現在、C#.Netで一般的なタスクを実行するライブラリを作成しています。基本的に、私はC#の初心者を対象としているので、彼らは私のライブラリを利用して、彼らが抱えている問題を最小限に抑えることができます。現在、ライブラリに暗号化機能を追加していますが、ある程度の成功を収めています。しかし、私の暗号化基準はそれほど難しく複雑ではありません。将来、ハッカーが侵入して重要なデータ(つまり、パスワードなど)を復号化できるようにします。だから、パスワードを暗号化するための独自の複雑な基準をどのように書くことができるか教えてください。このライブラリは、無料で初心者を対象としています。
ありがとう
すでに多くの暗号化エンジンが存在する場合は、正当な理由がない限り、独自の暗号化エンジンを作成しないことをお勧めします。まず、Enterprise Libraryの暗号化 API を参照してください。かなり初心者に優しいです。
それでも独自のフレームワークを作成することに決めている場合は、エンタープライズ ライブラリやBouncyCastleなどを見て、他のフレームワークがどのようにまとめられているかを確認してください。多くのことを学ぶことができ、そこにあるものを改善するための最良の方法です。
既存のライブラリがたくさんある場合は、独自のライブラリを使用しないでください。あなたはこれから恩恵を受けることはなく、何の役にも立ちません。ことわざ:お茶を飲むためだけに食堂を買うな。
.NET 暗号化メソッドの周りに使いやすいラッパーを作成できます。
Aes の例 (私自身のラッパー):
using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;
using Synercoding.CodeGuard;
namespace Synercoding.Encryption.Symmetrical
{
/// <summary>
/// A class to Encrypt and Decrypt with Rijndael AES encryption
/// </summary>
public sealed class AesEncryption : IDisposable
{
private byte[] m_salt;
private RijndaelManaged m_aesAlg = new RijndaelManaged(); // RijndaelManaged object used to encrypt/decrypt the data.
/// <summary>
/// Create a new AesEncryption object with the standard salt
/// </summary>
public AesEncryption() : this("850nW94vN39iUx") { }
/// <summary>
/// Create a new AesEncryption object with the specified salt
/// </summary>
/// <param name="salt">The salt used for salting the key. Must be atleast 8 chars long</param>
public AesEncryption(string salt)
{
Guard.Requires<ArgumentNullException>(!string.IsNullOrEmpty(salt), "param salt can't be null or empty.");
Guard.Requires<ArgumentException>(salt.Length >= 8, "param salt must be atleast 8 chars long.");
m_salt = Encoding.ASCII.GetBytes(salt);
}
/// <summary>
/// The salt in ASCII string format
/// </summary>
public string SaltString
{
get
{
return Encoding.ASCII.GetString(m_salt);
}
}
/// <summary>
/// The salt that is used for the key and IV generation.
/// </summary>
public byte[] Salt
{
get
{
return m_salt;
}
}
/// <summary>
/// Encrypt the given string using AES. The string can be decrypted using
/// DecryptStringAES(). The sharedSecret parameters must match.
/// </summary>
/// <param name="plainText">The text to encrypt.</param>
/// <param name="sharedSecret">A password used to generate a key for encryption.</param>
public string EncryptStringAES(string plainText, string sharedSecret)
{
Guard.Requires<ArgumentNullException>(!string.IsNullOrEmpty(plainText), "param plainText can't be null or empty");
Guard.Requires<ArgumentNullException>(!string.IsNullOrEmpty(sharedSecret), "param sharedSecret can't be null or empty");
Guard.Requires<InvalidOperationException>(m_aesAlg != null, "this object is already disposed");
string outStr = null; // Encrypted string to return
// generate the key from the shared secret and the salt
Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(sharedSecret, Salt);
m_aesAlg.Key = key.GetBytes(m_aesAlg.KeySize / 8);
m_aesAlg.IV = key.GetBytes(m_aesAlg.BlockSize / 8);
// Create a decrytor to perform the stream transform.
ICryptoTransform encryptor = m_aesAlg.CreateEncryptor(m_aesAlg.Key, m_aesAlg.IV);
// Create the streams used for encryption.
using (MemoryStream msEncrypt = new MemoryStream())
{
using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
{
//Write all data to the stream.
swEncrypt.Write(plainText);
}
outStr = Convert.ToBase64String(msEncrypt.ToArray());
}
// Return the encrypted bytes from the memory stream.
return outStr;
}
/// <summary>
/// Decrypt the given string. Assumes the string was encrypted using
/// EncryptStringAES(), using an identical sharedSecret.
/// </summary>
/// <param name="cipherText">The text to decrypt.</param>
/// <param name="sharedSecret">A password used to generate a key for decryption.</param>
public string DecryptStringAES(string cipherText, string sharedSecret)
{
Guard.Requires<ArgumentNullException>(!string.IsNullOrEmpty(cipherText), "param cipherText can't be null or empty");
Guard.Requires<ArgumentNullException>(!string.IsNullOrEmpty(sharedSecret), "param sharedSecret can't be null or empty");
Guard.Requires<InvalidOperationException>(m_aesAlg != null, "this object is already disposed");
// Declare the string used to hold
// the decrypted text.
string plaintext = null;
// generate the key from the shared secret and the salt
Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(sharedSecret, Salt);
m_aesAlg.Key = key.GetBytes(m_aesAlg.KeySize / 8);
m_aesAlg.IV = key.GetBytes(m_aesAlg.BlockSize / 8);
// Create a decrytor to perform the stream transform.
ICryptoTransform decryptor = m_aesAlg.CreateDecryptor(m_aesAlg.Key, m_aesAlg.IV);
// Create the streams used for decryption.
byte[] bytes = Convert.FromBase64String(cipherText);
using (MemoryStream msDecrypt = new MemoryStream(bytes))
{
using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
{
using (StreamReader srDecrypt = new StreamReader(csDecrypt))
// Read the decrypted bytes from the decrypting stream
// and place them in a string.
plaintext = srDecrypt.ReadToEnd();
}
}
return plaintext;
}
public void Dispose()
{
if (m_aesAlg != null)
{
m_aesAlg.Clear();
m_aesAlg.Dispose();
m_aesAlg = null;
}
}
}
}
MD5 (ハッシュ) の例:
using System;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using Synercoding.CodeGuard;
namespace Synercoding.Encryption.Hashing
{
/// <summary>
/// Class to verify and generate MD5 hashes
/// </summary>
public static class MD5Hash
{
/// <summary>
/// Creates a MD5 hexadecimal string based on the input
/// </summary>
/// <param name="input">The string to hash</param>
/// <returns>A MD5 hex string</returns>
public static string GetHash(string input)
{
Guard.Requires<ArgumentNullException>(!string.IsNullOrEmpty(input), "param input can't be null or empty");
// Create a new Stringbuilder to collect the bytes
// and create a string.
StringBuilder sBuilder = new StringBuilder();
using (MD5 md5Hash = MD5.Create())
{
// Convert the input string to a byte array and compute the hash.
byte[] data = md5Hash.ComputeHash(Encoding.UTF8.GetBytes(input));
// Loop through each byte of the hashed data
// and format each one as a hexadecimal string.
for (int i = 0; i < data.Length; i++)
{
sBuilder.Append(data[i].ToString("x2"));
}
}
// Return the hexadecimal string.
return sBuilder.ToString();
}
/// <summary>
/// Creates a MD5 hexadecimal string based on the input
/// </summary>
/// <param name="input">The string to hash</param>
/// <returns>A MD5 hash in byte format</returns>
public static byte[] GetByteHash(string input)
{
Guard.Requires<ArgumentNullException>(!string.IsNullOrEmpty(input), "param input can't be null or empty");
byte[] data;
using (MD5 md5Hash = MD5.Create())
{
// Convert the input string to a byte array and compute the hash.
data = md5Hash.ComputeHash(Encoding.UTF8.GetBytes(input));
}
return data;
}
/// <summary>
/// Verifies the input with the hash.
/// </summary>
/// <param name="input">The input to compare</param>
/// <param name="hash">The hash to compare the input with</param>
/// <returns>True is the input validates.</returns>
public static bool VerifyHash(string input, string hash)
{
Guard.Requires<ArgumentNullException>(!string.IsNullOrEmpty(input), "param input can't be null or empty");
Guard.Requires<ArgumentNullException>(!string.IsNullOrEmpty(hash), "param hash can't be null or empty");
Guard.Requires<ArgumentNullException>(hash.Length == 32, "param hash must be 32 chars long");
// Hash the input.
string hashOfInput = GetHash(input);
// Create a StringComparer an compare the hashes.
StringComparer comparer = StringComparer.OrdinalIgnoreCase;
if (0 == comparer.Compare(hashOfInput, hash))
{
return true;
}
else
{
return false;
}
}
/// <summary>
/// Verifies the input with the hash.
/// </summary>
/// <param name="input">The input to compare</param>
/// <param name="hash">The hash to compare the input with</param>
/// <returns>True is the input validates.</returns>
public static bool VerifyHash(string input, byte[] hash)
{
Guard.Requires<ArgumentNullException>(!string.IsNullOrEmpty(input), "param input can't be null or empty");
Guard.Requires<ArgumentNullException>(hash != null, "param hash can't be null");
Guard.Requires<ArgumentNullException>(hash.Length == 128 / 8, "param hash must be 128bits (16 bytes) long");
// Hash the input.
byte[] hashOfInput = GetByteHash(input);
if (hashOfInput.SequenceEqual(hash))
{
return true;
}
else
{
return false;
}
}
}
}
SHA512 (ハッシュ) の例:
using System;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using Synercoding.CodeGuard;
namespace Synercoding.Encryption.Hashing
{
/// <summary>
/// Class to verify and generate SHA512 hashes
/// </summary>
public static class SHA512Hash
{
/// <summary>
/// Creates a SHA512 hexadecimal string based on the input
/// </summary>
/// <param name="input">The string to hash</param>
/// <returns>A SHA512 hex string</returns>
public static string GetHash(string input)
{
Guard.Requires<ArgumentNullException>(!string.IsNullOrEmpty(input), "param input can't be null or empty");
// Create a new Stringbuilder to collect the bytes
// and create a string.
StringBuilder sBuilder = new StringBuilder();
using (SHA512 SHA512Hash = SHA512.Create())
{
// Convert the input string to a byte array and compute the hash.
byte[] data = SHA512Hash.ComputeHash(Encoding.UTF8.GetBytes(input));
// Loop through each byte of the hashed data
// and format each one as a hexadecimal string.
for (int i = 0; i < data.Length; i++)
{
sBuilder.Append(data[i].ToString("x2"));
}
}
// Return the hexadecimal string.
return sBuilder.ToString();
}
/// <summary>
/// Creates a SHA512 hash based on the input
/// </summary>
/// <param name="input">The string to hash</param>
/// <returns>A SHA512 hash in byte format</returns>
public static byte[] GetByteHash(string input)
{
Guard.Requires<ArgumentNullException>(!string.IsNullOrEmpty(input), "param input can't be null or empty");
byte[] data;
using (SHA512 SHA512Hash = SHA512.Create())
{
// Convert the input string to a byte array and compute the hash.
data = SHA512Hash.ComputeHash(Encoding.UTF8.GetBytes(input));
}
return data;
}
/// <summary>
/// Verifies the input with the hash.
/// </summary>
/// <param name="input">The input to compare</param>
/// <param name="hash">The hash to compare the input with</param>
/// <returns>True is the input validates.</returns>
public static bool VerifyHash(string input, string hash)
{
Guard.Requires<ArgumentNullException>(!string.IsNullOrEmpty(input), "param input can't be null or empty");
Guard.Requires<ArgumentNullException>(!string.IsNullOrEmpty(hash), "param hash can't be null or empty");
Guard.Requires<ArgumentNullException>(hash.Length == 128, "param hash must be 128 chars long");
// Hash the input.
string hashOfInput = GetHash(input);
// Create a StringComparer an compare the hashes.
StringComparer comparer = StringComparer.OrdinalIgnoreCase;
if (0 == comparer.Compare(hashOfInput, hash))
{
return true;
}
else
{
return false;
}
}
/// <summary>
/// Verifies the input with the hash.
/// </summary>
/// <param name="input">The input to compare</param>
/// <param name="hash">The hash to compare the input with</param>
/// <returns>True is the input validates.</returns>
public static bool VerifyHash(string input, byte[] hash)
{
Guard.Requires<ArgumentNullException>(!string.IsNullOrEmpty(input), "param input can't be null or empty");
Guard.Requires<ArgumentNullException>(hash != null, "param hash can't be null");
Guard.Requires<ArgumentNullException>(hash.Length == 512 / 8, "param hash must be 512bits (64 bytes) long");
// Hash the input.
byte[] hashOfInput = GetByteHash(input);
if (hashOfInput.SequenceEqual(hash))
{
return true;
}
else
{
return false;
}
}
}
}
教訓的な目的で、.net ファイル暗号化システムを使用できます (非常に簡単です!!)
System.IO.File.Encrypt("file.txt")
System.IO.File.Decrypt("file.txt")
ファイルは同じマシンからだけ復号化できます。