在项目的开发过程种,很多时候飘易会遇到前端和后端之间的数据传输的安全问题,在以前大家还没怎么注意这种传输的安全问题,很多密码的传输可能也是明文的 ,第三方劫持,中间人劫持,是可以轻易拿到客户端和服务端之间的明文通讯数据。这个对稍微有些安全审计要求的业务就通通不行了。
DES:全称为Data Encryption Standard,即数据加密标准,是一种使用密钥加密的块算法;
3DES:(即Triple DES)是DES向AES过渡的加密算法,它使用3条56位的密钥对数据进行三次加密。3DES更为安全。
AES:高级加密标准(英语:Advanced Encryption Standard,缩写:AES),在密码学中又称Rijndael加密法,这个标准用来替代原先的DES;
RSA:公钥加密算法是1977年由罗纳德·李维斯特(Ron Rivest)、阿迪·萨莫尔(Adi Shamir)和伦纳德·阿德曼(Leonard Adleman)一起提出的。
MD5:Message Digest Algorithm MD5(消息摘要算法第五版)为计算机安全领域广泛使用的一种散列函数,用以提供消息的完整性保护。
SHA1:即安全哈希算法(Secure Hash Algorithm),主要适用于数字签名标准,SHA1会产生一个160位的消息摘要;
非对称加密为数据的加密与解密提供了一个非常安全的方法,它使用了一对密钥,公钥(public key)和私钥(private key)。私钥只能由一方安全保管,不能外泄,而公钥则可以发给任何请求它的人。非对称加密使用这对密钥中的一个进行加密,而解密则需要另一个密钥。
这对公钥和私钥一般我们看到的是base64后的字符串。公钥一般是由3部分组成的:header,Modulus,Exponent,我们需要解析它,在C#里面我们可以借助一些库来实现,分别得到Modulus和Exponent,就可以创建 RSACryptoServiceProvider 实例了:
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider(); RSAParameters RSAKeyInfo = new RSAParameters(); RSAKeyInfo.Modulus = modulus; RSAKeyInfo.Exponent = exponent; RSA.ImportParameters(RSAKeyInfo);
详细的解释,可以从这篇帖子里看看:correctly create rsacryptoserviceprovider from public key
这个长度一般在100-300字节以内,根据密钥长度而定,有些机器是 172 bytes,有些可能更少些。
关于为什么,可以留意下这篇 msdn 上的文章:Cryptography - Key not valid for use in specified state,这里引用下解释:
This is probably one of the most posted issues with regards to RSA encryption. The problem is not with the .NET provider. The problem is that the RSA algorithm (mathematically speaking) is not designed to encrypt large amounts of data. RSA works in a product-exponent factorization puzzle with the input. The amount of input the RSA algorithm can encrypt is directly proportional to the size of the key. This is why RSA is not a bulk cipher (an algorithm that can encrypt arbitrarily large pieces of input, such as text). By the way, generating large RSA keys is VERY slow, and also has limits, so that's NOT a way around the problem. Simply speaking, RSA is not intended to encrypt messages. To encrypt messages or any other large piece of data, you need a block cipher. Something like Rijndael or 3DES. They can take any length of input and encrypt/decrypt it. That's what they were designed to do. The problem is that they work with a single key. So the trick is how do you make sure both parties (the encryptor and decryptor) have the same key while making sure that nobody between them can intercept that key. That's where RSA comes in. RSA is a 2-key system that has both a public and private key. Anything that you encrypt wiht the public key can be decrypted only with the private key. You can distribute the public key to anyone so they can encrypt things that only you can decrypt with the private key. When you combine RSA with a block cipher, you have a system that can securely send the block cipher key using the RSA public key. Only the person with the RSA private key can decrypt the block cipher key (which is relatively small). Now both sides have the same block cipher key and can do bulk encryption to each other using the block cipher (Rijndael, 3DES, etc.). In that sense, RSA is used for doing secure key exchanges. The other things that RSA is good for is digital signatures. You basically take a small hash of a much larger message, then you encrypt the hash code using the RSA private key. That's called a digital signature. Now anyone with the RSA public key can decrypt it. If it decrypts and verifies correctly, you can be farily certain the data came from the right person because only he or she has the corresponding RSA private key. However, RSA is not intended for bulk encryption.
SHA1 和 MD5 是搜索散列算法,将任意大小的数据映射到一个较小的、固定长度的唯一值。加密性强的散列一定是不可逆的,这就意味着通过散列结果,无法推出任何部分的原始信息。任何输入信息的变化,哪怕仅一位,都将导致散列结果的明显变化,这称之为雪崩效应。散列还应该是防冲突的,即找不出具有相同散列结果的两条信息。具有这些特性的散列结果就可以用于验证信息是否被修改。MD5 比 SHA1 大约快 33%。
有几种思路,可以去实践。不管哪种思路,RSA非对称加密一般会选用的,再混合其他对称加密算法(DES, AES等)结合起来。
a. 先生成一串随机字符串作为AES的秘钥明文key,然后使用RSA公钥对这个key进行加密,得到加密后的AES秘钥密文key;
b. 将要发送的请求数据用明文key进行AES加密,得到数据密文。
飘易的这里前端是 C# 编写的PC桌面端软件,服务端是PHP。
AES加密 C# 版本代码:
using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Security.Cryptography; using System.IO; /** * AES 加解密 * */ namespace PIAOYIORG { class AES { // secret IV 16位 private static byte[] iv = new byte[16] { 0x1, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0 }; // 加密 public static string Encrypt(string message, string key) { // Create sha256 hash SHA256 mySHA256 = SHA256Managed.Create(); byte[] keyByte = mySHA256.ComputeHash(Encoding.UTF8.GetBytes(key));//32位 string encrypted = EncryptString(message, keyByte, iv); return encrypted; } // 解密 public static string Decrypt(string message, string key) { // Create sha256 hash SHA256 mySHA256 = SHA256Managed.Create(); byte[] keyByte = mySHA256.ComputeHash(Encoding.UTF8.GetBytes(key));//32位 string decrypted = DecryptString(message, keyByte, iv); return decrypted; } // 加密 public static string EncryptString(string plainText, byte[] key, byte[] iv) { // Instantiate a new Aes object to perform string symmetric encryption Aes encryptor = Aes.Create(); encryptor.Mode = CipherMode.CBC; // Set key and IV encryptor.Key = key; encryptor.IV = iv; // Instantiate a new MemoryStream object to contain the encrypted bytes MemoryStream memoryStream = new MemoryStream(); // Instantiate a new encryptor from our Aes object ICryptoTransform aesEncryptor = encryptor.CreateEncryptor(); // Instantiate a new CryptoStream object to process the data and write it to the // memory stream CryptoStream cryptoStream = new CryptoStream(memoryStream, aesEncryptor, CryptoStreamMode.Write); // Convert the plainText string into a byte array byte[] plainBytes = Encoding.UTF8.GetBytes(plainText); // Encrypt the input plaintext string cryptoStream.Write(plainBytes, 0, plainBytes.Length); // Complete the encryption process cryptoStream.FlushFinalBlock(); // Convert the encrypted data from a MemoryStream to a byte array byte[] cipherBytes = memoryStream.ToArray(); // Close both the MemoryStream and the CryptoStream memoryStream.Close(); cryptoStream.Close(); // Convert the encrypted byte array to a base64 encoded string string cipherText = Convert.ToBase64String(cipherBytes, 0, cipherBytes.Length); // Return the encrypted data as a string return cipherText; } // 解密 public static string DecryptString(string cipherText, byte[] key, byte[] iv) { // Instantiate a new Aes object to perform string symmetric encryption Aes encryptor = Aes.Create(); encryptor.Mode = CipherMode.CBC; // Set key and IV encryptor.Key = key; encryptor.IV = iv; // Instantiate a new MemoryStream object to contain the encrypted bytes MemoryStream memoryStream = new MemoryStream(); // Instantiate a new encryptor from our Aes object ICryptoTransform aesDecryptor = encryptor.CreateDecryptor(); // Instantiate a new CryptoStream object to process the data and write it to the // memory stream CryptoStream cryptoStream = new CryptoStream(memoryStream, aesDecryptor, CryptoStreamMode.Write); // Will contain decrypted plaintext string plainText = String.Empty; try { // Convert the ciphertext string into a byte array byte[] cipherBytes = Convert.FromBase64String(cipherText); // Decrypt the input ciphertext string cryptoStream.Write(cipherBytes, 0, cipherBytes.Length); // Complete the decryption process cryptoStream.FlushFinalBlock(); // Convert the decrypted data from a MemoryStream to a byte array byte[] plainBytes = memoryStream.ToArray(); // Convert the decrypted byte array to string plainText = Encoding.UTF8.GetString(plainBytes, 0, plainBytes.Length); } finally { // Close both the MemoryStream and the CryptoStream memoryStream.Close(); cryptoStream.Close(); } // Return the decrypted data as a string return plainText; } } }
AES加密 PHP 版本代码:
<?php namespace App\Libs; /** * AES 加解密算法类 * openssl_* 系列函数需要PHP7.1+ */ class AesClass { // IV must be exact 16 chars (128 bit) protected $iv = ""; protected $method = 'aes-256-cbc';// 加密算法 /** * 构造器 */ public function __construct() { // IV 初始化 $this->iv = chr(0x1) . chr(0x2) . chr(0x3) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0); } //加密 - php7.1+ function encrypt($str, $key) { // Must be exact 32 chars (256 bit) $key32 = substr(hash('sha256', $key, true), 0, 32); $res = base64_encode(openssl_encrypt($str, $this->method, $key32, OPENSSL_RAW_DATA, $this->iv)); return $res; } //解密 - php7.1+ function decrypt($str, $key) { // Must be exact 32 chars (256 bit) $key32 = substr(hash('sha256', $key, true), 0, 32); $res = openssl_decrypt(base64_decode($str), $this->method, $key32, OPENSSL_RAW_DATA, $this->iv); return $res; } }
RSA 加密 - C# 代码:
string rsa_public_key = "MIGfMA0GCS...GwyB2E19DMv8PqQIDAQAB";//RSA公钥,合并成1行 // 随机生成AES密钥 string aeskey = Guid.NewGuid().ToString();//36位 string aeskeyDecrypt = RSACrypt.encryptData(aeskey, rsa_public_key, "UTF-8");// 使用RSA公钥加密aes密钥 aeskeyDecrypt = HttpUtility.UrlEncode(aeskeyDecrypt);// +/=需要编码,不然PHP的base64_decode无法解码 // AES加密方法 string dataGo = data.ToString(); dataGo = AES.Encrypt(dataGo, aeskey);// aes加密 dataGo = HttpUtility.UrlEncode(dataGo);// +/=需要编码,不然PHP的base64_decode无法解码 // 接下来可以把 dataGo, aeskeyDecrypt 发送给服务端了
RSA 解密 - PHP 代码:
// RSA公钥和私钥 protected $rsa_public_key = '-----BEGIN PUBLIC KEY----- M000MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBYT0M8lo2CQwmR2/4XVr5Gyex ... p000wyB2E19DMv8PqQIDAQAB -----END PUBLIC KEY-----'; protected $rsa_private_key = '-----BEGIN RSA PRIVATE KEY----- M00CXAIBAAKBgQDBYT0M8lo2CQwmR2/4XVr5GyexRQxh7beUl2hNpdF/CNAuG7zY ... 1R3Al+vtP1Ci5a3BE809vckxTBpoliGY86eBZuAee00= -----END RSA PRIVATE KEY-----'; ... $data = $request->input('data');// aes加密后的数据体 $key = $request->input('key');// aes密钥-密文 // 用RSA私钥解密aes密钥 $aeskey = "";// aes密钥-明文 $private_key = openssl_pkey_get_private($this->rsa_private_key);//成功返回密钥资源标识符,失败返回false $deres = openssl_private_decrypt(base64_decode($key), $aeskey, $private_key); if(!$deres || empty($aeskey)) { return $this->sendErrorData("decrypt fail"); } // AES解密 $aes = new \App\Libs\AesClass(); $data = $aes->decrypt($data, $aeskey); if(empty($data)){ return $this->sendErrorData("data empty"); } // 继续处理啦