0

嗨,我正在尝试加密和解密字符串值...我是通过使用手动密钥来实现的...

private static byte[] _salt = Encoding.ASCII.GetBytes("123456789abcdefg");

我创建了 key 和 iv 喜欢

Rfc2898DeriveBytes rfcDeriveBytes = new Rfc2898DeriveBytes(password, _salt);
rijndaelManaged = new RijndaelManaged();
rijndaelManaged.Key = rfcDeriveBytes.GetBytes(rijndaelManaged.KeySize / 8);
rijndaelManaged.IV = rfcDeriveBytes.GetBytes(rijndaelManaged.BlockSize / 8);

但我想动态生成相同的密钥......我的意思是我如何动态生成_salt......

4

2 回答 2

2

该类Rfc2898DeriveBytes可以为您生成随机盐 - 只需将所需的盐大小传递给适当的构造函数。并且不要忘记将生成的盐存储在安全的地方 - 它无法确定性地重新生成,没有它,您将无法重新创建密钥和 IV 进行解密。

string password = GetPasswordFromUserInputOrWherever();

using (var deriveBytes = new Rfc2898DeriveBytes(password, 16))  // 16 byte salt
{
    byte[] salt = deriveBytes.Salt;

    // now save the salt somewhere safe
    // you'll need it to generate the same byte sequence when decrypting

    using (var rijndael = new RijndaelManaged())
    {
        rijndael.Key = deriveBytes.GetBytes(rijndael.KeySize / 8);
        rijndael.IV = deriveBytes.GetBytes(rijndael.BlockSize / 8);

        // encrypt...
    }
}

然后解密:

string password = GetPasswordFromUserInputOrWherever();
byte[] salt = GetSaltFromWhereverYouPreviouslySavedIt();

using (var deriveBytes = new Rfc2898DeriveBytes(password, salt))
using (var rijndael = new RijndaelManaged())
{
    rijndael.Key = deriveBytes.GetBytes(rijndael.KeySize / 8);
    rijndael.IV = deriveBytes.GetBytes(rijndael.BlockSize / 8);

    // decrypt...
}
于 2010-11-29T10:48:43.160 回答
1

“盐”不是秘密,您可以将其包含在加密数据中。加密/解密时不能使用不同的盐,为了有效,您应该为每条消息使用不同的盐。

您可以使用 System.Security.Cryptography.RandomNumberGenerator该类创建一个 Salt。

于 2010-11-29T09:44:26.853 回答