想要的大部分功能,甚至更多。
Your problem isn't that he cipher text is different. This is actually an important property of an encryption scheme.
Your problem is either that you are reusing the same symmetric algorithm object without reseting its state or -- more likely, but I can't tell from the snippet, -- reintegrating the symmetric algorithm with a different key and iv.
For decrypt, generate a new symmetric algorithm and then set sa.Key and sa.IV to be the values used in the one you encrypted with. Important, make sure you store the key securely and make sure your IV is random ( you will need to include it in the data you store). Don't hardcode the IV. That is completely insecure.
By the way, DES is rather insecure ( I could try all possible keys in about 3 days 10 years ago). Use AESManaged. Also, crypto is hard and I don't recommend you do it yourself. If you do want to , consider looking at this, it does most of what you want and a little more.