在C#中加密与RSA的套接字通信 [英] Encrypting socket communication with RSA in C#
问题描述
我正在尝试实现一个套接字服务器,使客户端可以发送一些命令来启动和停止服务器提供的各种服务。 200新新新新新旗新新旗旗新新旗旗新新旗旗新新旗旗新新旗旗新新旗旗新新旗旗新新旗旗新新旗旗新新旗新旗旗新新旗旗新新旗新新旗新新旗旗下一步是加密客户端和服务器之间的通信。我试图用RSACryptoServiceProvider来修改它。
我使用的代码来加密数据:
<$新新新旗新新旗新新新旗新新旗新新旗新新旗新新旗新新旗新新旗新新旗新新旗新新旗新新旗新新旗新新款:
parameter.KeyContainerName =keycontainer;新新新200新200新新200新200新200新新新新旗新新旗新新旗新新旗新新旗新新旗200新新新新旗新新旗200新新新新旗新新旗新新款:
StreamReader r = new StreamReader(@C:\tmp\rsakey.xml);新新200新新新新旗新新新新旗新新旗新新新200新200新新新新旗新新旗200新新新新旗新新旗新新旗新新旗新新旗新新旗新新旗新新旗新新旗新新旗新新旗新新旗新新旗新新旗新新旗新新旗新新旗新新新新新:
string command =server reply to here;
ASCIIEncoding bc = new ASCIIEncoding();
byte [] cmd = rsaProvider.Encrypt(bc.GetBytes(command),false);
handler.Send(cmd);
还有我用来解密我的命令的代码
rsaProvider =新的RSACryptoServiceProvider(参数);
StreamReader r = new StreamReader(@C:\tmp\rsakey.xml);
string xml = r.ReadToEnd();
rsaProvider.FromXmlString(xml);
ASCIIEncoding bc = new ASCIIEncoding();
string test = bc.GetString(state.buffer);
byte [] tmp = rsaProvider.Decrypt(bc.GetBytes(test),false);
我加密后,尝试直接解密我的字符串,它的工作原理。但是从客户端到服务器或反向传输不起作用,解密函数会引发一个异常,告诉我解密的数据超过模块的最大值。
正确的加密客户端和服务器之间流量的方法是什么?
不对称加密(例如使用RSA)仅适用于短信。使用1024位RSA密钥(典型大小),最大输入消息大小为117字节。
正常设置是选择随机密钥(即一堆随机位),使用RSA对该密钥进行加密,并使用该密钥对消息对称的密码(即,使用诸如AES的对称密码)进行加密。对称密码不具有这样的大小限制,并且比非对称加密快得多。
现在发生这样的事情,即使理论看起来很简单,也有很多很多可以使许多方式出现错误的细节,包括使代码出现正常运行,同时对攻击开放(使用加密技术是为了抵御攻击)。因此,正确的方式是使用已经涵盖这些细节的现有协议,以及为此设计和调整的实现。最常见的协议是TLS(也称为SSL)。 C#/。NET似乎带有一个 System.Net.Security.SslStream 类,这可能是你想要的。
I'm currently trying to implement a socket server that enables the clients to send some commands to start and stop various services that the server provides. I got the communication between client and server running, and got the server to respond to the commands the clients send. The next step would be to encrypt the communication between client and server. I'm trying to acomplish this with the RSACryptoServiceProvider.
Heres the code i use to enrypt the data:
CspParameters parameter = new CspParameters();
parameter.KeyContainerName = "keycontainer";
rsaProvider = new RSACryptoServiceProvider(parameter);
StreamReader r = new StreamReader(@"C:\tmp\rsakey.xml");
rsaProvider.FromXmlString(r.ReadToEnd());
string command = "server reply goes here";
ASCIIEncoding bc = new ASCIIEncoding();
byte[] cmd = rsaProvider.Encrypt(bc.GetBytes(command), false);
handler.Send(cmd);
And heres the code i use to decrypt my commands
rsaProvider = new RSACryptoServiceProvider(parameter);
StreamReader r = new StreamReader(@"C:\tmp\rsakey.xml");
string xml = r.ReadToEnd();
rsaProvider.FromXmlString(xml);
ASCIIEncoding bc = new ASCIIEncoding();
string test = bc.GetString(state.buffer);
byte[] tmp = rsaProvider.Decrypt(bc.GetBytes(test), false);
I tried directly decrypting my string after I encrypted them, and it works. But the transfer from client to server or the reverse doesn't work and the Decrypt function throws an exception that tells me that the data to decrypt exceeds the maximum for the module.
Whats the correct way to encrypt the traffic between client and server?
Asymmetric encryption (e.g. with RSA) is good only for short messages. With a 1024-bit RSA key (a typical size), the maximum input message size is 117 bytes.
The "normal" setup is to select a random secret key (i.e. a bunch of random bits), encrypt that key with RSA, and encrypt the rest of the message symmetrically (i.e. with a symmetric cipher such as AES) using that key. Symmetric ciphers do not have such size limits and are much faster than asymmetric encryption anyway.
Now it so happens that even if the theory may look simple, there are an awful lot of details which can make an implementation go wrong in many ways, including making the code appear to run properly, while being open to attacks (and the point of using cryptography is to resist attacks). So the correct way is to use an existing protocol which already covers those details, along with an implementation which has been designed and tuned for that as well. The most common protocol for that is TLS (also known as SSL). C#/.NET appears to come with a System.Net.Security.SslStream class which is probably what you want.
这篇关于在C#中加密与RSA的套接字通信的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
