C#和Node.js / crypto的通用encryption/解密代码示例
我正在尝试在IIS中使用应用程序请求路由(ARR)将一组path传递给Node.js网站。 我的问题是能够获取/设置身份validation票在任何一方。
我只是真的需要一个简单的encryption/解密对的例子,它将为C#和Node.js开箱即用,两者的结果相同。 我会在接下来的几天内自己处理这个问题,并打算回答,如果没有人在我面前答案。
我的意图是在Node.js端将节点端写为连接/expression模块。 我已经在ASP.Net解决scheme中进行了自定义身份validation,并且可以轻松地将我当前的方法replace为在两个平台上都可以安全的方法(只要它们共享相同的密钥)。
当前在AccountController.cs创buildvalidationCookie的代码
private void ProcessUserLogin(MyEntityModel db, SiteUser user, bool remember=false) { var roles = String.Join("|", value:user.SiteRoles.Select(sr => sr.Name.ToLowerInvariant().Trim()).Distinct().ToArray()); //update the laston record(s) user.UserAgent = Request.UserAgent; user.LastOn = DateTimeOffset.UtcNow; db.SaveChanges(); // Create and tuck away the cookie var authTicket = new FormsAuthenticationTicket( 1 ,user.Username ,DateTime.Now ,DateTime.Now.AddDays(31) //max 31 days ,remember ,string.IsNullOrWhiteSpace(roles) ? "guest" : roles ); var ticket = FormsAuthentication.Encrypt(authTicket); var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticket); if (remember) cookie.Expires = DateTime.Now.AddDays(8); Response.Cookies.Add(cookie); }
当前的代码来读取Global.asax.cs的authenticationCookie
void Application_AuthenticateRequest(object sender, EventArgs args) { HttpCookie authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName]; if (authCookie == null) return; FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value); string[] roles = authTicket.UserData.Split(new Char[] { '|' }); //create new generic identity, and corresponding principal... var g = new GenericIdentity(authTicket.Name); var up = new GenericPrincipal(g, roles); //set principal for current request & thread (app will handle transitions from here) Thread.CurrentPrincipal = Context.User = up; }
Web.config相关部分
<?xml version="1.0" encoding="utf-8"?> <configuration> <system.web> <membership> <providers> <!-- Remove default provider(s), so custom override works --> <clear /> </providers> </membership> </system.web> </configuration>
这是一个使用DESalgorithm的工作示例。 参考
using System; using System.Text; using System.Security.Cryptography; public class Test { public static string Encrypt(string toEncrypt, string key, bool useHashing) { byte[] keyArray; byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes(toEncrypt); if (useHashing) { MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider(); keyArray = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes(key)); } else keyArray = UTF8Encoding.UTF8.GetBytes(key); var tdes = new TripleDESCryptoServiceProvider(); tdes.Key = keyArray; // tdes.Mode = CipherMode.CBC; // which is default // tdes.Padding = PaddingMode.PKCS7; // which is default Console.WriteLine("iv: {0}", Convert.ToBase64String(tdes.IV)); ICryptoTransform cTransform = tdes.CreateEncryptor(); byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length); return Convert.ToBase64String(resultArray, 0, resultArray.Length); } public static void Main() { Console.WriteLine("encrypted as: {0}", Encrypt("12345", "abcdefghijklmnop", false)); } }
哪个输出
iv: pdMBMjdeFdo= encrypted as: 3uDkdT6aQ3c=
在node.js中使用正确的des-ede-cbcalgorithm:
var crypto = require('crypto'); var alg = 'des-ede-cbc'; var key = new Buffer('abcdefghijklmnop', 'utf-8'); var iv = new Buffer('pdMBMjdeFdo=', 'base64'); var encrypted = new Buffer('3uDkdT6aQ3c=', 'base64'); var source = '12345'; var cipher = crypto.createCipheriv(alg, key, iv); var encoded = cipher.update(source, 'ascii', 'base64'); encoded += cipher.final('base64'); console.log(encoded, encrypted.toString('base64')); var decipher = crypto.createDecipheriv(alg, key, iv); var decoded = decipher.update(encrypted, 'binary', 'ascii'); decoded += decipher.final('ascii'); console.log(decoded, source);
哪个输出
3uDkdT6aQ3c= 3uDkdT6aQ3c= 12345 12345