C#做的一个加密/解密的类

大家要有兴趣,可以一起来讨论一下 WebService数据交互安全问题,以下的这个代码,可以用于Dotnet环境下的任何托管方式的应用程序,在实际应用中有两个实例。其中,有一个挂在Internet上的,URL:http://www.tttsss.com/webservice/THRDataService.asmx , 有兴趣的可以看看其中的Soap信息。当然,要看里面的加密解密过程,就没办法了!否则,我呀太没面子了,是吧!

          前两年写的东西,现在整理一下发出来!以前公司需要做WebService,并且对WebService的SoapHeader进行加密,所以就写了这么个东东!使用这个类,需要密钥管理!为了保证数据的安全性往往要对数据进行加密,但是加密的缺点之一,就是影响程序的运行效率,所以,当时我的思路是只对用户的登录信息(用户名,密码)进行加密!数据用明文传输,用户信息验证没有通过的情况下, 不进行数据传输。

          实际在网络通讯中,使用密钥匙的方式并非无懈可击,如果黑客可以捕捉到用密钥加密的,用户验证信息,然后,做个模拟请求,向提供WebService的服务器发请求,还是可以获得请求数据!所以,我又使用了IP或者域名绑定的方式!毕竟,WebService不是直接对最终用户提供的!所以,加上以上这些手段后,就算有不良企图者想通过非法方式获得WebService提供的服务,就再费点劲吧!            

          还有一点安全建议,就是定期的更换密钥,在这个例子中,我用的是对称加密,加密方和解密方的密钥一致!定期的更换密钥可以让安全性提高一大截!

          大家要有更好的方法,或者建议,可以留言讨论一下!共同提高!

代码如下:

using System;
using System.Security.Cryptography ;
using System.Text;
using System.IO;


namespace SEDO

 /// <summary>
 /// SEDO 的摘要说明。
 /// SEDO 实现的是用一个封装了4种对称加密方法(Des,Rc2,Rijndael,TripleDes)的组件
 ///
 /// 注意事项:
 /// 1:TripleDes和Rijndael加密/解密对象使用16或者24位byte的Key
 /// 2:Rijndael只能使用16位的初始化向量IV
 /// 3:Des和Rc2均使用8位Byte的Key和IV
 /// 4:对需要加密/解密的数据流采用何种方法进行编码/解码,由调用组件的用户自己决定
 /// 5:密钥和初始化向量IV由使用者自己定义
 /// 程序员: 王海波 2003-05-19 hwnanghb@21cn.com
 /// </summary>
 
 //定义加密类型的枚举
 public enum EncryptionAlgorithm {Des = 1, Rc2, Rijndael, TripleDes};


 //定义加密类
 internal class EncryptTransformer
 {
  private EncryptionAlgorithm algorithmID;
  private byte[] initVec;
  private byte[] encKey;

  internal EncryptTransformer(EncryptionAlgorithm algId)
  {
   //Save the algorithm being used.
   algorithmID = algId;
  }

  internal ICryptoTransform GetCryptoServiceProvider(byte[] bytesKey)
  {
   //当数据密钥Key或者初始化向量IV为空的时候,将使用加密对象自动产生的密钥Key或者初始化向量IV
   switch (algorithmID)
   {
    case EncryptionAlgorithm.Des:
    {
     DES des = new DESCryptoServiceProvider();
     des.Mode = CipherMode.CBC;

     // See if a key was provided
     if (null == bytesKey)
     {
      encKey = des.Key;
     }
     else
     {
      des.Key = bytesKey;
      encKey = des.Key;
     }
     // See if the client provided an initialization vector
     if (null == initVec)
     { // Have the algorithm create one
      initVec = des.IV;
     }
     else
     { //No, give it to the algorithm
      des.IV = initVec;
     }
     return des.CreateEncryptor();
    }
    case EncryptionAlgorithm.TripleDes:
    {
     TripleDES des3 = new TripleDESCryptoServiceProvider();
     des3.Mode = CipherMode.CBC;
     // See if a key was provided
     if (null == bytesKey)
     {
      encKey = des3.Key;
     }
     else
     {
      des3.Key = bytesKey;
      encKey = des3.Key;
     }
     // See if the client provided an IV
     if (null == initVec)
     { //Yes, have the alg create one
      initVec = des3.IV;
     }
     else
     { //No, give it to the alg.
      des3.IV = initVec;
     }
     return des3.CreateEncryptor();
    }
    case EncryptionAlgorithm.Rc2:
    {
     RC2 rc2 = new RC2CryptoServiceProvider();
     rc2.Mode = CipherMode.CBC;
     // Test to see if a key was provided
     if (null == bytesKey)
     {
      encKey = rc2.Key;
     }
     else
     {
      rc2.Key = bytesKey;
      encKey = rc2.Key;
     }
     // See if the client provided an IV
     if (null == initVec)
     { //Yes, have the alg create one
      initVec = rc2.IV;
     }
     else
     { //No, give it to the alg.
      rc2.IV = initVec;
     }
     return rc2.CreateEncryptor();
    }
    case EncryptionAlgorithm.Rijndael:
    {
     Rijndael rijndael = new RijndaelManaged();
     rijndael.Mode = CipherMode.CBC;
     // Test to see if a key was provided
     if(null == bytesKey)
     {
      encKey = rijndael.Key;
     }
     else
     {
      rijndael.Key = bytesKey;
      encKey = rijndael.Key;
     }
     // See if the client provided an IV
     if(null == initVec)
     { //Yes, have the alg create one
      initVec = rijndael.IV;
     }
     else
     { //No, give it to the alg.
      rijndael.IV = initVec;
     }
     return rijndael.CreateEncryptor();
    }
    default:
    {
     throw new CryptographicException("Algorithm ID '" +
      algorithmID +
      "' not supported.");
    }
   }
  }

  //加密的偏移向量
  internal byte[] IV
  {
   get{return initVec;}
   set{initVec = value;}
  }
  //加密的密钥
  internal byte[] Key
  {
   get{return encKey;}
   set{encKey = value;}
  }

 }

 //定义解密类
 internal class DecryptTransformer
 {
  private EncryptionAlgorithm algorithmID;
  private byte[] initVec;
  private byte[] encKey;

  internal DecryptTransformer(EncryptionAlgorithm deCryptId)
  {
   algorithmID = deCryptId;
  }

  //加密的偏移向量
  internal byte[] IV
  {
   get{return initVec;}
   set{initVec = value;}
  }
  
  //加密的密钥
  internal byte[] Key
  {
   get{return encKey;}
   set{encKey = value;}
  }

  internal ICryptoTransform GetCryptoServiceProvider(byte[] bytesKey)
  {
   //当数据密钥Key或者初始化向量IV为空的时候,将使用加密对象自动产生的密钥Key或者初始化向量IV
   switch (algorithmID)
   {
    case EncryptionAlgorithm.Des:
    {
     DES des = new DESCryptoServiceProvider();
     des.Mode = CipherMode.CBC;
     des.Key = bytesKey;
     des.IV = initVec;
     return des.CreateDecryptor();
    }
    case EncryptionAlgorithm.TripleDes:
    {
     TripleDES des3 = new TripleDESCryptoServiceProvider();
     des3.Mode = CipherMode.CBC;
     return des3.CreateDecryptor(bytesKey, initVec);
    }
    case EncryptionAlgorithm.Rc2:
    {
     RC2 rc2 = new RC2CryptoServiceProvider();
     rc2.Mode = CipherMode.CBC;
     return rc2.CreateDecryptor(bytesKey, initVec);
    }
    case EncryptionAlgorithm.Rijndael:
    {
     Rijndael rijndael = new RijndaelManaged();
     rijndael.Mode = CipherMode.CBC;
     return rijndael.CreateDecryptor(bytesKey, initVec);
    }
    default:
    {
     throw new CryptographicException("Algorithm ID '" +
      algorithmID +
      "' not supported.");
    }
   }
  } //end GetCryptoServiceProvider
 
 }

 //定义加密者类
 public class Encryptor
 {
  private EncryptTransformer transformer;
  private byte[] initVec;
  private byte[] encKey;
 
  public Encryptor(EncryptionAlgorithm algId)
  {
   transformer = new EncryptTransformer(algId);
  }

  public byte[] Encrypt(byte[] bytesData, byte[] bytesKey,byte[] bytesIV)
  {
   //设置流对象用来保存加密数据字节流.
   MemoryStream memStreamEncryptedData = new MemoryStream();
   
   transformer.IV=bytesIV;
   transformer.Key=bytesKey;
 
   ICryptoTransform transform = transformer.GetCryptoServiceProvider(bytesKey);
   CryptoStream encStream = new CryptoStream(memStreamEncryptedData,transform,CryptoStreamMode.Write);

   try
   {
    //将加密数据写进流对象
    encStream.Write(bytesData, 0, bytesData.Length);
   }
   catch(Exception ex)
   {
    throw new Exception("在数据加密的时候出现错误!错误提示: \n"  + ex.Message);
   }
   
   //设置加密的Key和初始向量IV属性
   encKey = transformer.Key;
   initVec = transformer.IV;

   encStream.FlushFinalBlock();
   encStream.Close();

   //Send the data back.
   return memStreamEncryptedData.ToArray();
  }

  public byte[] IV
  {
   get{return initVec;}
   set{initVec = value;}
  }

  public byte[] Key
  {
   get{return encKey;}
   set{encKey = value;}
  }
 
 }


 //定义解密者类
 public class Decryptor
 {
  private DecryptTransformer transformer;
  private byte[] initVec;
  private byte[] encKey;

  public Decryptor(EncryptionAlgorithm algId)
  {
   transformer = new DecryptTransformer(algId);
  }

  public byte[] Decrypt(byte[] bytesData, byte[] bytesKey,byte[] bytesIV)
  {
   //设置流对象用来保存解密数据字节流.
   MemoryStream memStreamDecryptedData = new MemoryStream();

   //Pass in the initialization vector.
   transformer.IV = bytesIV;
   transformer.Key = bytesKey;

   ICryptoTransform transform = transformer.GetCryptoServiceProvider(bytesKey);
   CryptoStream decStream = new CryptoStream(memStreamDecryptedData,transform, CryptoStreamMode.Write);
   
   try
   {
    decStream.Write(bytesData, 0, bytesData.Length);
   }
   catch(Exception ex)
   {
    throw new Exception("在数据解密的时候出现错误!错误提示: \n" + ex.Message);
   }
   decStream.FlushFinalBlock();
   decStream.Close();
   // 返回解密数据.
   return memStreamDecryptedData.ToArray();
  }

  public byte[] IV
  {
   get{return initVec;}
   set{initVec = value;}
  }

  public byte[] Key
  {
   get{return encKey;}
   set{encKey = value;}
  }
 
 }

 //类描述:文件加密/解密类
 public class SecurityFile
 {
  private DecryptTransformer Dec_Transformer;    //解密转换器
  private EncryptTransformer Enc_Transformer;    //加密转换器
  private byte[] initVec;
  private byte[] encKey;

  public SecurityFile(EncryptionAlgorithm algId)
  {
   Dec_Transformer = new DecryptTransformer(algId);
   Enc_Transformer = new EncryptTransformer(algId);
  }

  //加密的偏移向量
  internal byte[] IV
  {
   get{return initVec;}
   set{initVec = value;}
  }
  //加密的密钥
  internal byte[] Key
  {
   get{return encKey;}
   set{encKey = value;}
  }

  //功能描述:加密文件
  public void EncryptFile(string inFileName, string outFileName, byte[] bytesKey, byte[] bytesIV)
  {
   try
   {
    FileStream fin = new FileStream(inFileName, FileMode.Open, FileAccess.Read);
    FileStream fout = new FileStream(outFileName, FileMode.OpenOrCreate, FileAccess.Write);
    fout.SetLength(0);
      
    //Create variables to help with read and write.
    byte[] bin = new byte[100]; //This is intermediate storage for the encryption.
    long rdlen = 0;              //This is the total number of bytes written.
    long totlen = fin.Length;    //This is the total length of the input file.
    int len;                     //This is the number of bytes to be written at a time.
 
    Enc_Transformer.IV=bytesIV;
    Enc_Transformer.Key=bytesKey;

    ICryptoTransform transform = Enc_Transformer.GetCryptoServiceProvider(bytesKey);         
    CryptoStream encStream = new CryptoStream(fout, transform, CryptoStreamMode.Write);
                             
    //Read from the input file, then encrypt and write to the output file.
    while(rdlen < totlen)
    {
     len = fin.Read(bin, 0, 100);
     encStream.Write(bin, 0, len);
     rdlen = rdlen + len;     
    }
 
    encStream.Close(); 
    fout.Close();
    fin.Close();    
   }
   catch(Exception ex)
   {
    throw new Exception("在文件加密的时候出现错误!错误提示: \n" + ex.Message);
   }
  }

  //功能描述:解密文件
  public void DecryptFile(string inFileName, string outFileName, byte[] bytesKey, byte[] bytesIV)
  {
   try
   {
    FileStream fin = new FileStream(inFileName, FileMode.Open, FileAccess.Read);
    FileStream fout = new FileStream(outFileName, FileMode.OpenOrCreate, FileAccess.Write);
    fout.SetLength(0);
      
    //Create variables to help with read and write.
    byte[] bin = new byte[100]; //This is intermediate storage for the encryption.
    long rdlen = 0;              //This is the total number of bytes written.
    long totlen = fin.Length;    //This is the total length of the input file.
    int len;                     //This is the number of bytes to be written at a time.
 
    Dec_Transformer.IV=bytesIV;
    Dec_Transformer.Key=bytesKey;

    ICryptoTransform transform = Dec_Transformer.GetCryptoServiceProvider(bytesKey);         
    CryptoStream encStream = new CryptoStream(fout, transform, CryptoStreamMode.Write);
                             
    //Read from the input file, then encrypt and write to the output file.
    while(rdlen < totlen)
    {
     len = fin.Read(bin, 0, 100);
     encStream.Write(bin, 0, len);
     rdlen = rdlen + len;     
    }
 
    encStream.Close(); 
    fout.Close();
    fin.Close();    
   }
   catch(Exception ex)
   {
    throw new Exception("在文件加密的时候出现错误!错误提示: \n" + ex.Message);
   }
  }
 
 }

}


posted @ 2006-09-13 09:09  Nina  阅读(475)  评论(1编辑  收藏  举报