gpt4 book ai didi

c# - MachineKey.Protect 如何工作?

转载 作者:太空宇宙 更新时间:2023-11-03 12:34:51 25 4
gpt4 key购买 nike

在该方法的官方描述中,微软在以下链接中解释说 MachineKey.Protect“通过加密签名来保护指定的数据”:https://msdn.microsoft.com/en-us/library/system.web.security.machinekey.protect(v=vs.110).aspx

这是什么意思?它如何决定加密、签名或两者兼而有之?

最佳答案

两者都是MSDN documentation.NET Web Development and Tools Blog不要确切说明这是如何工作的,但是this article提到 MachineKey API 执行这两个操作(顺便说一下,这更安全)。

我更深入地了解了 .NET 引用源,显然这是真的。查看这段代码:

using (ICryptoTransform encryptor = encryptionAlgorithm.CreateEncryptor()) {
using (CryptoStream cryptoStream = new CryptoStream(memStream, encryptor, CryptoStreamMode.Write)) {
cryptoStream.Write(clearData, 0, clearData.Length);
cryptoStream.FlushFinalBlock();

// At this point:
// memStream := IV || Enc(Kenc, IV, clearData)

// These KeyedHashAlgorithm instances are single-use; we wrap it in a 'using' block.
using (KeyedHashAlgorithm signingAlgorithm = _cryptoAlgorithmFactory.GetValidationAlgorithm()) {
// Initialize the algorithm with the specified key
signingAlgorithm.Key = _validationKey.GetKeyMaterial();

// Compute the signature
byte[] signature = signingAlgorithm.ComputeHash(memStream.GetBuffer(), 0, (int)memStream.Length);

// At this point:
// memStream := IV || Enc(Kenc, IV, clearData)
// signature := Sign(Kval, IV || Enc(Kenc, IV, clearData))

// Append the signature to the encrypted payload
memStream.Write(signature, 0, signature.Length);

// At this point:
// memStream := IV || Enc(Kenc, IV, clearData) || Sign(Kval, IV || Enc(Kenc, IV, clearData))

// Algorithm complete
byte[] protectedData = memStream.ToArray();
return protectedData;
}
}
}

这来自 NetFXCryptoService,如果您没有配置 DataProtector,它是默认的加密提供程序

关于c# - MachineKey.Protect 如何工作?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/41431537/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com