用下面这种方式解密的数据,能不能得到它的加密方式?
static string Password = "XXXXX";
public static string Decrypt(string source)
{
string s;
if (String.IsNullOrEmpty(source))
throw new ArgumentException("No data given");
byte[] inputData = Convert.FromBase64String(source);
if (inputData.Length < 8)
throw new ArgumentException("Invalid input data");
byte[] salt = new byte[8];
for (int i = 0; i < salt.Length; i++)
{
salt[i] = inputData[i];
}
Rfc2898DeriveBytes rfc2898DeriveBytes = new Rfc2898DeriveBytes(Password, salt);
Rijndael rijndael = Rijndael.Create();
rijndael.Padding = PaddingMode.ISO10126;
rijndael.IV = rfc2898DeriveBytes.GetBytes(rijndael.BlockSize / 8);
rijndael.Key = rfc2898DeriveBytes.GetBytes(rijndael.KeySize / 8);
using (MemoryStream memoryStream = new MemoryStream())
using (
CryptoStream cryptoStream =
new CryptoStream(memoryStream, rijndael.CreateDecryptor(), CryptoStreamMode.Write))
{
cryptoStream.Write(inputData, 8, inputData.Length - 8);
cryptoStream.Close();
byte[] bytes = memoryStream.ToArray();
s = Encoding.Unicode.GetString(bytes);
}
return s;
}
对加密解密这块不熟,请有经验的朋友解答,谢谢。public static string Decrypt(string source)
{
string s;
if (String.IsNullOrEmpty(source))
throw new ArgumentException("No data given");
byte[] inputData = Convert.FromBase64String(source);
if (inputData.Length < 8)
throw new ArgumentException("Invalid input data");
byte[] salt = new byte[8];
for (int i = 0; i < salt.Length; i++)
{
salt[i] = inputData[i];
}
Rfc2898DeriveBytes rfc2898DeriveBytes = new Rfc2898DeriveBytes(Password, salt);
Rijndael rijndael = Rijndael.Create();
rijndael.Padding = PaddingMode.ISO10126;
rijndael.IV = rfc2898DeriveBytes.GetBytes(rijndael.BlockSize / 8);
rijndael.Key = rfc2898DeriveBytes.GetBytes(rijndael.KeySize / 8);
using (MemoryStream memoryStream = new MemoryStream())
using (
CryptoStream cryptoStream =
new CryptoStream(memoryStream, rijndael.CreateDecryptor(), CryptoStreamMode.Write))
{
cryptoStream.Write(inputData, 8, inputData.Length - 8);
cryptoStream.Close();
byte[] bytes = memoryStream.ToArray();
s = Encoding.Unicode.GetString(bytes);
}
return s;
}
如果需要,我有几个样例数据与加密后的结果。
评论
#1楼2007-05-06 10:51Edwin Liu
加密字串的前8个字节就是salt,后面的就是加密数据,使用的是对称加密,由Salt与Password就能得到rfc2898DeriveBytes,后面的就可以解密了。
一般来说,对于对称加密,只要得到加密的源码,一定就能解密回复 引用 查看
#2楼[楼主]2007-05-06 14:42deerchao
@Edwin Liu
谢谢,已经搞定。
public static string Encrypt(string param)
{
byte[] salt = new byte[] { (byte)'a', (byte)'b', (byte)'c', (byte)'d', (byte)'e', (byte)'f', (byte)'g', (byte)'h' };
byte[] bytes = Encoding.Unicode.GetBytes(param);
Rfc2898DeriveBytes deriveBytes = new Rfc2898DeriveBytes(Password, salt);
Rijndael rijndael = Rijndael.Create();
byte[] iv = deriveBytes.GetBytes(rijndael.BlockSize / 8);
byte[] key = deriveBytes.GetBytes(rijndael.KeySize / 8);
rijndael.Padding = PaddingMode.ISO10126;
rijndael.IV = iv;
rijndael.Key = key;
using (MemoryStream memStream = new MemoryStream())
using (CryptoStream cryptoStream = new CryptoStream(memStream, rijndael.CreateEncryptor(), CryptoStreamMode.Write))
{
cryptoStream.Write(bytes, 0, bytes.Length);
cryptoStream.Close();
byte[] outputData = memStream.ToArray();
byte[] result = new byte[outputData.Length + 8];
Array.Copy(salt,result,8);
Array.Copy(outputData, 0, result, 8, outputData.Length);
return Convert.ToBase64String(result);
}
}
回复 引用 查看
#3楼2007-05-07 10:29Edwin Liu
salt一般都不是常量,否则也不称之为Salt了.可由.Net的加密类获取随机码.
另一种更安全的做法是:文件=Salt长度(8字节)+Salt+数据,而[Salt长度]指示了数据的起始位置,Salt由数据的簦名得到(解密时可验证该簦名,以决断数据是否被更改过),[Salt长度]可以是明文也可以是内定的一种对称加密方式加密的数据.
如果要求不是很严格,可以只对[Salt长度]加密而不对[数据]加密,这样速度要快很多,特别是处理大数据的情况.回复 引用 查看
#4楼[楼主]2007-05-07 14:58deerchao
@Edwin Liu
谢谢,我现在用System.Random生成salt.
回复 引用 查看
#5楼2007-05-11 14:19jlzhou[未注册用户]
这一段和CS2007注册机有关吗?回复 引用
#6楼[楼主]2007-05-11 14:49deerchao
很有关:)回复 引用 查看