Simple insecure two-way data “obfuscation”?

后端 未结 17 1380
别跟我提以往
别跟我提以往 2020-11-22 01:10

I\'m looking for very simple obfuscation (like encrypt and decrypt but not necessarily secure) functionality for some data. It\'s not mission critical. I need something to k

相关标签:
17条回答
  • 2020-11-22 01:22

    Using the builtin .Net Cryptography library, this example shows how to use the Advanced Encryption Standard (AES).

    using System;
    using System.IO;
    using System.Security.Cryptography;
    
    namespace Aes_Example
    {
        class AesExample
        {
            public static void Main()
            {
                try
                {
    
                    string original = "Here is some data to encrypt!";
    
                    // Create a new instance of the Aes
                    // class.  This generates a new key and initialization 
                    // vector (IV).
                    using (Aes myAes = Aes.Create())
                    {
    
                        // Encrypt the string to an array of bytes.
                        byte[] encrypted = EncryptStringToBytes_Aes(original, myAes.Key, myAes.IV);
    
                        // Decrypt the bytes to a string.
                        string roundtrip = DecryptStringFromBytes_Aes(encrypted, myAes.Key, myAes.IV);
    
                        //Display the original data and the decrypted data.
                        Console.WriteLine("Original:   {0}", original);
                        Console.WriteLine("Round Trip: {0}", roundtrip);
                    }
    
                }
                catch (Exception e)
                {
                    Console.WriteLine("Error: {0}", e.Message);
                }
            }
            static byte[] EncryptStringToBytes_Aes(string plainText, byte[] Key,byte[] IV)
            {
                // Check arguments.
                if (plainText == null || plainText.Length <= 0)
                    throw new ArgumentNullException("plainText");
                if (Key == null || Key.Length <= 0)
                    throw new ArgumentNullException("Key");
                if (IV == null || IV.Length <= 0)
                    throw new ArgumentNullException("Key");
                byte[] encrypted;
                // Create an Aes object
                // with the specified key and IV.
                using (Aes aesAlg = Aes.Create())
                {
                    aesAlg.Key = Key;
                    aesAlg.IV = IV;
    
                    // Create a decrytor to perform the stream transform.
                    ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);
    
                    // Create the streams used for encryption.
                    using (MemoryStream msEncrypt = new MemoryStream())
                    {
                        using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
                        {
                            using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
                            {
    
                                //Write all data to the stream.
                                swEncrypt.Write(plainText);
                            }
                            encrypted = msEncrypt.ToArray();
                        }
                    }
                }
    
    
                // Return the encrypted bytes from the memory stream.
                return encrypted;
    
            }
    
            static string DecryptStringFromBytes_Aes(byte[] cipherText, byte[] Key, byte[] IV)
            {
                // Check arguments.
                if (cipherText == null || cipherText.Length <= 0)
                    throw new ArgumentNullException("cipherText");
                if (Key == null || Key.Length <= 0)
                    throw new ArgumentNullException("Key");
                if (IV == null || IV.Length <= 0)
                    throw new ArgumentNullException("Key");
    
                // Declare the string used to hold
                // the decrypted text.
                string plaintext = null;
    
                // Create an Aes object
                // with the specified key and IV.
                using (Aes aesAlg = Aes.Create())
                {
                    aesAlg.Key = Key;
                    aesAlg.IV = IV;
    
                    // Create a decrytor to perform the stream transform.
                    ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV);
    
                    // Create the streams used for decryption.
                    using (MemoryStream msDecrypt = new MemoryStream(cipherText))
                    {
                        using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
                        {
                            using (StreamReader srDecrypt = new StreamReader(csDecrypt))
                            {
    
                                // Read the decrypted bytes from the decrypting stream
                                // and place them in a string.
                                plaintext = srDecrypt.ReadToEnd();
                            }
                        }
                    }
    
                }
    
                return plaintext;
    
            }
        }
    }
    
    0 讨论(0)
  • 2020-11-22 01:29

    I cleaned up SimpleAES (above) for my use. Fixed convoluted encrypt/decrypt methods; separated methods for encoding byte buffers, strings, and URL-friendly strings; made use of existing libraries for URL encoding.

    The code is small, simpler, faster and the output is more concise. For instance, johnsmith@gmail.com produces:

    SimpleAES: "096114178117140150104121138042115022037019164188092040214235183167012211175176167001017163166152"
    SimplerAES: "YHKydYyWaHmKKnMWJROkvFwo1uu3pwzTr7CnARGjppg%3d"
    

    Code:

    public class SimplerAES
    {
        private static byte[] key = __Replace_Me__({ 123, 217, 19, 11, 24, 26, 85, 45, 114, 184, 27, 162, 37, 112, 222, 209, 241, 24, 175, 144, 173, 53, 196, 29, 24, 26, 17, 218, 131, 236, 53, 209 });
    
        // a hardcoded IV should not be used for production AES-CBC code
        // IVs should be unpredictable per ciphertext
        private static byte[] vector = __Replace_Me_({ 146, 64, 191, 111, 23, 3, 113, 119, 231, 121, 221, 112, 79, 32, 114, 156 });
    
        private ICryptoTransform encryptor, decryptor;
        private UTF8Encoding encoder;
    
        public SimplerAES()
        {
            RijndaelManaged rm = new RijndaelManaged();
            encryptor = rm.CreateEncryptor(key, vector);
            decryptor = rm.CreateDecryptor(key, vector);
            encoder = new UTF8Encoding();
        }
    
        public string Encrypt(string unencrypted)
        {
            return Convert.ToBase64String(Encrypt(encoder.GetBytes(unencrypted)));
        }
    
        public string Decrypt(string encrypted)
        {
            return encoder.GetString(Decrypt(Convert.FromBase64String(encrypted)));
        }
    
        public byte[] Encrypt(byte[] buffer)
        {
            return Transform(buffer, encryptor);
        }
    
        public byte[] Decrypt(byte[] buffer)
        {
            return Transform(buffer, decryptor);
        }
    
        protected byte[] Transform(byte[] buffer, ICryptoTransform transform)
        {
            MemoryStream stream = new MemoryStream();
            using (CryptoStream cs = new CryptoStream(stream, transform, CryptoStreamMode.Write))
            {
                cs.Write(buffer, 0, buffer.Length);
            }
            return stream.ToArray();
        }
    }
    
    0 讨论(0)
  • 2020-11-22 01:30

    Just thought I'd add that I've improved Mud's SimplerAES by adding a random IV that's passed back inside the encrypted string. This improves the encryption as encrypting the same string will result in a different output each time.

    public class StringEncryption
    {
        private readonly Random random;
        private readonly byte[] key;
        private readonly RijndaelManaged rm;
        private readonly UTF8Encoding encoder;
    
        public StringEncryption()
        {
            this.random = new Random();
            this.rm = new RijndaelManaged();
            this.encoder = new UTF8Encoding();
            this.key = Convert.FromBase64String("Your+Secret+Static+Encryption+Key+Goes+Here=");
        }
    
        public string Encrypt(string unencrypted)
        {
            var vector = new byte[16];
            this.random.NextBytes(vector);
            var cryptogram = vector.Concat(this.Encrypt(this.encoder.GetBytes(unencrypted), vector));
            return Convert.ToBase64String(cryptogram.ToArray());
        }
    
        public string Decrypt(string encrypted)
        {
            var cryptogram = Convert.FromBase64String(encrypted);
            if (cryptogram.Length < 17)
            {
                throw new ArgumentException("Not a valid encrypted string", "encrypted");
            }
    
            var vector = cryptogram.Take(16).ToArray();
            var buffer = cryptogram.Skip(16).ToArray();
            return this.encoder.GetString(this.Decrypt(buffer, vector));
        }
    
        private byte[] Encrypt(byte[] buffer, byte[] vector)
        {
            var encryptor = this.rm.CreateEncryptor(this.key, vector);
            return this.Transform(buffer, encryptor);
        }
    
        private byte[] Decrypt(byte[] buffer, byte[] vector)
        {
            var decryptor = this.rm.CreateDecryptor(this.key, vector);
            return this.Transform(buffer, decryptor);
        }
    
        private byte[] Transform(byte[] buffer, ICryptoTransform transform)
        {
            var stream = new MemoryStream();
            using (var cs = new CryptoStream(stream, transform, CryptoStreamMode.Write))
            {
                cs.Write(buffer, 0, buffer.Length);
            }
    
            return stream.ToArray();
        }
    }
    

    And bonus unit test

    [Test]
    public void EncryptDecrypt()
    {
        // Arrange
        var subject = new StringEncryption();
        var originalString = "Testing123!£$";
    
        // Act
        var encryptedString1 = subject.Encrypt(originalString);
        var encryptedString2 = subject.Encrypt(originalString);
        var decryptedString1 = subject.Decrypt(encryptedString1);
        var decryptedString2 = subject.Decrypt(encryptedString2);
    
        // Assert
        Assert.AreEqual(originalString, decryptedString1, "Decrypted string should match original string");
        Assert.AreEqual(originalString, decryptedString2, "Decrypted string should match original string");
        Assert.AreNotEqual(originalString, encryptedString1, "Encrypted string should not match original string");
        Assert.AreNotEqual(encryptedString1, encryptedString2, "String should never be encrypted the same twice");
    }
    
    0 讨论(0)
  • 2020-11-22 01:30

    The namespace System.Security.Cryptography contains the TripleDESCryptoServiceProvider and RijndaelManaged classes

    Don't forget to add a reference to the System.Security assembly.

    0 讨论(0)
  • 2020-11-22 01:34

    I changed this:

    public string ByteArrToString(byte[] byteArr)
    {
        byte val;
        string tempStr = "";
        for (int i = 0; i <= byteArr.GetUpperBound(0); i++)
        {
            val = byteArr[i];
            if (val < (byte)10)
                tempStr += "00" + val.ToString();
            else if (val < (byte)100)
                tempStr += "0" + val.ToString();
            else
                tempStr += val.ToString();
        }
        return tempStr;
    }
    

    to this:

        public string ByteArrToString(byte[] byteArr)
        {
            string temp = "";
            foreach (byte b in byteArr)
                temp += b.ToString().PadLeft(3, '0');
            return temp;
        }
    
    0 讨论(0)
  • 2020-11-22 01:34

    I know you said you don't care about how secure it is, but if you chose DES you might as well take AES it is the more up-to-date encryption method.

    0 讨论(0)
提交回复
热议问题