C# 檔案加密解密 SHA256
阿新 • • 發佈:2019-02-01
/// <summary> /// 加密檔案隨機數生成 /// </summary> private static RandomNumberGenerator rand = new RNGCryptoServiceProvider(); private const int BUFFER_SIZE = 128 * 1024; private const ulong FC_TAG = 0xFC010203040506CF; /// <summary> /// 生成指定長度的隨機Byte陣列 /// </summary> /// <param name="count">Byte陣列長度</param> /// <returns>隨機Byte陣列</returns> private static byte[] GenerateRandomBytes(int count) { byte[] bytes = new byte[count]; //產生隨機序列 rand.GetBytes(bytes); return bytes; } /// <summary> /// 建立Rijndael SymmetricAlgorithm /// </summary> /// <param name="password">密碼</param> /// <param name="salt"></param> /// <returns>加密物件</returns> private static SymmetricAlgorithm CreateRijndael(string password, byte[] salt) { PasswordDeriveBytes pdb = new PasswordDeriveBytes(password, salt, "SHA256", 1000); SymmetricAlgorithm sma = Rijndael.Create(); sma.KeySize = 256; sma.Key = pdb.GetBytes(16); sma.Padding = PaddingMode.PKCS7; return sma; } public static void EncryptFile(string inFile, string outFile, string password) { using (FileStream fin = File.OpenRead(inFile), fout = File.OpenWrite(outFile)) { long lSize = fin.Length; // 輸入檔案長度 int size = (int)lSize; byte[] bytes = new byte[BUFFER_SIZE]; // 快取 int read = -1; // 輸入檔案讀取數量 int value = 0; // 獲取IV和salt //金鑰salt在加密演算法中主要被設計用來防止“字典攻擊”。字典攻擊也是一種窮舉的暴力破解法。字典中會假設一定數量的密碼值, //攻擊者會嘗試用這些密碼來解密密文。Salt是在金鑰匯出之前在密碼末尾引入的隨機位元組,它使這類攻擊變得非常困難 //初始化向量IV在加密演算法中起到的也是增強破解難度的作用。在加密過程中,如果遇到相同的資料塊,其加密出來的結果也一致,相對就會容易破解。 //加密演算法在加密資料塊的時候,往往會同時使用密碼和上一個資料塊的加密結果。因為要加密的第一個資料塊顯然不存在上一個資料塊,所以這個初始化向量就是被設計用來當作初始資料塊的加密結果。 byte[] IV = GenerateRandomBytes(16); byte[] salt = GenerateRandomBytes(16); // 建立加密物件 SymmetricAlgorithm sma = CreateRijndael(password, salt); sma.IV = IV; // 在輸出檔案開始部分寫入IV和salt fout.Write(IV, 0, IV.Length); fout.Write(salt, 0, salt.Length); // 建立雜湊加密 HashAlgorithm hasher = SHA256.Create(); // 定義將資料流連結到加密轉換的流。 using (CryptoStream cout = new CryptoStream(fout, sma.CreateEncryptor(), CryptoStreamMode.Write), chash = new CryptoStream(Stream.Null, hasher, CryptoStreamMode.Write)) { BinaryWriter bw = new BinaryWriter(cout); bw.Write(lSize); bw.Write(FC_TAG); // 讀寫位元組塊到加密流緩衝區 while ((read = fin.Read(bytes, 0, bytes.Length)) != 0) { cout.Write(bytes, 0, read); chash.Write(bytes, 0, read); value += read; } // 關閉加密流 chash.Flush(); chash.Close(); // 讀取雜湊 //在 chash 獲取雜湊金鑰 byte[] hash = hasher.Hash; // 輸入檔案寫入雜湊 cout.Write(hash, 0, hash.Length); // 關閉檔案流 cout.Flush(); cout.Close(); } } } /// <summary> /// 解密檔案 /// </summary> /// <param name="inFile">待解密檔案</param> /// <param name="outFile">解密後輸出檔案</param> /// <param name="password">解密密碼</param> public static void DecryptFile(string inFile, string outFile, string password) { // 建立開啟檔案流 using (FileStream fin = File.OpenRead(inFile), fout = File.OpenWrite(outFile)) { int size = (int)fin.Length; byte[] bytes = new byte[BUFFER_SIZE]; int read = -1; int value = 0; int outValue = 0; byte[] IV = new byte[16]; fin.Read(IV, 0, 16); byte[] salt = new byte[16]; fin.Read(salt, 0, 16); SymmetricAlgorithm sma = CreateRijndael(password, salt); sma.IV = IV; value = 32; long lSize = -1; // 建立雜湊物件, 校驗檔案 HashAlgorithm hasher = SHA256.Create(); using (CryptoStream cin = new CryptoStream(fin, sma.CreateDecryptor(), CryptoStreamMode.Read), chash = new CryptoStream(Stream.Null, hasher, CryptoStreamMode.Write)) { // 讀取檔案長度 BinaryReader br = new BinaryReader(cin); lSize = br.ReadInt64(); ulong tag = br.ReadUInt64(); if (FC_TAG != tag) throw new Exception("檔案被破壞"); long numReads = lSize / BUFFER_SIZE; long slack = (long)lSize % BUFFER_SIZE; for (int i = 0; i < numReads; ++i) { read = cin.Read(bytes, 0, bytes.Length); fout.Write(bytes, 0, read); chash.Write(bytes, 0, read); value += read; outValue += read; } if (slack > 0) { read = cin.Read(bytes, 0, (int)slack); fout.Write(bytes, 0, read); chash.Write(bytes, 0, read); value += read; outValue += read; } chash.Flush(); chash.Close(); fout.Flush(); fout.Close(); byte[] curHash = hasher.Hash; // 獲取比較和舊的雜湊物件 byte[] oldHash = new byte[hasher.HashSize / 8]; read = cin.Read(oldHash, 0, oldHash.Length); if ((oldHash.Length != read) || (!CheckByteArrays(oldHash, curHash))) throw new Exception("檔案被破壞"); } if (outValue != lSize) throw new Exception("檔案大小不匹配"); } } /// <summary> /// 檢驗兩個Byte陣列是否相同 /// </summary> /// <param name="b1">Byte陣列</param> /// <param name="b2">Byte陣列</param> /// <returns>true-相等</returns> private static bool CheckByteArrays(byte[] b1, byte[] b2) { if (b1.Length == b2.Length) { for (int i = 0; i < b1.Length; ++i) { if (b1[i] != b2[i]) return false; } return true; } return false; }