尝试创建一个256位密钥存储在web.config中
[英]Trying to create a 256bit key to store in web.config
问题描述
I am trying to create a 256bit key and use this in AES encryption, and I need to store this in my web.config file so it has to be converted to a string. 
我试图创建一个256位密钥并将其用于AES加密,并且需要将其存储在我的web.config文件中,因此必须将其转换为字符串。
The crypt library I am using is: https://gist.githubusercontent.com/jbtule/4336842/raw/8da408b55fe9f94adb3319ed6491897d0ebac790/AESThenHMAC.cs 我正在使用的密码库是: https : //gist.githubusercontent.com/jbtule/4336842/raw/8da408b55fe9f94adb3319ed6491897d0ebac790/AESThenHMAC.cs
So for example the method signature looks like: 例如,方法签名如下所示:
public static string SimpleEncrypt(string secretMessage, byte[] cryptKey, byte[] authKey,
byte[] nonSecretPayload = null)
I tried the following but it is returning funny characters: 我尝试了以下操作,但返回的是有趣的字符:
var hmac = new HMACSHA256();
var keyHex = System.Text.Encoding.UTF8.GetString(hmac.Key);
I will need to create a similiar secret key which will be the same process since it is 256bit also and I need to store in the web.conf file. 我将需要创建一个类似的秘密密钥,因为它也是256位,所以将是相同的过程,并且我需要将其存储在web.conf文件中。
Hoping someone can help me 希望有人可以帮助我
2 个解决方案
解决方案1
4 2015-08-17 18:01:06
As a general rule, when there is a need to store arbitrary binary data as text (eg, having a byte array stored as a text in a property file), then a more portable form of the binary data should be used. 作为一般规则,当需要将任意二进制数据存储为文本(例如,将字节数组作为文本存储在属性文件中)时,应使用二进制格式的更可移植的形式。
There is a number of those, and the use depends on developer preferences, intended use, performance concerns, etc. 其中有很多,其用途取决于开发人员的偏好,预期用途,性能问题等。
The most commonly nowadays used format for portable storage of binary data as text is Base 64 ( https://en.wikipedia.org/wiki/Base64 ). 如今,将二进制数据作为文本进行便携式存储的最常用格式是Base 64( https://en.wikipedia.org/wiki/Base64 )。 You should convert the bytes to a Base64 string when storing it into a text file, and convert it back into bytes when loading it into your code. 在将字节存储到文本文件时,应将字节转换为Base64字符串,在将其加载到代码中时,应将其转换回字节。
In C#, the implementation to use would vary depending on the actual platform, plus you can always find a number of libraries that would provide this implementation. 在C#中,要使用的实现取决于实际平台,并且您总是可以找到许多可以提供此实现的库。 For example, in certain versions of .NET framework you can use https://msdn.microsoft.com/en-us/library/dhx0d524(v=vs.110).aspx and https://msdn.microsoft.com/en-us/library/system.convert.frombase64string(v=vs.110).aspx 例如,在某些版本的.NET Framework中,您可以使用https://msdn.microsoft.com/zh-cn/library/dhx0d524(v=vs.110).aspx和https://msdn.microsoft.com/ zh-CN / library / system.convert.frombase64string(v = vs.110).aspx
解决方案2
0 2015-08-17 18:30:33
You ask the class for the key it uses to instantiate HMACSHA256. 您向类询问它用于实例化HMACSHA256的密钥。 The Key property of HMACSHA256 reads: HMACSHA256的Key属性显示为:
Gets or sets the key to use in the hash algorithm.
If no key is specified .NET classes will generate their own random key. 如果未指定密钥,则.NET类将生成其自己的随机密钥。 That is however the key used as input parameter for the HMAC function (which can take keys of any size), not the output of the HMAC, which will be 256 bit. 但是,这是用作HMAC功能的输入参数的键(可以使用任何大小的键), 而不是 HMAC的输出(256位)。
If you want a newly generated key you should use an instance of RNGCryptoServiceProvider instead to generate a random key of 256 bits (32 bytes). 如果要使用新生成的密钥,则应使用RNGCryptoServiceProvider的实例来生成256位(32字节)的随机密钥。 Then you can use these bytes directly as key value in the AES class you are using. 然后,您可以在使用的AES类中将这些字节直接用作键值。
If you want to store the key as text you need to encode it as hexadecimals or base 64. If you view it directly as text you will get random ("funny") characters, and that's only if the bytes can be displayed as printable characters at all. 如果要将密钥存储为文本,则需要将其编码为十六进制或以64为基数。如果直接将其作为文本查看,则将获得随机(“有趣”)字符,并且仅当字节可以显示为可打印字符时完全没有
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.