当前位置: 文江博客话题详情

加密-机器密钥

发布于 2024-12-20 12:28:59 字数 481 浏览 0 评论 0原文

我正在尝试找出一种安全的方法,使用 C# 为我的网络应用程序加密数据库中的几个字段。

我需要找到一个执行加密/解密的脚本以及存储密钥的方法。我读到您可以使用 machinekey 作为密钥,这是正确的吗?

有自动生成和非自动生成的机器密钥。我想我宁愿选择非自动生成的,因为这样可以很容易地将我的网络应用程序部署到不同的服务器中。我发现这个工具可以为您生成一个:

http://aspnetresources.com/tools/machineKey

什么加密/解密脚本可以与此机器密钥配合使用?

我还想知道,将非自动生成的机器密钥存储在 web.config 文件中有多安全?如果有人可以看到 web.config 文件,为什么要使用 machinekey 而不是 appSettings 中的“普通”密钥?

原文

I'm trying to figure out a secure way of encrypting a couple of fields in my database using C# for my web app.

I need to find a script that does the encryption/decryption and a way of storing the key. I read that you can use the machinekey as a key, is that correct?

There are autogenerated and non-autogenerated machinekeys. I think I would rather go with the non-autogenerated, as this way it will be easy to deploy my web app into different servers. I found this tool where it generates one for you:

http://aspnetresources.com/tools/machineKey

What encryption/decryption script would work with this machinekey?

Also I was wondering, how secure is it to store the non-autogenerated machine key in the web.config file? If someone can see the web.config file, why use machinekey instead of a "normal" key in appSettings for instance?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

喜爱皱眉﹌ 2024-12-27 12:28:59

根据该文章,生成了 256 位解密密钥和 512 位验证密钥,它们与 Rijndael 算法相匹配,因此您需要它的 C# 实现,该实现已位于 System.Security.Cryptography 中/代码> 命名空间。

这里有两个函数可以完成这项工作:

private static string EncryptString(string clearText, 
                                    string strKey, string strIv) {

    byte[] plainText = Encoding.UTF8.GetBytes(clearText);

    byte[] key = Encoding.UTF8.GetBytes(strKey);

    // a simple initialization vector
    byte[] iv = Encoding.UTF8.GetBytes(strIv);


    RijndaelManaged rijndael = new RijndaelManaged();

    //Define the Mode
    rijndael.Mode = CipherMode.CBC;

    ICryptoTransform aesEncryptor = rijndael.CreateEncryptor(key, iv);

    MemoryStream ms = new MemoryStream();

    // writing data to MemoryStream
    CryptoStream cs = new CryptoStream(ms, aesEncryptor, CryptoStreamMode.Write);
    cs.Write(plainText, 0, plainText.Length);
    cs.FlushFinalBlock();

    byte[] CipherBytes = ms.ToArray();

    ms.Close();
    cs.Close();

    return Convert.ToBase64String(CipherBytes);
}

和 :

public static string DecryptString(string cipherText, 
                                   string strKey, string strIv) {

          byte[] cipheredData = Convert.FromBase64String(cipherText);
          byte[] key = Encoding.UTF8.GetBytes(strKey);

          byte[] iv = Encoding.UTF8.GetBytes(strIv);

          RijndaelManaged rijndael = new RijndaelManaged();
          rijndael.Mode = CipherMode.CBC;

          ICryptoTransform decryptor = rijndael.CreateDecryptor(key, iv);
          MemoryStream ms = new MemoryStream(cipheredData);
          CryptoStream cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Read);

          byte[] plainTextData = new byte[cipheredData.Length];

          int decryptedByteCount = cs.Read(plainTextData, 0, plainTextData.Length);

          ms.Close();
          cs.Close();

          return Encoding.UTF8.GetString(plainTextData, 0, decryptedByteCount);
}

关于你的第二个问题,生成的机器密钥是一个十六进制字符串,它是人类可读的,但你无法弄清楚。

我希望这有帮助。

According to that article, a 256-bit decryption key and a 512-bit validation key are generated and they go with the Rijndael algorithm, so you need a C# implementation of it which is already in the System.Security.Cryptography namespace.

Here is two functions that do the work:

private static string EncryptString(string clearText, 
                                    string strKey, string strIv) {

    byte[] plainText = Encoding.UTF8.GetBytes(clearText);

    byte[] key = Encoding.UTF8.GetBytes(strKey);

    // a simple initialization vector
    byte[] iv = Encoding.UTF8.GetBytes(strIv);


    RijndaelManaged rijndael = new RijndaelManaged();

    //Define the Mode
    rijndael.Mode = CipherMode.CBC;

    ICryptoTransform aesEncryptor = rijndael.CreateEncryptor(key, iv);

    MemoryStream ms = new MemoryStream();

    // writing data to MemoryStream
    CryptoStream cs = new CryptoStream(ms, aesEncryptor, CryptoStreamMode.Write);
    cs.Write(plainText, 0, plainText.Length);
    cs.FlushFinalBlock();

    byte[] CipherBytes = ms.ToArray();

    ms.Close();
    cs.Close();

    return Convert.ToBase64String(CipherBytes);
}

And :

public static string DecryptString(string cipherText, 
                                   string strKey, string strIv) {

          byte[] cipheredData = Convert.FromBase64String(cipherText);
          byte[] key = Encoding.UTF8.GetBytes(strKey);

          byte[] iv = Encoding.UTF8.GetBytes(strIv);

          RijndaelManaged rijndael = new RijndaelManaged();
          rijndael.Mode = CipherMode.CBC;

          ICryptoTransform decryptor = rijndael.CreateDecryptor(key, iv);
          MemoryStream ms = new MemoryStream(cipheredData);
          CryptoStream cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Read);

          byte[] plainTextData = new byte[cipheredData.Length];

          int decryptedByteCount = cs.Read(plainTextData, 0, plainTextData.Length);

          ms.Close();
          cs.Close();

          return Encoding.UTF8.GetString(plainTextData, 0, decryptedByteCount);
}

And about your second question, the generated machinekey is a hexadecimal string which is human readable but you cannot figure it out.

I hope this help.

回复 原文
~没有更多了~

关于作者

似最初

暂无简介

文章
评论
27 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

知足的幸福

文章 0 评论 0

我一向站在原地

文章 0 评论 0

慕烟庭风

文章 0 评论 0

秉忠贞之诚 守退让之实

文章 0 评论 0

小兔几

文章 0 评论 0

mb_3y7WUgWY

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文