在项目开发中,出于系统安全考虑,我们总会想到使用加密解密进行处理。首先保证的一点就是数据被窃取后,不能使其正常阅读。其次,就是防止接口随意调用。 (PS:鄙人目前就想到了这两点好处,如果还有什么优点,欢迎给位补充o(^▽^)o)
接下来就说几个常用的加密算法:DES加密算法,AES加密算法,RSA加密算法,Base64加密算法,MD5加密算法,SHA1加密算法
1.DES加密算法
加密方式---- 使用异或,置换,代换,移位四种基本运算进行16轮循环加密而成。
共分为一般加密和三重加密>>
DES一般加密解密代码实现:
#region ========加密======== /// <summary> /// 加密 /// </summary> /// <param name="Text"></param> /// <returns></returns> public static string Encrypt(string Text) { return Encrypt(Text, "DTcms"); } /// <summary> /// 加密数据 /// </summary> /// <param name="Text"></param> /// <param name="sKey"></param> /// <returns></returns> public static string Encrypt(string Text, string sKey) { DESCryptoServiceProvider des = new DESCryptoServiceProvider(); byte[] inputByteArray; inputByteArray = Encoding.Default.GetBytes(Text); des.Key = ASCIIEncoding.ASCII.GetBytes(System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8)); des.IV = ASCIIEncoding.ASCII.GetBytes(System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8)); System.IO.MemoryStream ms = new System.IO.MemoryStream(); CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(), CryptoStreamMode.Write); cs.Write(inputByteArray, 0, inputByteArray.Length); cs.FlushFinalBlock(); StringBuilder ret = new StringBuilder(); foreach (byte b in ms.ToArray()) { ret.AppendFormat("{0:X2}", b); } return ret.ToString(); } #endregion #region ========解密======== /// <summary> /// 解密 /// </summary> /// <param name="Text"></param> /// <returns></returns> public static string Decrypt(string Text) { return Decrypt(Text, "DTcms"); } /// <summary> /// 解密数据 /// </summary> /// <param name="Text"></param> /// <param name="sKey"></param> /// <returns></returns> public static string Decrypt(string Text, string sKey) { try { DESCryptoServiceProvider des = new DESCryptoServiceProvider(); int len; len = Text.Length / 2; byte[] inputByteArray = new byte[len]; int x, i; for (x = 0; x < len; x++) { i = Convert.ToInt32(Text.Substring(x * 2, 2), 16); inputByteArray[x] = (byte)i; } des.Key = ASCIIEncoding.ASCII.GetBytes(System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8)); des.IV = ASCIIEncoding.ASCII.GetBytes(System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(sKey, "md5").Substring(0, 8)); System.IO.MemoryStream ms = new System.IO.MemoryStream(); CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(), CryptoStreamMode.Write); cs.Write(inputByteArray, 0, inputByteArray.Length); cs.FlushFinalBlock(); return Encoding.Default.GetString(ms.ToArray()); } catch { return ""; } } #endregion
3DES(三重DES加密)实现
#region======加密========== public static string DES3Encrypt(string Text) { return DES3Encrypt(Text, "DTcms"); } public static string DES3Encrypt(string strString, string strKey) { TripleDESCryptoServiceProvider DES = new TripleDESCryptoServiceProvider(); MD5CryptoServiceProvider hashMD5 = new MD5CryptoServiceProvider(); DES.Key = hashMD5.ComputeHash(Encoding.Default.GetBytes(strKey)); DES.Mode = CipherMode.ECB; ICryptoTransform DESEncrypt = DES.CreateEncryptor(); byte[] Buffer = Encoding.Default.GetBytes(strString); return Convert.ToBase64String(DESEncrypt.TransformFinalBlock(Buffer, 0, Buffer.Length)); } #endregion #region======解密=========== public static string DES3Decrypt(string Text) { return DES3Decrypt(Text, "DTcms"); } public static string DES3Decrypt(string strString, string strKey) { TripleDESCryptoServiceProvider DES = new TripleDESCryptoServiceProvider(); MD5CryptoServiceProvider hashMD5 = new MD5CryptoServiceProvider(); DES.Key = hashMD5.ComputeHash(Encoding.Default.GetBytes(strKey)); DES.Mode = CipherMode.ECB; ICryptoTransform DESDecrypt = DES.CreateDecryptor(); string result = ""; try { byte[] Buffer = Convert.FromBase64String(strString); result = Encoding.Default.GetString(DESDecrypt.TransformFinalBlock(Buffer, 0, Buffer.Length)); } catch (System.Exception e) { throw (new System.Exception("null", e)); } return result; } #endregion
2.AES加密实现
这个代替了上面的DES,称为高级加密标准
加密方式---1、密钥扩展(KeyExpansion),2、初始轮(Initial Round),3、重复轮(Rounds),每一轮又包括:SubBytes、ShiftRows、MixColumns、AddRoundKey,4、最终轮(Final Round),最终轮没有MixColumns。
根据参数分为三种>>
参数是byte[]类型的:
#region /// <summary> /// AES加密 /// </summary> /// <param name="Data">被加密的明文</param> /// <param name="Key">密钥</param> /// <param name="Vector">向量</param> /// <returns>密文</returns> public static Byte[] AESEncrypt(Byte[] Data, String Key, String Vector) { Byte[] bKey = new Byte[32]; Array.Copy(Encoding.UTF8.GetBytes(Key.PadRight(bKey.Length)), bKey, bKey.Length); Byte[] bVector = new Byte[16]; Array.Copy(Encoding.UTF8.GetBytes(Vector.PadRight(bVector.Length)), bVector, bVector.Length); Byte[] Cryptograph = null; // 加密后的密文 Rijndael Aes = Rijndael.Create(); try { // 开辟一块内存流 using (MemoryStream Memory = new MemoryStream()) { // 把内存流对象包装成加密流对象 using (CryptoStream Encryptor = new CryptoStream(Memory, Aes.CreateEncryptor(bKey, bVector), CryptoStreamMode.Write)) { // 明文数据写入加密流 Encryptor.Write(Data, 0, Data.Length); Encryptor.FlushFinalBlock(); Cryptograph = Memory.ToArray(); } } } catch { Cryptograph = null; } return Cryptograph; } /// <summary> /// AES解密 /// </summary> /// <param name="Data">被解密的密文</param> /// <param name="Key">密钥</param> /// <param name="Vector">向量</param> /// <returns>明文</returns> public static Byte[] AESDecrypt(Byte[] Data, String Key, String Vector) { Byte[] bKey = new Byte[32]; Array.Copy(Encoding.UTF8.GetBytes(Key.PadRight(bKey.Length)), bKey, bKey.Length); Byte[] bVector = new Byte[16]; Array.Copy(Encoding.UTF8.GetBytes(Vector.PadRight(bVector.Length)), bVector, bVector.Length); Byte[] original = null; // 解密后的明文 Rijndael Aes = Rijndael.Create(); try { // 开辟一块内存流,存储密文 using (MemoryStream Memory = new MemoryStream(Data)) { // 把内存流对象包装成加密流对象 using (CryptoStream Decryptor = new CryptoStream(Memory, Aes.CreateDecryptor(bKey, bVector), CryptoStreamMode.Read)) { // 明文存储区 using (MemoryStream originalMemory = new MemoryStream()) { Byte[] Buffer = new Byte[1024]; Int32 readBytes = 0; while ((readBytes = Decryptor.Read(Buffer, 0, Buffer.Length)) > 0) { originalMemory.Write(Buffer, 0, readBytes); } original = originalMemory.ToArray(); } } } } catch { original = null; } return original; } #endregion
参数是string类型的:
#region /// <summary> /// 获取密钥 /// </summary> private static string Key { get { return @")O[NB]6,YF}+efcaj{+oESb9d8>Z'e9M"; } } /// <summary> /// 获取向量 /// </summary> private static string IV { get { return @"L+~f4,Ir)b$=pkf"; } } /// <summary> /// AES加密 /// </summary> /// <param name="plainStr">明文字符串</param> /// <returns>密文</returns> public static string AESEncrypt(string plainStr) { byte[] bKey = Encoding.UTF8.GetBytes(Key); byte[] bIV = Encoding.UTF8.GetBytes(IV); byte[] byteArray = Encoding.UTF8.GetBytes(plainStr); string encrypt = null; Rijndael aes = Rijndael.Create(); using (MemoryStream mStream = new MemoryStream()) { using (CryptoStream cStream = new CryptoStream(mStream, aes.CreateEncryptor(bKey, bIV), CryptoStreamMode.Write)) { cStream.Write(byteArray, 0, byteArray.Length); cStream.FlushFinalBlock(); encrypt = Convert.ToBase64String(mStream.ToArray()); } } aes.Clear(); return encrypt; } /// <summary> /// AES加密 /// </summary> /// <param name="plainStr">明文字符串</param> /// <param name="returnNull">加密失败时是否返回 null,false 返回 String.Empty</param> /// <returns>密文</returns> public static string AESEncrypt(string plainStr, bool returnNull) { string encrypt = AESEncrypt(plainStr); return returnNull ? encrypt : (encrypt == null ? String.Empty : encrypt); } /// <summary> /// AES解密 /// </summary> /// <param name="encryptStr">密文字符串</param> /// <returns>明文</returns> public static string AESDecrypt(string encryptStr) { byte[] bKey = Encoding.UTF8.GetBytes(Key); byte[] bIV = Encoding.UTF8.GetBytes(IV); byte[] byteArray = Convert.FromBase64String(encryptStr); string decrypt = null; Rijndael aes = Rijndael.Create(); using (MemoryStream mStream = new MemoryStream()) { using (CryptoStream cStream = new CryptoStream(mStream, aes.CreateDecryptor(bKey, bIV), CryptoStreamMode.Write)) { cStream.Write(byteArray, 0, byteArray.Length); cStream.FlushFinalBlock(); decrypt = Encoding.UTF8.GetString(mStream.ToArray()); } } aes.Clear(); return decrypt; } /// <summary> /// AES解密 /// </summary> /// <param name="encryptStr">密文字符串</param> /// <param name="returnNull">解密失败时是否返回 null,false 返回 String.Empty</param> /// <returns>明文</returns> public static string AESDecrypt(string encryptStr, bool returnNull) { string decrypt = AESDecrypt(encryptStr); return returnNull ? decrypt : (decrypt == null ? String.Empty : decrypt); } #endregion
256位AES加密算法,参数是string类型的:
#region /// <summary> /// 256位AES加密 /// </summary> /// <param name="toEncrypt"></param> /// <returns></returns> public static string Encrypt(string toEncrypt) { // 256-AES key byte[] keyArray = UTF8Encoding.UTF8.GetBytes("12345678901234567890123456789012"); byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes(toEncrypt); RijndaelManaged rDel = new RijndaelManaged(); rDel.Key = keyArray; rDel.Mode = CipherMode.ECB; rDel.Padding = PaddingMode.PKCS7; ICryptoTransform cTransform = rDel.CreateEncryptor(); byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length); return Convert.ToBase64String(resultArray, 0, resultArray.Length); } /// <summary> /// 256位AES解密 /// </summary> /// <param name="toDecrypt"></param> /// <returns></returns> public static string Decrypt(string toDecrypt) { // 256-AES key byte[] keyArray = UTF8Encoding.UTF8.GetBytes("12345678901234567890123456789012"); byte[] toEncryptArray = Convert.FromBase64String(toDecrypt); RijndaelManaged rDel = new RijndaelManaged(); rDel.Key = keyArray; rDel.Mode = CipherMode.ECB; rDel.Padding = PaddingMode.PKCS7; ICryptoTransform cTransform = rDel.CreateDecryptor(); byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length); return UTF8Encoding.UTF8.GetString(resultArray); } #endregion
3.RSA加密实现
RSA是种非对称加密算法,它比同样级别的对称密码算法要慢1000倍左右。所以一般只用于少量数据加密。
参考: http://blog.csdn.net/llwinnner/article/details/4011936
4.Base64加密实现
实现原理:
1. Base64使用A--Z,a--z,0--9,+,/ 这64个字符.
2. 编码原理:将3个字节转换成4个字节( (3 X 8) = 24 = (4 X 6) )先读入3个字节,每读一个字节,左移8位,再右移四次,每次6位,这样就有4个字节了.
3. 解码原理:将4个字节转换成3个字节.先读入4个6位(用或运算),每次左移6位,再右移3次,每次8位.这样就还原了.
using System; using System.Collections.Generic; using System.Text; namespace MyLibs.encrypt { public class Base64 { private static string base64EncodeChars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";//编码后的字符集 private static int[] base64DecodeChars = new int[] { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1 };//对应ASICC字符的位置 public static string base64encode(string str) { //加密 string Out = ""; int i = 0, len = str.Length; char c1, c2, c3; while (i < len) { c1 = Convert.ToChar(str[i++] & 0xff); if (i == len) { Out += base64EncodeChars[c1 >> 2]; Out += base64EncodeChars[(c1 & 0x3) << 4]; Out += "=="; break; } c2 = str[i++]; if (i == len) { Out += base64EncodeChars[c1 >> 2]; Out += base64EncodeChars[((c1 & 0x3) << 4) | ((c2 & 0xF0) >> 4)]; Out += base64EncodeChars[(c2 & 0xF) << 2]; Out += "="; break; } c3 = str[i++]; Out += base64EncodeChars[c1 >> 2]; Out += base64EncodeChars[((c1 & 0x3) << 4) | ((c2 & 0xF0) >> 4)]; Out += base64EncodeChars[((c2 & 0xF) << 2) | ((c3 & 0xC0) >> 6)]; Out += base64EncodeChars[c3 & 0x3F]; } return Out; } public string utf16to8(string str) { string Out = ""; int i, len; char c;//char为16位Unicode字符,范围0~0xffff,感谢vczh提醒 len = str.Length; for (i = 0; i < len; i++) {//根据字符的不同范围分别转化 c = str[i]; if ((c >= 0x0001) && (c <= 0x007F)) { Out += str[i]; } else if (c > 0x07FF) { Out += (char)(0xE0 | ((c >> 12) & 0x0F)); Out += (char)(0x80 | ((c >> 6) & 0x3F)); Out += (char)(0x80 | ((c >> 0) & 0x3F)); } else { Out += (char)(0xC0 | ((c >> 6) & 0x1F)); Out += (char)(0x80 | ((c >> 0) & 0x3F)); } } return Out; } public static string base64decode(string str) {//解密 int c1, c2, c3, c4; int i, len; string Out; len = str.Length; i = 0; Out = ""; while (i < len) { do { c1 = base64DecodeChars[str[i++] & 0xff]; } while (i < len && c1 == -1); if (c1 == -1) break; do { c2 = base64DecodeChars[str[i++] & 0xff]; } while (i < len && c2 == -1); if (c2 == -1) break; Out += (char)((c1 << 2) | ((c2 & 0x30) >> 4)); do { c3 = str[i++] & 0xff; if (c3 == 61) return Out; c3 = base64DecodeChars[c3]; } while (i < len && c3 == -1); if (c3 == -1) break; Out += (char)(((c2 & 0XF) << 4) | ((c3 & 0x3C) >> 2)); do { c4 = str[i++] & 0xff; if (c4 == 61) return Out; c4 = base64DecodeChars[c4]; } while (i < len && c4 == -1); if (c4 == -1) break; Out += (char)(((c3 & 0x03) << 6) | c4); } return Out; } public string utf8to16(string str) { string Out = ""; int i, len; char c, char2, char3; len = str.Length; i = 0; while (i < len) { c = str[i++]; switch (c >> 4) { case 0: case 1: case 2: case 3: case 4: case 5: case 6: case 7: Out += str[i - 1]; break; case 12: case 13: char2 = str[i++]; Out += (char)(((c & 0x1F) << 6) | (char2 & 0x3F)); break; case 14: char2 = str[i++]; char3 = str[i++]; Out += (char)(((c & 0x0F) << 12) | ((char2 & 0x3F) << 6) | ((char3 & 0x3F) << 0)); break; } } return Out; } } }
5.MD5加密实现
MD5功能:
输入任意长度的信息,经过处理,输出为128位的信息(数字指纹);
不同的输入得到的不同的结果(唯一性);
根据128位的输出结果不可能反推出输入的信息(不可逆);
作用:1、防止被篡改: 2、防止直接看到明文: 3、防止抵赖(数字签名):
参考:http://www.cnblogs.com/healer007/p/5062189.html
6.SHA1加密实现
SHA1加密和MD5一样都是不可逆的,效率也都差不多。
#region 获取由SHA1加密的字符串 public static string EncryptToSHA1(string str) { SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider(); byte[] str1 = Encoding.UTF8.GetBytes(str); byte[] str2 = sha1.ComputeHash(str1); sha1.Clear(); (sha1 as IDisposable).Dispose(); return Convert.ToBase64String(str2); } #endregion