如何将 Rijndael 加密与 .Net Core 类库一起使用?(不是 .Net 框架) [英] How to use Rijndael encryption with a .Net Core class library? (Not .Net Framework)
问题描述
我们如何在 .Net Core 类库中使用 Rijndael 加密?(不是 .Net Framework 类库)我们需要创建一个共享的 .Net Core 库以在多个项目中使用,并且需要实现跨项目使用相同 Rijndael 加密的 Encrypt 和 Decrypt 方法.
How do we use Rijndael encryption in a .Net Core class library? (Not a .Net Framework Class Library) We need to create a shared .Net Core library for use in multiple projects and need to implement Encrypt and Decrypt methods that use the same Rijndael encryption across the projects.
我们目前正在使用:
- VS 企业版 2015
- c#
- .Net Core 类库
- .NETStandard,版本=v1.6 参考
.Net Core 1.0 版本中似乎缺少 Rijndael 和 AES 的实现……它似乎只包含基类.我们如何将 Rijndael 或 AES 加密的 .Net Core 实现添加为对新 .Net Core 类库项目的引用?
It appears that the implementation of Rijndael and AES is missing from the .Net Core 1.0 release...it seems to only include the base classes. How do we get a .Net Core implementation of Rijndael or AES encryption added as a reference to a new .Net Core Class Library project?
这是适用于 .Net Framework 4.5.2 的加密方法:
Here is the Encrypt method that works in .Net Framework 4.5.2:
public static string Encrypt(string valueToEncrypt, string symmetricKey, string initializationVector)
{
string returnValue = valueToEncrypt;
var aes = new System.Security.Cryptography.RijndaelManaged();
try
{
aes.Key = ASCIIEncoding.ASCII.GetBytes(symmetricKey);
aes.IV = ASCIIEncoding.ASCII.GetBytes(initializationVector);
aes.Mode = CipherMode.CBC;
aes.Padding = PaddingMode.ISO10126;
var desEncrypter = aes.CreateEncryptor();
var buffer = ASCIIEncoding.ASCII.GetBytes(valueToEncrypt);
returnValue = Convert.ToBase64String(desEncrypter.TransformFinalBlock(buffer, 0, buffer.Length));
}
catch (Exception)
{
returnValue = string.Empty;
}
return returnValue;
}
推荐答案
Rijndael 和 AES 之间的区别(在 .NET 中)在于 Rijndael 允许更改块大小,但 AES 不允许.由于 RijndaelManaged 的默认块大小与 AES 块大小(128 位/16 字节)相同,因此您实际上使用的是 AES.
The difference (in .NET) between Rijndael and AES is that Rijndael allows the block size to change, but AES does not. Since RijndaelManaged's default block size is the same as the AES block size (128 bit / 16 byte) you are, in fact, using AES.
不要按名称实例化实现类型,只需使用工厂(Aes.Create()).这适用于 .NET Core 和 .NET Framework.
Instead of instantiating the implementation type by name, just use the factory (Aes.Create()). That works in both .NET Core and .NET Framework.
其他值得一提的事情:
- 所有 SymmetricAlgorithm 实例都是 IDisposable,您应该在
using语句中使用它们. - 所有 ICryptoTransform 实例(例如您错误命名的
desEncryptor)都是 IDisposable,您应该在using语句中使用它们. - ISO10126 填充在 .NET Core 1.0 中不可用.如果您需要与现有流兼容,您可以自己应用填充并指定 PaddingMode.None.否则,PKCS7 更标准.
- 您的 AES 密钥不是很随机,因为它来自一个 ASCII 字符串(很多值都无效).
- Base64 至少具有完整的值范围
- PBKDF2(基于密码的密钥派生函数 2)通过 Rfc2898DeriveBytes 类允许共享字符串秘密输入,可预测的噪声输出.
- KeyAgreement 通常更好,但 ECDH 和经典 DH 在 .NET Core 1.0 中都不可用.
- All SymmetricAlgorithm instances are IDisposable, you should use them in a
usingstatement. - All ICryptoTransform instances (such as your incorrectly named
desEncryptor) are IDisposable, you should use them in ausingstatement. - ISO10126 padding is not available in .NET Core 1.0. If you need to be compatible with existing streams you can apply the padding yourself and specify PaddingMode.None. Otherwise, PKCS7 is more standard.
- Your AES key isn't very random, since it comes from an ASCII string (lots of values won't be valid).
- Base64 at least has full value range
- PBKDF2 (Password-Based Key Derivation Function 2) via the Rfc2898DeriveBytes class allows for shared-string-secret in, predictable noise out.
- KeyAgreement is in general better, but neither ECDH nor classic DH are available in .NET Core 1.0.
这篇关于如何将 Rijndael 加密与 .Net Core 类库一起使用?(不是 .Net 框架)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
