How to Encrypt and Decrypt Strings in C# Using RijndaelManaged and the Cryptography API?

C# string encryption and decryption

In C#, string encryption and decryption are the key links of data protection. Let us discuss two commonly used methods:

<.> 1. Use the Rijndaelmanaged class

The RijndaelManaged class provides a strong implementation of popular AES (advanced encryption standards) algorithms. The following is an example of encryption and secret string:

<.> 2. Use Cryptography API

<code class="language-csharp">using System.Security.Cryptography;
using System.Text;

public static class Crypto
{
    // 虽然应用程序特定的盐不是基于密码的加密的最佳实践，
    // 但只要它确实不常见，它可能足够安全。修改此答案还需要做很多工作。
    private static byte[] _salt = { ... };

    public static string Encrypt(string plainText, string sharedSecret)
    {
        // 从共享密钥和盐生成密钥
        Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(sharedSecret, _salt);

        // 创建 RijndaelManaged 对象
        RijndaelManaged aesAlg = new RijndaelManaged();
        aesAlg.Key = key.GetBytes(aesAlg.KeySize / 8);

        // 加密数据
        ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);
        byte[] cipherText = null;

        using (MemoryStream msEncrypt = new MemoryStream())
        {
            // 添加 IV
            msEncrypt.Write(BitConverter.GetBytes(aesAlg.IV.Length), 0, sizeof(int));
            msEncrypt.Write(aesAlg.IV, 0, aesAlg.IV.Length);

            using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
            {
                using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
                {
                    // 将数据写入流
                    swEncrypt.Write(plainText);
                }
            }

            cipherText = msEncrypt.ToArray();
        }

        // 将加密的字节作为 base64 字符串返回
        return Convert.ToBase64String(cipherText);
    }

    public static string Decrypt(string cipherText, string sharedSecret)
    {
        // 从共享密钥和盐生成密钥
        Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(sharedSecret, _salt);

        // 创建 RijndaelManaged 对象
        RijndaelManaged aesAlg = new RijndaelManaged();
        aesAlg.Key = key.GetBytes(aesAlg.KeySize / 8);

        // 解密数据
        ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV);
        byte[] plainText = null;

        using (MemoryStream msDecrypt = new MemoryStream(Convert.FromBase64String(cipherText)))
        {
            // 从加密流中获取初始化向量
            aesAlg.IV = ReadByteArray(msDecrypt);

            using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
            {
                using (StreamReader srDecrypt = new StreamReader(csDecrypt))
                {
                    // 从解密流中读取解密的字节
                    plainText = Encoding.UTF8.GetBytes(srDecrypt.ReadToEnd());
                }
            }
        }

        // 将解密的文本作为字符串返回
        return Encoding.UTF8.GetString(plainText);
    }

    // 读取流中字节数组的辅助方法
    private static byte[] ReadByteArray(Stream s)
    {
        byte[] rawLength = new byte[sizeof(int)];
        if (s.Read(rawLength, 0, rawLength.Length) != rawLength.Length)
        {
            throw new InvalidOperationException("流不包含正确格式的字节数组");
        }

        byte[] buffer = new byte[BitConverter.ToInt32(rawLength, 0)];
        if (s.Read(buffer, 0, buffer.Length) != buffer.Length)
        {
            throw new InvalidOperationException("未正确读取字节数组");
        }

        return buffer;
    }
}</code>

Cryptography API in C# offers a variety of classes for security encryption operations. The following is an example of how to use this API encryption and secret string:

Both methods provide a powerful encryption and decryption mechanism for protecting the sensitive data in C#. The RijndaelmanageD class is a mature and widely used algorithm, and the Cryptography API provides additional functions and flexibility. Please note that the definition of

in the code is omitted, and a safe salt value needs to be defined in actual use. In addition, for the production environment, it is recommended to use more powerful key management and more secure key derived methods.

The above is the detailed content of How to Encrypt and Decrypt Strings in C# Using RijndaelManaged and the Cryptography API?. For more information, please follow other related articles on the PHP Chinese website!