[英]Common encrypt/decrypt code example for C# and Node.js/crypto
我正在嘗試在 IIS 中使用應用程序請求路由 (ARR) 將一組路徑傳遞到 Node.js 網站。 我的問題是能夠在任一側獲取/設置身份驗證票。
我真的需要一個簡單的加密/解密對示例,它適用於 C# 和 Node.js,幾乎開箱即用,兩者的結果相同。 在接下來的幾天里,如果時間允許,我將自己解決這個問題,如果沒有人在我之前提出答案,我打算回答。
我的意圖是將節點端編寫為 Node.js 端的 connect/express 模塊。 我已經在 ASP.Net 解決方案中進行了自定義身份驗證,並且可以輕松地將我當前的方法替換為可以在兩個平台上都安全的方法(只要它們共享相同的密鑰)。
在AccountController.cs創建身份驗證 cookie 的當前代碼
private void ProcessUserLogin(MyEntityModel db, SiteUser user, bool remember=false)
{
var roles = String.Join("|", value:user.SiteRoles.Select(sr => sr.Name.ToLowerInvariant().Trim()).Distinct().ToArray());
//update the laston record(s)
user.UserAgent = Request.UserAgent;
user.LastOn = DateTimeOffset.UtcNow;
db.SaveChanges();
// Create and tuck away the cookie
var authTicket = new FormsAuthenticationTicket(
1
,user.Username
,DateTime.Now
,DateTime.Now.AddDays(31) //max 31 days
,remember
,string.IsNullOrWhiteSpace(roles) ? "guest" : roles
);
var ticket = FormsAuthentication.Encrypt(authTicket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticket);
if (remember) cookie.Expires = DateTime.Now.AddDays(8);
Response.Cookies.Add(cookie);
} 當前用於讀取Global.asax.cs的身份驗證 cookie 的代碼
void Application_AuthenticateRequest(object sender, EventArgs args)
{
HttpCookie authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie == null) return;
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
string[] roles = authTicket.UserData.Split(new Char[] { '|' });
//create new generic identity, and corresponding principal...
var g = new GenericIdentity(authTicket.Name);
var up = new GenericPrincipal(g, roles);
//set principal for current request & thread (app will handle transitions from here)
Thread.CurrentPrincipal = Context.User = up;
} Web.config相關部分
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
<membership>
<providers>
<!-- Remove default provider(s), so custom override works -->
<clear />
</providers>
</membership>
</system.web>
</configuration>這是一個使用 DES 算法的工作示例。 參考
using System;
using System.Text;
using System.Security.Cryptography;
public class Test
{
public static string Encrypt(string toEncrypt, string key, bool useHashing)
{
byte[] keyArray;
byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes(toEncrypt);
if (useHashing)
{
MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();
keyArray = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes(key));
}
else
keyArray = UTF8Encoding.UTF8.GetBytes(key);
var tdes = new TripleDESCryptoServiceProvider();
tdes.Key = keyArray;
// tdes.Mode = CipherMode.CBC; // which is default
// tdes.Padding = PaddingMode.PKCS7; // which is default
Console.WriteLine("iv: {0}", Convert.ToBase64String(tdes.IV));
ICryptoTransform cTransform = tdes.CreateEncryptor();
byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0,
toEncryptArray.Length);
return Convert.ToBase64String(resultArray, 0, resultArray.Length);
}
public static void Main()
{
Console.WriteLine("encrypted as: {0}", Encrypt("12345", "abcdefghijklmnop", false));
}
}
哪個輸出
iv: pdMBMjdeFdo=
encrypted as: 3uDkdT6aQ3c=
並在 node.js 中使用正確的算法des-ede-cbc :
var crypto = require('crypto');
var alg = 'des-ede-cbc';
var key = new Buffer('abcdefghijklmnop', 'utf-8');
var iv = new Buffer('pdMBMjdeFdo=', 'base64');
var encrypted = new Buffer('3uDkdT6aQ3c=', 'base64');
var source = '12345';
var cipher = crypto.createCipheriv(alg, key, iv);
var encoded = cipher.update(source, 'ascii', 'base64');
encoded += cipher.final('base64');
console.log(encoded, encrypted.toString('base64'));
var decipher = crypto.createDecipheriv(alg, key, iv);
var decoded = decipher.update(encrypted, 'binary', 'ascii');
decoded += decipher.final('ascii');
console.log(decoded, source);
哪個輸出
3uDkdT6aQ3c= 3uDkdT6aQ3c=
12345 12345
@xiaoyi 答案是正確的。 另外,我只是添加了一些清晰的細節代碼。
用C#中的DES算法加密
public static string EncryptTest(string toEncrypt, string key, bool useHashing)
{
byte[] keyArray;
byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes(toEncrypt);
byte[] initVectorBytes = Encoding.ASCII.GetBytes("$secure#");
if (useHashing)
{
MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();
keyArray = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes(key));
}
else
keyArray = UTF8Encoding.UTF8.GetBytes(key);
var tdes = new TripleDESCryptoServiceProvider();
tdes.Key = keyArray;
tdes.Mode = CipherMode.CBC; // which is default
tdes.Padding = PaddingMode.PKCS7; // which is default
tdes.IV = initVectorBytes;
ICryptoTransform cTransform = tdes.CreateEncryptor();
byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0,
toEncryptArray.Length);
return Convert.ToBase64String(resultArray, 0, resultArray.Length);
}
當EncryptTest("1234", "abcdefghijklmnop", false)輸出: GD/JSd91ZnQ=
nodejs中用DES算法加密
var algorithm = 'des-ede-cbc';
function encryption(plainText) {
var key = new Buffer.from("abcdefghijklmnop", 'utf-8');
var iv = new Buffer.from("$secure#", "ascii");
var cipher = crypto.createCipheriv(algorithm, key, iv);
var encoded = cipher.update(plainText, 'ascii', 'base64');
encoded += cipher.final('base64');
console.log(encoded);
return encoded;
}
encryption("1234")輸出: GD/JSd91ZnQ=
節點:不推薦使用new Buffer('', '') 。 我用new Buffer.from()替換了它
C#中用DES算法解密
public static string DecryptTest(string cipherString, string key, bool useHashing)
{
byte[] keyArray;
byte[] toEncryptArray = Convert.FromBase64String(cipherString);
byte[] initVectorBytes = Encoding.ASCII.GetBytes("$secure#");
if (useHashing)
{
MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();
keyArray = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes(key));
}
else
keyArray = UTF8Encoding.UTF8.GetBytes(key);
var tdes = new TripleDESCryptoServiceProvider();
tdes.Key = keyArray;
tdes.Mode = CipherMode.CBC; // which is default
tdes.Padding = PaddingMode.PKCS7; // which is default
tdes.IV = initVectorBytes;
ICryptoTransform cTransform = tdes.CreateDecryptor();
byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);
return UTF8Encoding.UTF8.GetString(resultArray);
}
當DecryptTest("GD/JSd91ZnQ=", "abcdefghijklmnop", false)輸出: 1234
nodejs中用DES算法解密
var algorithm = 'des-ede-cbc';
function decryption(chipertext) {
var key = new Buffer.from("abcdefghijklmnop", 'utf-8');
var iv = new Buffer.from("$secure#", "ascii");
var encrypted = new Buffer.from(chipertext, 'base64');
var decipher = crypto.createDecipheriv(algorithm, key, iv);
var decoded = decipher.update(encrypted, 'binary', 'ascii');
decoded += decipher.final('ascii');
console.log(decoded);
return decoded;
}
decryption("GD/JSd91ZnQ=")輸出: 1234
DES算法的更多細節
在統一c#中加密RijndaelManaged 128,並在Node.JS中解密
[英]Encrypt RijndaelManaged 128 in unity c# and Decrypt in Node.JS
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.