一般加密解密算法
View Code
public class NmSecurity { /************************************************** * FileName: NmSecurity.cs * Version: 1.00 * Author: Kria * Date: 2009-3-4 * Last Modified Date: 2009-3-6 * Function: * CopyRight (c) Netmarch Company 2000-2003 * All rights reserved **************************************************/ private static string encodingType = ConfigurationManager.AppSettings["EncryptStringEncoding"]; //------------------------------------加密部分开始---------------------------------------------------- /// <summary> /// 使用MD5加密方法加密数据 /// </summary> /// <param name="sourceData">用户密码等需要被MD5加密的源数据</param> /// <returns>MD5加密后的形成字符串</returns> public static string Md5(string sourceData) { return FormsAuthentication.HashPasswordForStoringInConfigFile(sourceData, "MD5"); } /// <summary> /// 返回二进制数组的Hash值 /// </summary> /// <param name="sourceData">二进制数组</param> /// <returns>产生的Hash值</returns> public static string Hash(byte[] sourceData) { MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider(); return BitConverter.ToString(md5.ComputeHash(sourceData)).Replace("-", "").ToLower(); } /// <summary> /// 获取随机对称加密密钥 /// </summary> /// <returns>密钥字符串</returns> public static string GenericSymmetricKey() { SymmetricAlgorithm sa = Rijndael.Create(); sa.GenerateKey(); return Convert.ToBase64String(sa.Key); } /// <summary> /// 获取随机非对称加密密钥 /// </summary> /// <returns>密钥字符串</returns> public static string GenericAsymmetricKey() { RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); return Convert.ToBase64String(rsa.ExportCspBlob(true)); } /// <summary> /// 从带私钥的密钥中获取只包含公钥的密钥 /// </summary> /// <param name="key"></param> /// <returns></returns> public static string GetPublicKey(string key) { RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); rsa.ImportCspBlob(Convert.FromBase64String(key)); return Convert.ToBase64String(rsa.ExportCspBlob(false)); } /// <summary> /// 二进制流对二进制流的对称加密 /// </summary> /// <param name="sourceData">需要加密的源数据</param> /// <param name="key">16位或24位密钥,或者使用GenericSymmetricKey方法产生随机对称密钥</param> /// <returns>加密后的二进制流形式的字节数组</returns> public static byte[] SymmetricEncryptBinaryToBinary(byte[] sourceData, string key) { try { SymmetricAlgorithm sa = Rijndael.Create(); sa.Mode = CipherMode.ECB; sa.Padding = PaddingMode.Zeros; try { sa.Key = Convert.FromBase64String(key); } catch { sa.Key = Encoding.GetEncoding(encodingType).GetBytes(key); } MemoryStream ms = new MemoryStream(); CryptoStream cs = new CryptoStream(ms, sa.CreateEncryptor(), CryptoStreamMode.Write); cs.Write(sourceData, 0, sourceData.Length); cs.Close(); byte[] encryptBinaryData = ms.ToArray(); ms.Close(); return encryptBinaryData; } catch { throw new Exception("您所使用的密钥无效!"); } } /// <summary> /// 二进制流对字符串的对称加密 /// </summary> /// <param name="sourceData">需要加密的源数据</param> /// <param name="key">16位或24位密钥,或者使用GenericSymmetricKey方法产生随机对称密钥</param> /// <returns>加密后的形成的字符串</returns> public static string SymmetricEncryptBinaryToString(byte[] sourceData, string key) { byte[] encryptBinaryData = SymmetricEncryptBinaryToBinary(sourceData, key); return Convert.ToBase64String(encryptBinaryData); } /// <summary> /// 字符串对二进制流的对称加密 /// </summary> /// <param name="sourceData">需要加密的源数据</param> /// <param name="key">16位或24位密钥,或者使用GenericSymmetricKey方法产生随机对称密钥</param> /// <returns>加密后的二进制流形式的字节数组</returns> public static byte[] SymmetricEncryptStringToBinary(string sourceData, string key) { byte[] byteData = Encoding.GetEncoding(encodingType).GetBytes(sourceData); return SymmetricEncryptBinaryToBinary(byteData, key); } /// <summary> /// 字符串对字符串的对称加密 /// </summary> /// <param name="sourceData">需要加密的字符串</param> /// <param name="key">16位或24位密钥,或者使用GenericSymmetricKey方法产生随机对称密钥</param> /// <returns>加密后形成的字符串</returns> public static string SymmetricEncryptStringToString(string sourceData, string key) { try { byte[] byteData = Encoding.GetEncoding(encodingType).GetBytes(sourceData); byte[] encryptBinaryData = SymmetricEncryptBinaryToBinary(byteData, key); return Convert.ToBase64String(encryptBinaryData); } catch { throw new Exception("您所使用的密钥无效!"); } } /// <summary> /// 二进制流对二进制流的非对称加密 /// </summary> /// <param name="sourceData">需要加密的源数据</param> /// <param name="key">RSA密钥或者使用GenericAsymmetricKey方法产生随机非对称密钥</param> /// <returns>加密后的二进制流形式的字节数组</returns> public static byte[] AsymmetricEncryptBinaryToBinary(byte[] sourceData, string key) { try { RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); rsa.ImportCspBlob(Convert.FromBase64String(key)); byte[] byteEncrypt = rsa.Encrypt(sourceData, false); return byteEncrypt; } catch { throw new Exception("您所使用的密钥无效!"); } } /// <summary> /// 二进制流对字符串的非对称加密 /// </summary> /// <param name="sourceData">需要加密的源数据</param> /// <param name="key">RSA密钥或者使用GenericAsymmetricKey方法产生随机非对称密钥</param> /// <returns>加密后的形成的字符串</returns> public static string AsymmetricEncryptBinaryToString(byte[] sourceData, string key) { byte[] byteEncrypt = AsymmetricEncryptBinaryToBinary(sourceData, key); return Convert.ToBase64String(byteEncrypt); } /// <summary> /// 字符串对二进制流的非对称加密 /// </summary> /// <param name="sourceData">需要加密的字符串</param> /// <param name="key">RSA密钥或者使用GenericAsymmetricKey方法产生随机非对称密钥</param> /// <returns>加密后的二进制流形式的字节数组</returns> public static byte[] AsymmetricEncryptStringToBinary(string sourceData, string key) { byte[] byteData = Encoding.GetEncoding(encodingType).GetBytes(sourceData); byte[] byteEncrypt = AsymmetricEncryptBinaryToBinary(byteData, key); return byteEncrypt; } /// <summary> /// 字符串对字符串的非对称加密 /// </summary> /// <param name="sourceData">需要加密的字符串</param> /// <param name="key">RSA密钥或者使用GenericAsymmetricKey方法产生随机非对称密钥</param> /// <returns>加密后的二进制流形式的字节数组</returns> public static string AsymmetricEncryptStringToString(string sourceData, string key) { byte[] byteData = Encoding.GetEncoding(encodingType).GetBytes(sourceData); byte[] byteEncrypt = AsymmetricEncryptBinaryToBinary(byteData, key); return Convert.ToBase64String(byteEncrypt); } //--------------------------------------加密部分结束----------------------------------------------------------- //--------------------------------------解密部分开始----------------------------------------------------------- /// <summary> /// 二进制流对二进制流的对称解密 /// </summary> /// <param name="sourceData">加密后的二进制流</param> /// <param name="key">对应加密的密钥</param> /// <returns>解密后的二进制流</returns> public static byte[] SymmetricDecryptBinaryToBinary(byte[] sourceData, string key) { try { SymmetricAlgorithm sa = Rijndael.Create(); sa.Mode = CipherMode.ECB; sa.Padding = PaddingMode.Zeros; try { sa.Key = Convert.FromBase64String(key); } catch { sa.Key = Encoding.GetEncoding(encodingType).GetBytes(key); } MemoryStream ms = new MemoryStream(sourceData); CryptoStream cs = new CryptoStream(ms, sa.CreateDecryptor(), CryptoStreamMode.Read); byte[] decryptBinaryData = new byte[sourceData.Length]; cs.Read(decryptBinaryData, 0, sourceData.Length); int lastIndex = decryptBinaryData.Length; while (lastIndex > 0 && decryptBinaryData[lastIndex - 1] == (byte)0) { lastIndex--; } byte[] subDecryptData = new byte[lastIndex]; System.Array.Copy(decryptBinaryData, subDecryptData, lastIndex); return subDecryptData; } catch { throw new Exception("您所使用的密钥无效!"); } } /// <summary> /// 二进制流对字符串的对称解密 /// </summary> /// <param name="sourceData">加密后的二进制流</param> /// <param name="key">对应加密的密钥</param> /// <returns>经过解密后的字符串</returns> public static string SymmetricDecryptBinaryToString(byte[] sourceData, string key) { byte[] decryptBinaryData=SymmetricDecryptBinaryToBinary(sourceData, key); string decryptData = Encoding.GetEncoding(encodingType).GetString(decryptBinaryData); return decryptData; } /// <summary> /// 字符串对二进制流的对称解密 /// </summary> /// <param name="sourceData">加密后的字符串</param> /// <param name="key">对应加密的密钥</param> /// <returns>经过解密后的二进制流</returns> public static byte[] SymmetricDecryptStringToBinary(string sourceData, string key) { byte[] encryptBinaryData = Convert.FromBase64String(sourceData); byte[] decryptBinaryData = SymmetricDecryptBinaryToBinary(encryptBinaryData, key); return decryptBinaryData; } /// <summary> /// 字符串对字符串的对称解密 /// </summary> /// <param name="sourceData">加密后的字符串</param> /// <param name="key">对应加密的密钥</param> /// <returns>经过解密后的字符串</returns> public static string SymmetricDecryptStringToString(string sourceData, string key) { byte[] encryptBinaryData = Convert.FromBase64String(sourceData); byte[] decryptBinaryData = SymmetricDecryptBinaryToBinary(encryptBinaryData, key); string decryptData = Encoding.GetEncoding(encodingType).GetString(decryptBinaryData); return decryptData; } /// <summary> /// 二进制流对二进制流的非对称解密 /// </summary> /// <param name="sourceData">加密后的二进制流</param> /// <param name="key">对应加密的密钥</param> /// <returns>解密后的二进制流</returns> public static byte[] AsymmetricDecryptBinaryToBinary(byte[] sourceData, string key) { try { RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); rsa.ImportCspBlob(Convert.FromBase64String(key)); byte[] byteDecrypt = rsa.Decrypt(sourceData, false); return byteDecrypt; } catch { throw new Exception("您所使用的密钥无效!"); } } /// <summary> /// 二进制流对字符串的非对称解密 /// </summary> /// <param name="sourceData">加密后的二进制流</param> /// <param name="key">对应加密的密钥</param> /// <returns>经过解密后的字符串</returns> public static string AsymmetricDecryptBinaryToString(byte[] sourceData, string key) { byte[] byteDecrypt = AsymmetricDecryptBinaryToBinary(sourceData, key); return Encoding.GetEncoding(encodingType).GetString(byteDecrypt); } /// <summary> /// 字符串对而二进制流的非对称解密 /// </summary> /// <param name="sourceData">加密后的字符串</param> /// <param name="key">对应加密的密钥</param> /// <returns>解密后的二进制流</returns> public static byte[] AsymmetricDecryptStringToBinary(string sourceData, string key) { byte[] byteData = Convert.FromBase64String(sourceData); byte[] byteDecrypt = AsymmetricDecryptBinaryToBinary(byteData, key); return byteDecrypt; } /// <summary> /// 字符串对字符串的非对称解密 /// </summary> /// <param name="sourceData">加密后的字符串</param> /// <param name="key">对应加密的密钥</param> /// <returns>经过解密后的字符串</returns> public static string AsymmetricDecryptStringToString(string sourceData, string key) { byte[] byteData = Convert.FromBase64String(sourceData); byte[] byteDecrypt = AsymmetricDecryptBinaryToBinary(byteData, key); return Encoding.GetEncoding(encodingType).GetString(byteDecrypt); } //----------------------------------------------带签名验证的加密解密--------------------------------------------- /// <summary> /// 二进制流对字符串的带签名的验证加密 /// </summary> /// <param name="sourceData">需要加密的二进制流源数据</param> /// <param name="localKey">本地密钥</param> /// <param name="remoteKey">远程密钥</param> /// <returns>加密后的数据字符串</returns> public static string SignatureEncryptBinaryToString(byte[] sourceData, string localKey, string remoteKey) { try { RSACryptoServiceProvider rsaLocal = new RSACryptoServiceProvider(); RSACryptoServiceProvider rsaRemote = new RSACryptoServiceProvider(); rsaLocal.ImportCspBlob(Convert.FromBase64String(localKey)); rsaRemote.ImportCspBlob(Convert.FromBase64String(remoteKey)); SymmetricAlgorithm sa = Rijndael.Create(); sa.GenerateIV(); //将对称密钥使用非对称加密算法加密并转换成base64 string saKey = Convert.ToBase64String(rsaRemote.Encrypt(sa.Key, false)); //用默认密钥进行对称加密 sa.Mode = CipherMode.ECB; sa.Padding = PaddingMode.Zeros; MemoryStream ms = new MemoryStream(); CryptoStream cs = new CryptoStream(ms, sa.CreateEncryptor(), CryptoStreamMode.Write); cs.Write(sourceData, 0, sourceData.Length); cs.Close(); byte[] encryptBinaryData = ms.ToArray(); ms.Close(); string encryptData = Convert.ToBase64String(encryptBinaryData); //签名 string sinagture = Convert.ToBase64String(rsaLocal.SignData(encryptBinaryData, new SHA1CryptoServiceProvider())); //返回结果:密文+密钥+签名 return encryptData + "," + saKey + "," + sinagture; } catch { throw new Exception("您所使用的密钥无效!"); } } /// <summary> /// 二进制流对二进制流的带签名的验证加密 /// </summary> /// <param name="sourceData">需要加密的二进制流源数据</param> /// <param name="localKey">本地密钥</param> /// <param name="remoteKey">远程密钥</param> /// <returns>加密后的二进制流数据</returns> public static byte[] SignatureEncryptBinaryToBinary(byte[] sourceData, string localKey, string remoteKey) { string encryptResult = SignatureEncryptBinaryToString(sourceData, localKey, remoteKey); return Encoding.GetEncoding(encodingType).GetBytes(encryptResult); } /// <summary> /// 字符串对二进制流的带签名的验证加密 /// </summary> /// <param name="sourceData">需要加密的字符串源数据</param> /// <param name="localKey">本地密钥</param> /// <param name="remoteKey">远程密钥</param> /// <returns>加密后的二进制流数据</returns> public static byte[] SignatureEncryptStringToBinary(string sourceData, string localKey, string remoteKey) { //将要加密的数据转换成二进制数据 byte[] binaryData = Encoding.GetEncoding(encodingType).GetBytes(sourceData); string encryptResult = SignatureEncryptBinaryToString(binaryData, localKey, remoteKey); return Encoding.GetEncoding(encodingType).GetBytes(encryptResult); } /// <summary> /// 二进制流对字符串的带签名的验证加密 /// </summary> /// <param name="sourceData">需要加密的字符串源数据</param> /// <param name="localKey">本地密钥</param> /// <param name="remoteKey">远程密钥</param> /// <returns>加密后的字符串数据</returns> public static string SignatureEncryptStringToString(string sourceData, string localKey, string remoteKey) { //将要加密的数据转换成二进制数据 byte[] binaryData = Encoding.GetEncoding(encodingType).GetBytes(sourceData); return SignatureEncryptBinaryToString(binaryData, localKey, remoteKey); } /// <summary> /// 字符串对二进制流的带签名的验证解密 /// </summary> /// <param name="sourceData">需要解密的字符串源数据</param> /// <param name="localKey">本地密钥</param> /// <param name="remoteKey">远程密钥</param> /// <returns>解密后的二进制流数据</returns> public static byte[] SignatureDecryptStringToBinary(string sourceData, string localKey, string remoteKey) { try { if (string.IsNullOrEmpty(sourceData)) { return null; } string[] dataParts = sourceData.Split(','); if (dataParts.Length != 3) { return null; } string encryptData = dataParts[0]; string saKey = dataParts[1]; string sinature = dataParts[2]; byte[] encryptBinaryData = Convert.FromBase64String(encryptData); RSACryptoServiceProvider rsaLocal = new RSACryptoServiceProvider(); RSACryptoServiceProvider rsaRemote = new RSACryptoServiceProvider(); rsaLocal.ImportCspBlob(Convert.FromBase64String(localKey)); rsaRemote.ImportCspBlob(Convert.FromBase64String(remoteKey)); SymmetricAlgorithm sa = Rijndael.Create(); //验证签名 if (!rsaRemote.VerifyData(encryptBinaryData, new SHA1CryptoServiceProvider(), Convert.FromBase64String(sinature))) { throw new Exception("验证签名失败!"); } //还原对称加密Key sa.Key = rsaLocal.Decrypt(Convert.FromBase64String(saKey), false); //用默认密钥进行对称解密 sa.Mode = CipherMode.ECB; //块处理模式 sa.Padding = PaddingMode.Zeros; //末尾数据块的填充模式 MemoryStream ms = new MemoryStream(encryptBinaryData); CryptoStream cs = new CryptoStream(ms, sa.CreateDecryptor(), CryptoStreamMode.Read); byte[] decryptBinaryData = new byte[encryptBinaryData.Length]; cs.Read(decryptBinaryData, 0, encryptBinaryData.Length); int lastIndex = decryptBinaryData.Length; while (lastIndex > 0 && decryptBinaryData[lastIndex - 1] == (byte)0) { lastIndex--; } byte[] subDecryptData = new byte[lastIndex]; System.Array.Copy(decryptBinaryData, subDecryptData, lastIndex); return subDecryptData; } catch { throw new Exception("您所使用的密钥无效!"); } } /// <summary> /// 二进制流对二进制流的带签名的验证解密 /// </summary> /// <param name="sourceData">需要解密的二进制流源数据</param> /// <param name="localKey">本地密钥</param> /// <param name="remoteKey">远程密钥</param> /// <returns>解密后的二进制流数据</returns> public static byte[] SignatureDecryptBinaryToBinary(byte[] sourceData, string localKey, string remoteKey) { string encryptData = Encoding.GetEncoding(encodingType).GetString(sourceData); byte[] decryptBinaryData = SignatureDecryptStringToBinary(encryptData, localKey, remoteKey); return decryptBinaryData; } /// <summary> /// 二进制流对字符串的带签名的验证解密 /// </summary> /// <param name="sourceData">需要解密的二进制流源数据</param> /// <param name="localKey">本地密钥</param> /// <param name="remoteKey">远程密钥</param> /// <returns>解密后的字符串数据</returns> public static string SignatureDecryptBinaryToString(byte[] sourceData, string localKey, string remoteKey) { string encryptData = Encoding.GetEncoding(encodingType).GetString(sourceData); byte[] decryptBinaryData = SignatureDecryptStringToBinary(encryptData, localKey, remoteKey); string decryptData = Encoding.GetEncoding(encodingType).GetString(decryptBinaryData); return decryptData; } /// <summary> /// 字符串对字符串的带签名的验证解密 /// </summary> /// <param name="sourceData">需要解密的字符串源数据</param> /// <param name="localKey">本地密钥</param> /// <param name="remoteKey">远程密钥</param> /// <returns>解密后的字符串数据</returns> public static string SignatureDecryptStringToString(string sourceData, string localKey, string remoteKey) { byte[] decryptBinaryData = SignatureDecryptStringToBinary(sourceData, localKey, remoteKey); string decryptData = Encoding.GetEncoding(encodingType).GetString(decryptBinaryData); return decryptData; } public static string RsaEncrypt(string data, string localKey, string remoteKey) { RSACryptoServiceProvider rsaLocal = new RSACryptoServiceProvider(); RSACryptoServiceProvider rsaRemote = new RSACryptoServiceProvider(); rsaLocal.ImportCspBlob(Convert.FromBase64String(localKey)); rsaRemote.ImportCspBlob(Convert.FromBase64String(remoteKey)); SymmetricAlgorithm sa = Rijndael.Create(); sa.GenerateIV(); //将对称密钥使用非对称加密算法加密并转换成base64 string saKey = Convert.ToBase64String(rsaRemote.Encrypt(sa.Key, false)); //将要加密的数据转换成二进制数据 byte[] binaryData = Encoding.UTF8.GetBytes(data); byte[] encryptBinaryData = null; string encryptData = null; string sinagture = null; //对称加密开始 sa.Mode = CipherMode.ECB; //块处理模式 sa.Padding = PaddingMode.Zeros; //末尾数据块的填充模式 MemoryStream ms = new MemoryStream(); CryptoStream cs = new CryptoStream(ms, sa.CreateEncryptor(), CryptoStreamMode.Write); cs.Write(binaryData, 0, binaryData.Length); cs.Close(); encryptBinaryData = ms.ToArray(); ms.Close(); encryptData = Convert.ToBase64String(encryptBinaryData); //对称加密结束 //签名 sinagture = Convert.ToBase64String(rsaLocal.SignData(encryptBinaryData, new SHA1CryptoServiceProvider())); //返回结果:密文+密钥+签名 return encryptData + "," + saKey + "," + sinagture; } public static string RsaDecrypt(string data, string localKey, string remoteKey) { if (string.IsNullOrEmpty(data)) { return null; } string[] dataParts = data.Split(','); if (dataParts.Length != 3) { return null; } string encryptData = dataParts[0]; string saKey = dataParts[1]; string sinature = dataParts[2]; byte[] encryptBinaryData = Convert.FromBase64String(encryptData); RSACryptoServiceProvider rsaLocal = new RSACryptoServiceProvider(); RSACryptoServiceProvider rsaRemote = new RSACryptoServiceProvider(); rsaLocal.ImportCspBlob(Convert.FromBase64String(localKey)); rsaRemote.ImportCspBlob(Convert.FromBase64String(remoteKey)); SymmetricAlgorithm sa = Rijndael.Create(); //验证签名 if (!rsaRemote.VerifyData(encryptBinaryData, new SHA1CryptoServiceProvider(), Convert.FromBase64String(sinature))) { return null; } //还原对称加密Key sa.Key = rsaLocal.Decrypt(Convert.FromBase64String(saKey), false); //对称解密开始 sa.Mode = CipherMode.ECB; //块处理模式 sa.Padding = PaddingMode.Zeros; //末尾数据块的填充模式 MemoryStream ms = new MemoryStream(encryptBinaryData); CryptoStream cs = new CryptoStream(ms, sa.CreateDecryptor(), CryptoStreamMode.Read); byte[] decryptBinaryData = new byte[encryptBinaryData.Length]; cs.Read(decryptBinaryData, 0, encryptBinaryData.Length); int lastIndex = decryptBinaryData.Length; while (lastIndex > 0 && decryptBinaryData[lastIndex - 1] == (byte)0) { lastIndex--; } string decryptData = Encoding.UTF8.GetString(decryptBinaryData, 0, lastIndex); //对称解密结束 return decryptData; } }
道之所在,虽千万人吾往矣
