Encryption 我是否正确使用RSA加密和签名?
我想确保我的应用程序中有正确的加密部分。我计划开源这段代码。您可以在以下位置获取两个相关文件: 我犯过什么错误吗?我知道在写这篇文章的时候我不理解HMAC 这个想法很简单。我加载收件人公钥。加密随机生成的AES密钥。使用所述AES对消息进行编码,然后将其填充到tcp连接中。它似乎工作正常。我是否忽略了什么?我有一种感觉,也许aes应该有一个随机生成的IV,但密钥本身是随机生成的,所以也许我不需要 我还使用了SHA1CryptoServiceProvider,我想我应该使用SHA512CryptoServiceProvider 我签对了吗?它说它已经签名了,但我不确定是否有人攻击它Encryption 我是否正确使用RSA加密和签名?,encryption,.net,rsa,Encryption,.net,Rsa,我想确保我的应用程序中有正确的加密部分。我计划开源这段代码。您可以在以下位置获取两个相关文件: 我犯过什么错误吗?我知道在写这篇文章的时候我不理解HMAC 这个想法很简单。我加载收件人公钥。加密随机生成的AES密钥。使用所述AES对消息进行编码,然后将其填充到tcp连接中。它似乎工作正常。我是否忽略了什么?我有一种感觉,也许aes应该有一个随机生成的IV,但密钥本身是随机生成的,所以也许我不需要 我还使用了SHA1CryptoServiceProvider,我想我应该使用SHA512Crypto
public byte[] SendMessage(byte[] recipient_pubkey, byte[] replyTo, string txt, byte[] prvkey, byte[] pubkey)
{
RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
var msgid = new byte[16];
rng.GetBytes(msgid);
using (var aes = new RijndaelManaged())
{
byte[] rsa_aes_key;
RSAParameters recipient_rsap;
Shared.LoadKey2(Shared.pubToPem(recipient_pubkey), null, out recipient_rsap);
using (var rsa = new RSACryptoServiceProvider())
{
rsa.ImportParameters(recipient_rsap);
rsa_aes_key = rsa.Encrypt(aes.Key, false);
}
var aesmsg = EncodeMessage(recipient_pubkey, msgid, replyTo, txt, prvkey, pubkey, aes.Key, Shared.FixedIV_16bytes);
if (rsa_aes_key.Length + aesmsg.Length > 1024 * 15) throw new Exception();
sw.WriteByte((byte)ClientServerCmd.SendMessage);
sw.WriteShort((short)recipient_pubkey.Length);
sw.Write(recipient_pubkey, 0, recipient_pubkey.Length);
sw.WriteShort(rsa_aes_key.Length + aesmsg.Length);
sw.Write(rsa_aes_key, 0, rsa_aes_key.Length);
sw.Write(aesmsg, 0, aesmsg.Length);
sw.Flush();
var resp = sr.ReadByte();
if (resp != (byte)ClientServerCmd.KeyLenOk)
throw new Exception();
resp = sr.ReadByte();
if (resp == (byte)ClientServerCmd.NotRegistered)
throw new MyException("User you're writing to does not exist");
if (resp != (byte)ClientServerCmd.Success)
throw new Exception();
}
return msgid;
}
byte[] EncodeMessage(byte[] recipient_pubkey, byte[]msgid, byte[] replyTo, string txt, byte[] prvkey, byte[] pubkey, byte[] aes_key, byte[] aes_iv)
{
if (replyTo == null)
{
replyTo = new byte[16];
}
var txtbuf = Encoding.UTF8.GetBytes(txt);
var SignMessage = prvkey != null;
byte[] hash = null;
if (SignMessage)
{
using (var rsa = new RSACryptoServiceProvider())
{
RSAParameters rsap;
Shared.LoadKey2(Shared.prvToPem(prvkey), null, out rsap);
rsa.ImportParameters(rsap);
using (var ms = new MemoryStream()) //sign
{
ms.Write(msgid, 0, msgid.Length);
ms.Write(replyTo, 0, replyTo.Length);
ms.WriteShort((short)txtbuf.Length);
ms.Write(txtbuf, 0, txtbuf.Length);
ms.WriteShort((short)pubkey.Length);
ms.Write(pubkey, 0, pubkey.Length);
ms.WriteShort((short)recipient_pubkey.Length);
ms.Write(recipient_pubkey, 0, recipient_pubkey.Length);
ms.Position = 0;
hash = rsa.SignData(ms, new SHA1CryptoServiceProvider());
}
}
}
byte[] c1;
using (var ms1 = new MemoryStream())
using (var ms = new BZip2OutputStream(ms1))
{
ms.Write(txtbuf, 0, txtbuf.Length);
ms.Close();
c1 = ms1.ToArray();
}
var compressText = c1.Length < txtbuf.Length;
byte[] aesmsg;
byte[] aeskey;
using (var aes = new RijndaelManaged())
{
aeskey = aes.Key;
aes.IV = Shared.FixedIV_16bytes;
using (MemoryStream msEncrypt = new MemoryStream())
{
using (var encryptor = aes.CreateEncryptor(aes_key, aes_iv))
using (CryptoStream sw2 = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
{
sw2.WriteByte((Byte)((compressText ? 1 : 0) | (SignMessage ? 2 : 0)));
sw2.Write(msgid, 0, msgid.Length);
sw2.Write(replyTo, 0, replyTo.Length);
if (compressText)
{
sw2.WriteShort((short)c1.Length);
sw2.Write(c1, 0, c1.Length);
}
else
{
sw2.WriteShort((short)txtbuf.Length);
sw2.Write(txtbuf, 0, txtbuf.Length);
}
if (SignMessage)
{
sw2.WriteShort((short)pubkey.Length);
sw2.Write(pubkey, 0, pubkey.Length);
sw2.WriteShort((short)hash.Length);
sw2.Write(hash, 0, hash.Length);
}
}
msEncrypt.Flush();
aesmsg = msEncrypt.ToArray();
}
}
return aesmsg;
}
public byte[]sendmages(byte[]recipient\u pubkey,byte[]replyTo,string txt,byte[]prvkey,byte[]pubkey)
{
RNGCryptoServiceProvider rng=新的RNGCryptoServiceProvider();
var msgid=新字节[16];
rng.GetBytes(msgid);
使用(var aes=new RijndaelManaged())
{
字节[]rsa_aes_密钥;
rsap;
Shared.LoadKey2(Shared.pubToPem(recipient_pubkey),null,out recipient_rsap);
使用(var rsa=new RSACryptoServiceProvider())
{
rsa.进口参数(接收者);
rsa_aes_key=rsa.Encrypt(aes.key,false);
}
var AESMG=EncodeMessage(收件人公开密钥、msgid、replyTo、txt、prvkey、公开密钥、aes.Key、Shared.FixedIV_16字节);
如果(rsa_aes_key.Length+aesmg.Length>1024*15)抛出新异常();
sw.WriteByte((字节)ClientServerCmd.SendMessage);
sw.WriteShort((短)收件人的公开密钥长度);
sw.Write(recipient_pubkey,0,recipient_pubkey.Length);
sw.WriteShort(rsa_aes_key.Length+aesmg.Length);
sw.Write(rsa_aes_key,0,rsa_aes_key.Length);
sw.Write(AESMG,0,AESMG.Length);
sw.Flush();
var resp=sr.ReadByte();
if(resp!=(字节)ClientServerCmd.KeyLenOk)
抛出新异常();
resp=sr.ReadByte();
如果(resp==(字节)ClientServerCmd.NotRegistered)
抛出新的MyException(“您正在写入的用户不存在”);
if(resp!=(字节)ClientServerCmd.Success)
抛出新异常();
}
返回msgid;
}
字节[]编码消息(字节[]收件人公开密钥,字节[]msgid,字节[]回复,字符串txt,字节[]prvkey,字节[]公开密钥,字节[]aes公开密钥,字节[]aes公开密钥iv)
{
if(replyTo==null)
{
replyTo=新字节[16];
}
var txtbuf=Encoding.UTF8.GetBytes(txt);
var SignMessage=prvkey!=null;
字节[]散列=null;
如果(签名信息)
{
使用(var rsa=new RSACryptoServiceProvider())
{
rsap参数;
Shared.LoadKey2(Shared.prvToPem(prvkey)),null,out rsap;
rsa.进口参数(rsap);
使用(var ms=new MemoryStream())//符号
{
ms.Write(msgid,0,msgid.Length);
ms.Write(replyTo,0,replyTo.Length);
ms.WriteShort((短)txtbuf.Length);
ms.Write(txtbuf,0,txtbuf.Length);
ms.WriteShort((短)pubkey.Length);
ms.Write(pubkey,0,pubkey.Length);
ms.WriteShort((短)收件人的公开密钥长度);
ms.Write(recipient_pubkey,0,recipient_pubkey.Length);
ms.Position=0;
hash=rsa.SignData(ms,新的SHA1CryptoServiceProvider());
}
}
}
字节[]c1;
使用(var ms1=new MemoryStream())
使用(var ms=新的BZip2OutputStream(ms1))
{
ms.Write(txtbuf,0,txtbuf.Length);
Close女士();
c1=ms1.ToArray();
}
var compressText=c1.长度