加密许可文件的有效方法? [英] An effective method for encrypting a license file?
问题描述
有关Web应用程序,我想创建一个简单而有效的许可制度。在C#中,这是一个有点困难,因为我的解密方法可以通过安装反射器的人观看。
For a web application, I would like to create a simple but effective licensing system. In C#, this is a little difficult, since my decryption method could be viewed by anyone with Reflector installed.
有哪些方法在C#中加密文件是相当篡改-proof?
What are some methods for encrypting files in C# that are fairly tamper-proof?
推荐答案
这听起来像你想使用公共/私人加密签署的许可证令牌(XML片段或文件为例),所以你可以检测篡改。来处理它最简单的方法是做下列步骤:
It sounds like you want to be using Public/Private cryptography to sign a license token (an XML Fragment or file for example) so you can detect tampering. The simplest way to handle it is to do the following steps:
1),为您的公司的一个密钥。您可以使用SN工具Visual Studio命令行执行此操作。语法是:
1) Generate a keypair for your company. You can do this in the Visual Studio command line using the SN tool. Syntax is:
sn -k c:\keypair.snk
2)使用密钥对强名称(即符号)客户端应用程序。您可以设置此使用您的应用程序中的属性页签字标签
2) Use the keypair to strongly name (i.e. sign) your client application. You can set this using the signing tab in the properties page on your application
3)为您的客户端许可证,这应该是一个XML文档,并使用签名您私钥。这涉及到简单的计算数字签名和步骤来完成它可以发现:
3) Create a license for your client, this should be an XML document and sign it using your Private key. This involves simply computing a digital signature and steps to accomplish it can be found at:
的 http://msdn.microsoft.com/en-us/library/ms229745.aspx
4)在客户端,检查许可证时加载的XmlDocument和使用您的公钥来验证签名,以证明该许可证还没有被篡改。
4) On the client, when checking the license you load the XmlDocument and use your Public key to verify the signature to prove the license has not been tampered with. Details on how to do this can be found at:
的 http://msdn.microsoft.com/en-us/library/ms229950.aspx
要解决密钥分配(即确保您的客户端使用正确的公钥)其实,您可以从签名的程序集本身的公钥。从而保证你没有另外一个关键分发和即使有人用汇编篡改.NET框架将安全性异常死亡,因为强名称将不再匹配大会本身。
To get around key distribution (i.e. ensuring your client is using the correct public key) you can actually pull the public key from the signed assembly itself. Thus ensuring you dont have another key to distribute and even if someone tampers with the assembly the .net framework will die with a security exception because the strong name will no longer match the assembly itself.
要拉离你想使用类似的代码在客户端程序集的公钥:
To pull the public key from the client assembly you want to use code similar to:
/// <summary>
/// Retrieves an RSA public key from a signed assembly
/// </summary>
/// <param name="assembly">Signed assembly to retrieve the key from</param>
/// <returns>RSA Crypto Service Provider initialised with the key from the assembly</returns>
public static RSACryptoServiceProvider GetPublicKeyFromAssembly(Assembly assembly)
{
if (assembly == null)
throw new ArgumentNullException("assembly", "Assembly may not be null");
byte[] pubkey = assembly.GetName().GetPublicKey();
if (pubkey.Length == 0)
throw new ArgumentException("No public key in assembly.");
RSAParameters rsaParams = EncryptionUtils.GetRSAParameters(pubkey);
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.ImportParameters(rsaParams);
return rsa;
}
我已经上传了示例类有很多关于Snipt有用的加密工具的位置: http://snipt.net/Wolfwyrd/encryption-utilities/ 来帮助你对你的方式。
I've uploaded a sample class with a lot of helpful Encryption Utilities on Snipt at: http://snipt.net/Wolfwyrd/encryption-utilities/ to help get you on your way.
我也包括在一个示例程序:的 https://snipt.net/Wolfwyrd/sign-and-verify-example/ 。该示例要求您将它添加到与加密utils的库解决方案,并提供一个测试XML文件,并签名一个SNK文件。该项目应设置为与您产生SNK签署。它演示了如何使用从SNK私钥签名测试XML文件,然后从该程序集的公钥验证。
I have also included a sample program at: https://snipt.net/Wolfwyrd/sign-and-verify-example/. The sample requires that you add it to a solution with the encryption utils library and provide a test XML file and a SNK file for signing. The project should be set to be signed with the SNK you generate. It demonstrates how to sign the test XML file using a private key from the SNK and then verify from the public key on the assembly.
更新
增加了一个最新的博客帖子与许可证文件的详细不错贯穿
Added an up to date blog post with a nice detailed run through on license files
这篇关于加密许可文件的有效方法?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
