具体到利用PBKDF2算法(PKCS#5)来导出初始密钥的使用,这里提供一个参考:
计算公式为:DK = PBKDF2(Password, Salt, count, dkLen)
输入:
Password :用户输入的口令或者读取的一串字符串,这里使用“密钥因子”。
Salt :盐值,字符串,这里使用“初始向量”
count :迭代次数,正整数,默认使用“50,000”次,华为要求不小于10000次
dkLen :导出密钥的字节长度,正整数,该长度需根据应用程序或密码应用模块所需要的工作密钥长度来定义,以AES128加密算法为例,密钥长度为128bit,即16字节。
输出:
DK :导出的密钥,长度为dkLen个字节的字符串。
Hash函数:
优先使用HmacSHA256、HmacSHA384、HmacSHA512等强密码算法,如果是由于使用的加密库等方面的原因导致不支持相应的强密码算法,也可以使用HmacSHA1,但迭代次数(count)需定义为“100,000”次。
using System; using System.Collections.Generic; using System.Linq; using System.Security.Cryptography; using System.Text; using System.Threading.Tasks; namespace TestPassword { public class PasswordSecurity { class InvalidHashException : Exception { public InvalidHashException() { } public InvalidHashException(string message) : base(message) { } public InvalidHashException(string message, Exception inner) : base(message, inner) { } } class CannotPerformOperationException : Exception { public CannotPerformOperationException() { } public CannotPerformOperationException(string message) : base(message) { } public CannotPerformOperationException(string message, Exception inner) : base(message, inner) { } } public class PasswordStorage { // These constants may be changed without breaking existing hashes. public const int SALT_BYTES = 16; // The number of bytes of salt. By default, 24 bytes, which is 192 bits. This is more than enough. This constant should not be changed. public const int HASH_BYTES = 16; public const int PBKDF2_ITERATIONS = 100000; // PBKDF2 迭代次数,默认32000 // These constants define the encoding and may not be changed. // 对应format: algorithm:iterations:hashSize:salt:hash public const int HASH_ALGORITHM_INDEX = 0; // 加密方式所对应的索引,目前只支持sha1 public const int ITERATION_INDEX = 1; // 迭代次数所对应的索引 public const int HASH_SIZE_INDEX = 2; // hashsize所对应的索引 public const int SALT_INDEX = 3; // salt值所对应的索引 public const int PBKDF2_INDEX = 4; // hash值所对应的索引 public const int HASH_SECTIONS = 5; // 总共存储几段数据;根据分隔符,对应 format中字段 private const string HASH_ALGORITHM = "sha1"; // 加密方式,目前只支持sha1 ////// 创建hash+salt后的密码 /// /// 原始密码,比如abcdef ///public static string CreateHash(string password) { // Generate a random salt byte[] salt = new byte[SALT_BYTES]; try { using (RNGCryptoServiceProvider csprng = new RNGCryptoServiceProvider()) { csprng.GetBytes(salt); } } catch (CryptographicException ex) { throw new CannotPerformOperationException("Random number generator not available.", ex); } catch (ArgumentNullException ex) { throw new CannotPerformOperationException("Invalid argument given to random number generator.", ex); } byte[] hash = PBKDF2(password, salt, PBKDF2_ITERATIONS, HASH_BYTES); // format: algorithm:iterations:hashSize:salt:hash /* * algorithm is the name of the cryptographic hash function ("sha1"). iterations is the number of PBKDF2 iterations ("64000"). hashSize is the length, in bytes, of the hash field (after decoding). salt is the salt, base64 encoded. hash is the PBKDF2 output, base64 encoded. It must encode hashSize bytes. * */ return Convert.ToBase64String(hash); //return string.Format("{0}:{1}:{2}:{3}:{4}" // , HASH_ALGORITHM // , PBKDF2_ITERATIONS // , hash.Length // , Convert.ToBase64String(salt) // , Convert.ToBase64String(hash)); } /// /// 验证密码是否有效 /// /// 原始密码,比如abcdef /// 已存的hash,从DB中读取;format: algorithm:iterations:hashSize:salt:hash ///public static bool VerifyPassword(string password, string goodHash) { char[] delimiter = { ':' }; string[] split = goodHash.Split(delimiter); if (split.Length != HASH_SECTIONS) { throw new InvalidHashException("Fields are missing from the password hash."); } // We only support SHA1 with C#. if (split[HASH_ALGORITHM_INDEX] != HASH_ALGORITHM) { throw new CannotPerformOperationException("Unsupported hash type."); } int iterations = 0; try { iterations = Int32.Parse(split[ITERATION_INDEX]); } catch (ArgumentNullException ex) { throw new CannotPerformOperationException("Invalid argument given to Int32.Parse", ex); } catch (FormatException ex) { throw new InvalidHashException("Could not parse the iteration count as an integer.", ex); } catch (OverflowException ex) { throw new InvalidHashException("The iteration count is too large to be represented.", ex); } if (iterations < 1) { throw new InvalidHashException("Invalid number of iterations. Must be >= 1."); } byte[] salt = null; try { salt = Convert.FromBase64String(split[SALT_INDEX]); } catch (ArgumentNullException ex) { throw new CannotPerformOperationException("Invalid argument given to Convert.FromBase64String", ex); } catch (FormatException ex) { throw new InvalidHashException("Base64 decoding of salt failed.", ex); } byte[] hash = null; try { hash = Convert.FromBase64String(split[PBKDF2_INDEX]); } catch (ArgumentNullException ex) { throw new CannotPerformOperationException("Invalid argument given to Convert.FromBase64String", ex); } catch (FormatException ex) { throw new InvalidHashException("Base64 decoding of pbkdf2 output failed.", ex); } int storedHashSize = 0; try { storedHashSize = Int32.Parse(split[HASH_SIZE_INDEX]); } catch (ArgumentNullException ex) { throw new CannotPerformOperationException("Invalid argument given to Int32.Parse", ex); } catch (FormatException ex) { throw new InvalidHashException("Could not parse the hash size as an integer.", ex); } catch (OverflowException ex) { throw new InvalidHashException("The hash size is too large to be represented.", ex); } if (storedHashSize != hash.Length) { throw new InvalidHashException("Hash length doesn't match stored hash length."); } byte[] testHash = PBKDF2(password, salt, iterations, hash.Length); return SlowEquals(hash, testHash); } private static bool SlowEquals(byte[] a, byte[] b) { uint diff = (uint)a.Length ^ (uint)b.Length; for (int i = 0; i < a.Length && i < b.Length; i++) { diff |= (uint)(a[i] ^ b[i]); } return diff == 0; } private static byte[] PBKDF2(string password, byte[] salt, int iterations, int outputBytes) { using (Rfc2898DeriveBytes pbkdf2 = new Rfc2898DeriveBytes(password, salt)) { pbkdf2.IterationCount = iterations; return pbkdf2.GetBytes(outputBytes); } } /// /// HMAC-SHA256 加密 /// /// 要加密的字符串 /// 密钥 /// 字符编码 ///public static string HMACSHA256Encrypt(string input, string key, Encoding encoding) { return HashEncrypt(new HMACSHA256(encoding.GetBytes(key)), input, encoding); } /// /// 哈希加密算法 /// /// 所有加密哈希算法实现均必须从中派生的基类 /// 待加密的字符串 /// 字符编码 ///private static string HashEncrypt(HashAlgorithm hashAlgorithm, string input, Encoding encoding) { var data = hashAlgorithm.ComputeHash(encoding.GetBytes(input)); return BitConverter.ToString(data).Replace("-", ""); } } } } ///生成根秘钥 using System; using System.Collections.Generic; using System.Linq; using System.Security.Cryptography; using System.Text; using System.Threading.Tasks; namespace TestPassword { class Program { public Program() { } /// /// 加密字符串 /// /// /// ///public string CharEncrypt(RootModel rmd, string str) { string strKey = string.Empty; //解密工作秘钥 (加密方式AES/CBC/ISO10126) string strWorkKey = AesHelper.AESDecryptNew(rmd.workKeyEcpt, rmd.rootKey, rmd.workKeyIV); //先UTF-8,BASE 64 string EnStr = Convert.ToBase64String(Encoding.UTF8.GetBytes(str)); //加密字符串 strKey = AesHelper.AESEncrypt(EnStr, strWorkKey, RNGCSP.RNGGetRandom()); if(!string.IsNullOrWhiteSpace(strKey)) { strKey += "@" + RNGCSP.RNGGetRandom(); } return strKey; } /// /// 解密字符串 /// /// ///public string WorkDecrypt(RootModel rmd, string strDecrypt) { //解密工作秘钥 (加密方式AES/CBC/ISO10126) string strWorkKey= AesHelper.AESDecryptNew(rmd.workKeyEcpt, rmd.rootKey, rmd.workKeyIV); string strNew = string.Empty; if (!string.IsNullOrWhiteSpace(strDecrypt)) { if(strDecrypt.Contains("@")) { string[] arr = strDecrypt.Split('@'); if (arr.Length>1) { //解密字符串 strNew = AesHelper.AESDecryptNew(arr[0], strWorkKey, arr[1]); } } } return Encoding.UTF8.GetString(Convert.FromBase64String(strNew)); } static void Main(string[] args) { Program pro = new Program(); RootModel rm = new RootModel(); //根密钥 rm.rootKey = "M2UyYzQ0NmMwNjNjYTQ4OA=="; //工作秘钥IV rm.workKeyIV = "mlJDbTEmDjBD/1xy6jBomg=="; //工作秘钥加密后 rm.workKeyEcpt = "3R8RaUxY1Fy7UJ8BvOdYbYxkL6fzdXaOfObdl21bxaI="; //解密字符串 string strDecrypt = "EjwONCy04h0/AE3l+A4y9A==@Uz2VFravYLeG+oyqrFUS7w=="; //解密字符串 //string strChar = pro.WorkDecrypt(rm, strDecrypt); //加密字符串 string strEnChar = pro.CharEncrypt(rm, "testpjf"); Console.WriteLine(strEnChar); //string strChar = pro.WorkDecrypt(rm, strEnChar); ////生成根秘钥 初始向量、秘钥因子(字符串) byte[] RootKey = new byte[32]; ////生成根密钥(PBDF2导出根密钥) string RootSecretKey = pro.EncodePassWord("M2UyYzQ0NmMwNjNjYTQ4OA=="); Console.ReadKey(); } public string EncodePassWord(string strPwd) { return PasswordSecurity.PasswordStorage.CreateHash(strPwd); // sha1:64000:18:ou2x9eUw82+dnxGetsTaNJLzLXiaElu8:7Ga+qwM4g8Bb/iPOfnQTd6HA // sha1:64000:18:8daBj8djNvUBLE5Y3vRTvMaooydwBfYg:EV9mmvk1oinBGPoufd3aQ85m //Assert.IsNotNull(hashPassword); } public bool decodePassWord(string strPwd,string strEncodePwd) { return PasswordSecurity.PasswordStorage.VerifyPassword(strPwd,strEncodePwd); // Assert.IsTrue(result); } } } using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Threading.Tasks; namespace TestPassword { using System; using System.IO; using System.Text; using System.Security.Cryptography; //生成随机数 public class RNGCSP { private static RNGCryptoServiceProvider rngCsp = new RNGCryptoServiceProvider(); private static int S_BYTES = 16; public static string RNGGetRandom() { string strResult=string.Empty; byte[] salt = new byte[S_BYTES]; try { using (RNGCryptoServiceProvider csprng = new RNGCryptoServiceProvider()) { csprng.GetBytes(salt); } } catch (CryptographicException ex) { return null; } return Convert.ToBase64String(salt); } } } using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Threading.Tasks; namespace TestPassword { public class RootModel { /// /// 加密后根密钥 /// public string rootKey { get; set; } ////// 加密后工作秘钥 /// public string workKeyEcpt { get; set; } ////// 工作IV盐值 /// public string workKeyIV { get; set; } } } using System; using System.Collections.Generic; using System.Linq; using System.Security.Cryptography; using System.Text; using System.Threading.Tasks; namespace TestPassword { public class AesHelper { ////// AES加密 (128-ECB加密模式) /// /// 内容 /// 秘钥 ///public static string AESEncrypt(string toEncrypt, string key,string IV) { try { // byte[] keyArray = Convert.FromBase64String(key); byte[] toEncryptArray = Convert.FromBase64String(Convert.ToBase64String(Encoding.UTF8.GetBytes(toEncrypt))); byte[] IVArray = Convert.FromBase64String(IV); using (RijndaelManaged rDel = new RijndaelManaged()) { rDel.Key = keyArray; rDel.IV = IVArray; rDel.Mode = CipherMode.CBC; rDel.Padding = PaddingMode.ISO10126; ICryptoTransform cTransform = rDel.CreateEncryptor(); byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length); return Convert.ToBase64String(resultArray, 0, resultArray.Length); } } catch { return null; } } /// /// AES解密(128-ECB加密模式) /// /// 密文 /// 秘钥(Base64String) ///public static string AESDecryptNew(string toDecrypt, string Rootkey,string IV) { try { byte[] RootkeyArray = Convert.FromBase64String(Rootkey); //128bit byte[] toEncryptArray = Convert.FromBase64String(toDecrypt); byte[] IVArray = Convert.FromBase64String(IV); //128bit using ( RijndaelManaged rDel = new RijndaelManaged()) { rDel.Key = RootkeyArray; //获取或设置对称算法的密钥 rDel.Mode = CipherMode.CBC; //获取或设置对称算法的运算模式,必须设置为CBC rDel.IV = IVArray; rDel.Padding = PaddingMode.ISO10126; //获取或设置对称算法中使用的填充模式,必须设置为PKCS7 ICryptoTransform cTransform = rDel.CreateDecryptor(); //用当前的 Key 属性和初始化向量 (IV) 创建对称解密器对象 byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length); return Convert.ToBase64String(resultArray); } } catch { return null; } } } }