请问各位前辈用ASP.NET怎么实现C/S之间传输数据加密?
0
悬赏园豆:50
[待解决问题]
为了提高web services的安全性,本人有这样的思路,第一步:服务器端实行DES加密,产生对称密钥;客户端实行RSA加密,产生公钥和私钥。第二步:web服务端将密钥传输给客户端,客户端用服务端的密钥加密RSA产生的私钥,然后将加密后的RSA私钥传输给web服务器,web服务器解密客户加密的私钥。第三步:客户端用自己的公钥加密传输文件(例如密码),并将密文传输给web服务器。第四步:web服务器用解密后的RSA的私钥解密客户端传输过来的密文。
但是由于本人水平太差,不知道怎么写这个过程的代码,特此请教高手能指点一下。希望高手能写出代码让本人学习一下....谢谢了!!!
所有回答(2)
0
关注
0
我做个了例子,希望对你有帮助。
建立3个工程:
1.Crypt:类型为ClassLibrary,作用是实现DES加解密和RSA加解密
2.DESServer:类型为Console Application,相当于你的实行DES加密的web服务端,我是用的WCF。
3.RSAClient:类型也是Console Application,相当于你的实行RSA加密的客户端。
代码如下:
1.工程Crypt:有两个类RSACrypt和DESCrypt
namespace Crypt
{
public static class DESCrypt
{
//默认密钥向量
private static byte[] Keys = { 0xEF, 0xAB, 0x56, 0x78, 0x90, 0x34, 0xCD, 0x12 };
/// <summary>
/// DES加密字符串
/// </summary>
/// <param name="encryptString">待加密的字符串</param>
/// <param name="encryptKey">加密密钥,要求为8位</param>
/// <returns>加密成功返回加密后的字符串,失败返回源串</returns>
public static string EncryptDES(string encryptString, string encryptKey)
{
try
{
byte[] rgbKey = Encoding.UTF8.GetBytes(encryptKey.Substring(0, 8));
byte[] rgbIV = Keys;
byte[] inputByteArray = Encoding.UTF8.GetBytes(encryptString);
DESCryptoServiceProvider dCSP = new DESCryptoServiceProvider();
MemoryStream mStream = new MemoryStream();
CryptoStream cStream = new CryptoStream(mStream, dCSP.CreateEncryptor(rgbKey, rgbIV), CryptoStreamMode.Write);
cStream.Write(inputByteArray, 0, inputByteArray.Length);
cStream.FlushFinalBlock();
return Convert.ToBase64String(mStream.ToArray());
}
catch
{
return encryptString;
}
}
/// <summary>
/// DES解密字符串
/// </summary>
/// <param name="decryptString">待解密的字符串</param>
/// <param name="decryptKey">解密密钥,要求为8位,和加密密钥相同</param>
/// <returns>解密成功返回解密后的字符串,失败返源串</returns>
public static string DecryptDES(string decryptString, string decryptKey)
{
try
{
byte[] rgbKey = Encoding.UTF8.GetBytes(decryptKey.Substring(0, 8));
byte[] rgbIV = Keys;
byte[] inputByteArray = Convert.FromBase64String(decryptString);
DESCryptoServiceProvider DCSP = new DESCryptoServiceProvider();
MemoryStream mStream = new MemoryStream();
CryptoStream cStream = new CryptoStream(mStream, DCSP.CreateDecryptor(rgbKey, rgbIV), CryptoStreamMode.Write);
cStream.Write(inputByteArray, 0, inputByteArray.Length);
cStream.FlushFinalBlock();
return Encoding.UTF8.GetString(mStream.ToArray());
}
catch
{
return decryptString;
}
}
}
}
namespace Crypt
{
public static class RSACrypt
{
/// <summary>
/// RSA加密字符串
/// </summary>
/// <param name="encryptString">待加密的字符串</param>
/// <param name="publicKey">RSA公钥</param>
/// <returns>加密成功返回加密后的字符串,失败返回源串</returns>
public static byte[] EncryptData(string encryptString, string publicKey)
{
try
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(1024);
UnicodeEncoding ByteConverter = new UnicodeEncoding();
//将公钥导入到RSA对象中,准备加密;
rsa.FromXmlString(publicKey);
//对数据data进行加密,并返回加密结果;
//第二个参数用来选择Padding的格式
return rsa.Encrypt(ByteConverter.GetBytes(encryptString), false);
}
catch(Exception ex)
{
throw ex;
}
}
/// <summary>
/// RSA解密字符串
/// </summary>
/// <param name="decryptString">待解密的字符串</param>
/// <param name="privateKey">RSA私钥</param>
/// <returns>解密成功返回解密后的字符串,失败返源串</returns>
public static string DecryptData(byte[] decryptString, string privateKey)
{
try
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(1024);
//将私钥导入RSA中,准备解密;
rsa.FromXmlString(privateKey);
//对数据进行解密,并返回解密结果;
return new UnicodeEncoding().GetString(rsa.Decrypt(decryptString, false));
}
catch(Exception ex)
{
throw ex;
}
}
}
}
2. DESServer:
namespace DESServer
{
[ServiceContract(Name="DESService")]
public interface IDESService
{
[OperationContract]
string GetDESKey();
[OperationContract]
void SetRSAKey(string rsa);
[OperationContract]
void GetRSAContentFromClient(byte[] rsaContent);
}
public class DESService : IDESService
{
// 服务端产生的DES密钥
private string DESKey;
// 从客户端得到的RSA私钥
private string RSAPrivateKey;
public DESService()
{
CreateDESKey();
}
/// <summary>
/// 服务端产生DES密钥
/// </summary>
private void CreateDESKey()
{
DESKey = "abcdefghi";
//Console.WriteLine("服务端产生DES密钥: " + DESKey);
}
/// <summary>
/// 向客户端发送密钥
/// </summary>
/// <returns></returns>
public string GetDESKey()
{
return DESKey;
}
/// <summary>
/// 从客户端得到密钥
/// </summary>
/// <returns></returns>
public void SetRSAKey(string rsa)
{
RSAPrivateKey = DESCrypt.DecryptDES(rsa, DESKey);
}
/// <summary>
/// 解密客户端RSA加密过的密文
/// </summary>
/// <param name="rsaContent"></param>
public void GetRSAContentFromClient(byte[] rsaContent)
{
string result = RSACrypt.DecryptData(rsaContent, RSAPrivateKey);
Console.WriteLine(result);
}
}
}
namespace DESServer
{
class Program
{
static void Main(string[] args)
{
using (ServiceHost host = new ServiceHost(typeof(DESService)))
{
host.AddServiceEndpoint(typeof(IDESService), new WSHttpBinding(), @"http://127.0.0.1:9999/DESService");
if (host.Description.Behaviors.Find<ServiceMetadataBehavior>() == null)
{
ServiceMetadataBehavior behavior = new ServiceMetadataBehavior();
behavior.HttpGetEnabled = true;
behavior.HttpGetUrl = new Uri(@"http://127.0.0.1:9999/DESService/metadata");
host.Description.Behaviors.Add(behavior);
}
host.Opened += delegate
{
Console.WriteLine("服务端已经启动,按任意键终止服务!");
};
host.Open();
Console.Read();
}
}
}
}
3.RSAClient:需要add Service References,地址就是上面的http://127.0.0.1:9999/DESService/metadata
namespace RSAClient
{
class Program
{
static void Main(string[] args)
{
//Thread.Sleep(5000);
/****************************************
* 第一步:
****************************************/
// 服务器端实行DES加密,产生对称密钥
DESServiceClient client = new DESServiceClient();
// 客户端实行RSA加密,产生公钥和私钥
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(1024);
string publicKey = rsa.ToXmlString(false);
string privateKey = rsa.ToXmlString(true);
//Console.WriteLine("客户端实行RSA加密,产生公钥: " + publicKey + " 私钥: " + privateKey);
/****************************************
* 第二步:
****************************************/
// web服务端将密钥传输给客户端,
string desKsy = client.GetDESKey();
// 客户端用服务端的密钥加密RSA产生的私钥
string cryptPrivateKey = DESCrypt.EncryptDES(privateKey, desKsy);
// 然后将加密后的RSA私钥传输给web服务器,web服务器解密客户加密的私钥
client.SetRSAKey(cryptPrivateKey);
/****************************************
* 第三步:
****************************************/
// 客户端用自己的公钥加密传输文件(例如密码),并将密文传输给web服务器
string password = "password";
client.GetRSAContentFromClient(RSACrypt.EncryptData(password, publicKey));
// 第四步合并在方法GetRSAContentFromClient中了,服务端直接解密然后打印出password
Console.Read();
}
}
}
辛苦你了,谢谢你!
