RSA(客户端加密/服务器解密)
[英]RSA (client side encryption/ server decryption)
问题描述
This is a continuation of the project in this question , but without the Bouncy Castle. 
这是该问题中项目的延续,但没有充气城堡。
So I decided to scrap Bouncy Castle (pity, I loved the name) 因此,我决定取消Bouncy Castle(可惜,我喜欢这个名字)
ANYWAY 无论如何
I have a server and a client. 我有一个服务器和一个客户端。 the client needs to send a serialized object to the server, the server will then process this object. 客户端需要将序列化的对象发送到服务器,然后服务器将处理该对象。
It does this, however I'd like to add encryption to the process. 它可以做到这一点,但是我想为该过程添加加密。 But without storing a file or anything like that. 但是无需存储文件或类似的东西。 the process needs to be session based(in a sense) 该过程需要基于会话(在某种意义上)
So, the client will request a key from the server, the server will generate a key pair and send a key to the client. 因此,客户端将向服务器请求密钥,服务器将生成密钥对并将密钥发送给客户端。
Client then uses this key to encrypt the object 然后,客户端使用此密钥来加密对象
string key = ASCIIEncoding.ASCII.GetString(RequestKey(tcpclnt));
var RsaClient =new RSACryptoServiceProvider(2048);
while (key.Length > 0) {
RsaClient.FromXmlString(key);
var transmit = ASCIIEncoding.ASCII.GetBytes(stringtosend);
var encrypted = RsaClient.Encrypt(transmit,false);
the server then receives these encrypted bytes and tries to decrypt them 服务器然后接收这些加密的字节并尝试对其解密
raw = Receive(clientSocket);
byte[] r = TrimBytes(ASCIIEncoding.ASCII.GetBytes(raw),256);
var sdecrypted = ASCIIEncoding.ASCII.GetString(RsaServer.Decrypt(r, false));
But alas, the server can't do this. 但是可惜服务器无法做到这一点。 On Decryption it throws an error 解密时会引发错误
Key does not exist.
So, my question is, what am I doing wrong? 所以,我的问题是,我在做什么错?
Many thanks in advance for any help you can offer. 在此先感谢您提供的任何帮助。
UPDATE
Altered the code in the server 更改了服务器中的代码
var RSAKeyInfo = new RSACryptoServiceProvider(2048, new CspParameters(1)).ExportParameters(true);
New error 新错误
The parameter is incorrect
1 个解决方案
解决方案1
1 已采纳 2015-08-07 10:49:04
Whilst fine as an exercise in the use of cryptography, the use of basic cryptographic algorithms to build your own system for secure communication is a recipe for insecurity. 虽然使用加密技术可以很好地完成工作,但使用基本的加密算法来构建自己的安全通信系统是解决不安全问题的秘诀。 For every weakness you address in your own system, there are likely 10 (or more!) that you won't even have thought of. 对于您在自己的系统中解决的每个弱点,可能甚至没有想到的10个(或更多!)。
My strong suggestion therefore is to use SSL/TLS to secure your communications. 因此,我强烈建议您使用SSL / TLS来保护您的通信。 This should provide all the security you need whilst also being straightforward to integrate as the .NET Framework's SslStream has the necessary functionality to operate as either the server or client side of the connection. 这将提供您需要的所有安全性,并且还可以直接集成,因为.NET Framework的SslStream具有必要的功能,可以用作连接的服务器 端或客户端。
Doing this will also allow you to optionally use additional security mechanisms in the future, eg certificate based client authentication, with minimal additional effort. 这样做还可以使您将来有选择地使用其他安全机制,例如,基于证书的客户端身份验证,而无需付出额外的努力。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.