mã hóa trong .net
DESCRIPTION
Mã hóa sử dụng thư viện .NETTRANSCRIPT
-
1
CHNG 1: GII THIU .NET FRAMEWORK
1.1. nh ngha.
.NET framework l mt nn tng lp trnh v cng l mt nn tng thc thi ng
dng ch yu trn h iu hnh Microsoft Windows c pht trin bi Microsoft.
Cc chng trnh c vit trn nn.NET Framework s c trin khai trong mi
trng phn mm (ngc li vi mi trng phn cng) c bit n vi tn
Common Language Runtime (CLR). Mi trng phn mm ny l mt my o trong
cung cp cc dch v nh an ninh phn mm (security), qun l b nh (memory
management), v cc x l li ngoi l (exception handling).
.NET framework bao gm tp cc th vin lp trnh ln, v nhng th vin ny
h tr vic xy dng cc chng trnh phn mm nh lp trnh giao din; truy cp,
kt ni c s d liu; ng dng web; cc gii thut, cu trc d liu; giao tip mng...
CLR cng vi b th vin ny l 2 thnh phn chnh ca.NET framework.
.NET framework n gin ha vic vit ng dng bng cch cung cp nhiu
thnh phn c thit k sn, ngi lp trnh ch cn hc cch s dng v ty theo
s sng to m gn kt cc thnh phn li vi nhau. Nhiu cng c c to ra
h tr xy dng ng dng .NET, v IDE (Integrated Developement Environment)
c pht trin v h tr bi chnh Microsoft l Visual Studio.[1]
1.2. Kin trc ca .Net framework
.Net framework c gii thiu bao gm 2 thnh phn chnh l Common
Language Runtime (CLR) v Base Class Libraries (BCL). Mt trong cc thnh phn
ny u c vai tr cc k quan trng trong vic pht trin cc dch v v cc ng
dng ca .Net.
Common Language Runtime (gi tt l b thc thi) c xy dng trn cc dc
v iu hnh. N chu trch nhim thc hin cc ng dng v m bo cc phn lin
quan n ng dng u c ap ng nh qun l b nh, an ninh bo mt, tch hp
ngn ng, B thc thi bao gm nhiu dch v h tr pht trin v trin khai ng
dng cng nh cu thin ng tin cy ca ng dng. Tuy vy, nhng nh pht trin
-
2
trn thc t khng tng tc vi CLR. H s dng mt tp cc th vin c s c
xy dng bn trn b thc thi ny thng qua cc ngn ng lp trnh. Nh l mt
phn ca cc lp c s, .Net framework cn cung cp mt m hnh lp trnh ng
dng cho Web ASP.Net cung cp cc thnh phn v cc dch v mc cao hn
nhm mc ch pht trin cc dch v v cc ng dng Web XML.
Hnh 1.1: S kin trc .Net framework
1.2.1. Common Language Runtime CLR.
Common Langua Runtime trong .Net framework qun l s thc hin m v
cung cp s truy cp vo nhiu loi dch v gip cho qu trnh pht trin c d
dng hn. Common Language Runtime c kh nng tch hp cc ngn ng, bo mt
truy cp m, qun l thi gian sng ca i tng v h tr g li.
M c bin dch v hng ti CLR c tn managed code. Managed code
cung cp siu d liu cn thit cho CLR cung cp cc dch v h tr a ngn ng,
bo mt, qun l thi gian sng v qun l b nh.
-
3
1.2.2. Base Class Libraries.
Th vin cc lp c s .Net framework cung cp mt tp cc lp, hng i
tng c th bc v c th m rng chng c s dng bi bt c ngn ng lp
trnh no. Nh vy, tt c cc ngn ng t Jscript ti C++ tr nn bnh ng v cc
nh pht trin c th t do la chn ngn ng m h vn quen dung.
Tp cc lp, cc kiu gi tr v giao din ny c t chc bng mt h thng
Namespace. khai bo mt Namespace ta dng:
namespace NamespaceName
{
// ni cha ng tt c cc class
}
Trong ,
Namespace: l t kha khai bo mt NameSpace
NamespaceName: l tn ca mt Namespace
1.2.3. ASP.Net.
ASP.Net l mt tp hp cac lp nm trong th vin lp c s. ASP.Net cung cp
mt m hnh ng dng Web di dng mt tp cc i tng iu khin v cung
cp c s h tng gip bn to ra cc ng dng Web mt cch d dng. Cc i
tng iu khin ny c xy dng cho cc ng dng trn my phc v phn nh
nhng i tng iu khin giao din ngi dng HTML c th nh listbox,
textbox, button,..vv.
ASP.Net cng cung cp nhng c tnh nh qun l trng thi v phc hi tin
trnh gip gim bt s lng m m mt ngi pht trin phi vit v tng tin cy
ca ng dng. Ngoi ra ASP.Net cho php cc nh pht trin chuyn giao phn mm
nh l mt dch v. Khi s dng nhng c tnh cc dch v Web XML ASP.Net,
cc nh pht trin ASP.Net c th vit nhng giao dch logic n gin v c s h
tng ASP.Net s chu trch nhim chuyn dch v theo ng SOAP v cc giao
thc khc. ASP.Net lm vic vi mi ngn ng v cng c.
-
4
CHNG 2: .NET FRAMEWORK TRONG BO MT
2.1. .Net Framework v Common Language Runtime.
.Net framework v Common Language Runtime cho php ngi lp trnh lm
vic n gin hn vi cc phng php bo mt. Gi s nh chng li vic thng
tin b nh cp bng cch s dng phng php bo mt thch hp trong chng
trnh. Cc m c c th ngn chn bng vic phn quyn ngi s dng v bo v
truy cp m ngun.
Di y l mt s cc tnh nng c cung cp bi nn tng .Net framework
kh quan trng trong vn an ninh v m ha:
Thit lp cc chnh sch an ninh v tnh xc thc.
Quyn thi hnh da trn tnh xc thc v chnh sch an ninh.
Quyn truy cp thng qua vic xc thc ngi dng v vai tr ca ngi
dng.
Qun l v xc thc mi trng ng dng.
Lp Crytography cung cp cc thut ton m ha an ton.
2.2. .Net Framework v Common Language Runtime.
Mt vn ln trong lp trnh cc phng php an ninh s dng Win32 API l rt
kh khan trong hiu v s dng. Nhng dng m kh hiu c sp xp li s
l mt cch n gin nht, v d nh vic ly kha trong Cryptographic Service
Provider (CSP) m rt nhiu ngi pht trin thng b qua n. Nhng pht trin
thng p dng chnh sch an ninh bng vic dng Win32 API, h thng phi c
gng lm mt li lp trnh phc tp.
.Net framework cung cp nhiu phng php n gin bng cch a Win32
Security API vo mt i tng n gin hn. Rt nhiu php ton nh ly kha t
trong CSP gi c th t ng ly kha trong lp an ninh ca .Net Security
framework. Thm na mi lp trong .Net Security framework c tch hp cc tnh
-
5
nng an ninh c v khai bo nh lp c nim phong khng th nh cp v b
l.
2.3. tin cy v nn tng ca .Net framework.
Khi s dng bt k mt bin php an ninh hay cc k thut m ha, phi chc
chn v tin cy ca chng trnh. Nn tng .Net tin xa mt bc gii quyt
vn v tin cy. .Net framework x l rt nhiu dch v an ninh t ng ng
tin cy nh:
Kim tra gii hn trong qu trnh chy chng trnh trnh s tht thot
b nh v trn stack.
Kim tra kiu d liu trong qu trnh chy chng trnh trnh a ra
kiu d liu sai.
i dc stack kim tra s cho php gi m.
T ng gom rc mt cch hiu qu tit kim b nh.
Kim sot li trnh nhng li bt thng trong qu trnh chy.
Bo v theo vai tr xc thc v gii hn thc thi cho ngi s dng.
Bo v theo chng thc qun l vic cho php s dng m c s.
2.4. Qun l kiu m v nh kiu an ton.
M c th s dng dch v ca CLR c tn l qun l m. CLR cung cp mt tp
hp dch v, nh kim tra nh kiu an ton v t ng thu gom rc, lm tng tnh
tin cy v tnh an ton. s dng c nhng dch v ca CLR, qun l m cn
phi d on trc, sp xp v kiu ng nht. nh kiu an ton hon ton c th
thc hin c v CLR hiu chi tit v loi d liu no ang c qun l. S dng
c s hiu bit , CLR c th p kiu chnh xc a ra cc lut trong vic
nh kiu an ton.
thc hin vic kim tra kiu an ton, .Net tch hp thm cc d liu ln
nh ngha m ngun v d liu cha trong chng trnh. Trnh qun l m c t
-
6
ng chp nhn hoc t chi bi CLR. Trnh qun l b nh t ng ny gn ging
vi vic thu gom rc. Thu gom rc chng li vic r r b nh v tng tin cy.
2.5. Lp Cryptography v mt s hm m ha c ng dng trong .Net
Framework
2.5.1. Tng quan lp Cryptography.
Microsoft ng k bn quyn s hu Win32 Cryptography API (CryptoAPI) vo
nm 1996 tch hp trong Win NT. Mc d CryptoAPI cung cp y s h tr cho
ngnh lp trnh mt m, nhng n rt kh s dng. Phi tht s hiu r v mt m
hc v phi lm vic vi rt nhiu cc thnh phn cng nh nhng con s ln trong
API. .Net framework lm n gin ha vic s dng API bng cch cung cp mt
lp vi tn gi System.Security.Cryptography dng cho lp trnh m ha. Cch s
dng th vin Cryptography.
using System.Security.Cryptography;
System.Security.Cryptography c mt s lp chnh nh sau:
SymmetricAlgorithm: Lp m ha i xng. M ha theo cc thut ton
m ha i xng nh: DES, Rijndael, Triple DES, RC 2.
AsymmetricAlgorithm: Lp m ha bt i xng, n s m ha theo cc
thut ton RSA, DSA.
CryptoStream: Kt ni dng d liu ngun vi cc thut ton m ha.
CspParameters: Cha thng tin ca cc tham s trong nhng thut ton
c bit c th lu tr v ly li thng tin qua CSP.
HashAlgorithm: Lp c s h tr thut ton bm.
RandomNumberGenerator: Lp c s sinh s ngu nhin.
ToBase64Transform v FromBase64Transform: Dng chuyn i
cc dy Byte v Base64.
CryptographicException: Cha thng tin v li ca cc loi m khc
nhau.
-
7
Hnh 2.1: Cc lp trong Cryptography
2.5.2. Cc thut ton m ha i xng trong .Net.
Cho thy cch mt m i xng hot ng. Lu rng ngi gi v ngi nhn
(v d, Bob v Alice) phi ng trc v nhng g cha kha v nhng thut ton
b mt c s dng. Cng vi cc thut ton, c nhng chi tit c lin quan, chng
hn nh cc vector khi to, phng thc hot ng v padding cng phi c
tho thun.
-
8
Hnh 2.2: Qu trnh m ha v gii m thut ton m ha i xng
Cc lp .Net framework thc thi thut ton m ha i xng thng qua lp c
s SymmetricAlgorithm. Lp SymmetricAlgorithm c mt vi trng c khai bo
protected nn khng th truy vn trc tip vo phng thc khng c cung cp
bi lp. Tuy nhin nhng trng ny c th truy vn thng qua cc thuc tnh o,
thuc tnh o thc thi c th trn lp c th. V d nh trng s nguyn
BlockSizeValue c th truy vn thng qua thuc tnh BlockSize theo kiu thch hp,
da trn lp thc t ang s dng. Theo cch ny, vic c gng t c ca khi thnh
gi tr c th l khng hp php trong thut ton m ha i thnh gi tr c th l
khng hp php trong thut ton m ha i xng, s c cho php bi
CryptographicException, da trn thut ton c th ang c s dng. Trong mi
trng hp c khai bo protected v thuc tnh o s c chung kiu d liu v
tn s cng c loi b ch c gi tr gn lin vi trng c khai bo protected
-
9
c gi li. Cc thuc tnh c trong lp SymmetricAlgorithm c th hin nh
sau:
Thuc tnh ngha
BlockSize Kiu int. Ly hoc t gi tr cho kch c khi di dng
cc bit cho thut ton, d liu tng th c th c m
ha hoc gii m trong mt bc. D liu m ln hn kch
c khi s c chia ra cc khi khc c kch c ging
nh khi to. Khi cui cng s c gn thm kch c
ca n
IV Kiu mng Byte. Ly hoc t gi tr ban u cho vector
trong thut ton m ha i xng, bt buc phi c mt
s ch Cirpher Mode.
Key Kiu mng Byte. Ly hoc t gi tr cho kha b mt s
dng trong thut ton m ha i xng m ha hoc
gii m.
KeySize Kiu int. Ly hoc t c cho kha b mt di dng cc
bit. Kch c thch hp s c phn bit bi
LegalKeySizes trong mi thut ton.
LegalKeySizes Ly kch c ca kha c h tr trong thut ton m ma
i xng.
LegalBlockSizes Ly kch c ca khi c h tr trong thut ton m ha
i xng..
Mode Kiu CipherMode. Ly hoc t ch thc hin trong
cc thut ton.
-
10
Padding Kiu PaddingMode. Ly hoc t gi tr chn vo cc byte
cn trng ca khi cui cng.
Bng 2.1: Cc thuc tnh ca Symmetric Algorithm.
SymmetricAlgorithm c thit k l lp public v khng cha tham s. Kiu
thit k ny to ra cc kha b mt khc nhau. Tt nhin, SymmetricAlgorithm cng
h tr cc phng thc chun Equals, Finalize, GetHashCode, ToString, GetType
v MemberwiseClone nhng phng thc m c nh ngha lp Object c
s.
Phng thc chung ngha
Clear Phng thc tr v kiu void. S gi Dispose, gii phng
ngun c s dng trong thut ton m ha i xng.
Create Phng thc tr v i tng SymmetricAlgorithm. To
i tng SymmetricAlgorithm m ha hoc gii m.
CreateDecryptor To i tng gii m s dng kha v vector khi to.
Phng thc tham chiu n ICrptoTranform s dng
chuyn d liu thnh cc khi.
CreateEncryptor To i tng m ha s dng kha v vector khi to.
Phng thc tham chiu n ICrptoTranform s dng
chuyn d liu thnh cc khi.
Equals K tha t lp Object, s dng so snh 2 i tng
SymmetricAlgorithm cho bng nhau. Gi tr tr v c dng
bool.
GenerateIV Khi to gi tr vector bt k. Tr v kiu void.
GenerateKey Khi to kha bt k. Tr v kiu void.
-
11
GetHashCode K tha t lp Object, cung cp gi tr bm cho i tng
SymmetricAlogrithm. Tr v kiu int.
GetType K tha t lp Object, s dng ly kiu cho i tng
SymmetricAlogrithm. Tr v kiu Type.
ToString K tha t lp Object, s dng cung cp chui hin th
cho i tng SymmetricAlogrithm.
ValidKeySize Phng thc ny quyt nh khi kch c kha ph hp vi
thut ton ang s dng. Tr v kiu bool.
Bng 2.2: Cc phng thc c trong SymmetricAlgorithm.
Chng ta khng lm vic trc tip vi i tng SymmetricAlgorithm, v y l
mt i tng tru tng. Bn s lm vic vi cc class c cung cp v n hot
ng nh mt phng thc o ca Symmetric Algorithm di y l s cc lp
trong SymmetricAlgorithm.
-
12
Hnh 2.3: Cc thut ton m ha bt i xng c trong lp Symmetric
Algorithm.
Chng ta c th thy trong hnh 2.3 l cc lp c trong lp SymmetricAlgorithm,
chng cng l cc lp tru tng. By gi chng ta s tm hiu nha ca cc lp
v cch khai bo:
DES l lp tru tng ng gi theo thut ton m ha i xng. Cch
khai bo:
DESCryptoServiceProvider desCSP = new DESCryptoServiceProvider();
TripleDES l lp tru tng ng gi theo thut ton m ha i xng
Triple DES, thut ton ny c an ton cao hn DES. Cch khai bo:
-
13
TripleDESCryptoServiceProvider tdesCSP = new
TripleDESCryptoServiceProvider();
Rijndael l lp tru tng ng gi theo thut ton m ha i xng.
Cch khai bo:
AesCryptoServiceProvider aesCSP = new AesCryptoServiceProvider();
RC 2 l lp tru tng ng gi theo thut ton m ha i xng. Cch
khai bo:
RC2CryptoServiceProvider rc2CSP = new RC2CryptoServiceProvider();
Kch thc kha v kha mc nh ca cc thut ton m ha i xng c s dng
trong .Net framework:
Thut ton Kch thc kha hp l Kch thc kha mc nh
DES 64 bit 64 bit
RC 2 T 40 n 128 bit 128 bit
Triple DES 128, 192 bit 192 bit
Rijndael 128, 192, 256 bit 256 bit
Bng 2.3: Kch thc kha ca cc thut ton m ha i xng
2.5.3. Cc thut ton m ha bt i xng trong .Net.
s dng mt m khng i xng, Bob ngu nhin to ra mt cp public v
private key. Bob cho php tt c mi ngi truy cp vo kha cng khai, trong
c Alice. Sau , khi Alice c mt s thng tin b mt m c mun gi cho Bob, c
m ha d liu bng cch s dng mt thut ton bt i xng thch hp v kha
cng khai c to ra bi Bob. Sau c gi bn m kt qu cho Bob. Bt c ai
khng bit kha b mt s mt mt thi gian di ly bn r t bn m ny, nhng
Bob c kha b mt v c th d dng gii m bn r ban u. Hnh 4-1 cho thy
cch m ha bt i xng c s dng.
-
14
Hnh 2.4: Cch m ha bt i xng c s dng.
.Net framework thc thi thut ton m ha i xng thng qua lp c s
AsymmetricAlgorithm cng ging nh vic s dng cc thut ton m ha i xng
thng qua lp SymmetricAlgorithm. Sau y l s cc lp trong lp
AsymmetricAlgorithm:
-
15
Hnh 2.5: Thut ton m ha i xng trong lp Asymmetric Algorithm.
Cc phng thc c th hin trong lp AsymmetricAlgorithm:
Phng thc chung ngha
KeySize Kch thc ca kha tnh theo bit
LegalKeySizes Gi tr kch thc kha hp l tnh the byte ca thut
ton m ha bt i xng hin ti
KeyExchangeAlgorithm Ch nh thut ton trao i kha c s dng v
cch thc trao i kha cng khai v kha b mt
SignatureAlgorithm Ch nh thut ton c s dng k trn i tng
hin thi
FromXmlString() Ti to li i tng thut ton m ha bt i xng
t 1 file XML
-
16
ToXmlString() Tr v mt th hin XML cho i tng bt i xng
ang s dng
Bng 2.4: Cc phng thc chung ca lp Asymmetric Algorithm.
Cch khai bo thut ton m ha bt i xng RSA:
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
Sinh cp kha b mt v cng khai lu di dng file .XML:
tbxPublicKeyAsym.Text = rsa.ToXmlString(false);
tbxPrivateKeyAsym.Text = rsa.ToXmlString(true);
trong thut ton m ha bt i xng, kha cng khai v kha b mt u c
lu di dng XML. Sau y l cu trc ca file XML gm:
Modulus: Gi tr m-un ca kha, n.
Exponent: Gi tr m ca kha, e.
D: Gi tr kha b mt, d.
P: c s dng tng hiu qu ca thut ton RSA.
Q
DP
DQ
InverseQ:
Kha cng khai:
rDfiEFFnSsTOckbA/gh7H75f7yQAGpsRNDFFuTxlepQA/oLoZVEdC
u4fyzNPzRl9Z5Lz25EDnOwliX2Py6vljxVIPQHC/H5n+yYSUvZtdiL9ELPxI2Tz
9807TWWDvKm7nx/4XeYvLc4/8swMnbaaUSktX3bHvaElLUV/DCQck/5XU+Q
49+/2+bF6IuwsNadNYOx3JgfkmYvPHmIEbLoqgKByBrKp4jnR+gOD7rzUPqvL
EfYLMvLGAPRCbYn4AvbA8Mnpo1s4PhypY3wW7O46WGElM7B/VWksltJ+h
9+/xCy2jptNlxmRJrB2sIf61EdK3TTFGlV6LnNE4LLpwQM9WQ==
AQAB
Kha b mt:
-
17
rDfiEFFnSsTOckbA/gh7H75f7yQAGpsRNDFFuTxl
epQA/oLoZVEdCu4fyzNPzRl9Z5Lz25EDnOwliX2Py6vljxVIPQHC/H5n+yYSU
vZtdiL9ELPxI2Tz9807TWWDvKm7nx/4XeYvLc4/8swMnbaaUSktX3bHvaElLU
V/DCQck/5XU+Q49+/2+bF6IuwsNadNYOx3JgfkmYvPHmIEbLoqgKByBrKp4j
nR+gOD7rzUPqvLEfYLMvLGAPRCbYn4AvbA8Mnpo1s4PhypY3wW7O46WG
ElM7B/VWksltJ+h9+/xCy2jptNlxmRJrB2sIf61EdK3TTFGlV6LnNE4LLpwQM9
WQ==
AQAB
1dVpO8WVUeCUI+8DmSZdAy6wLERPDaC/ntK+sRF0IFPRzkGUCexC7J4
SlCjmm7nmzY0OenpnyAh4X9Gamt9rpTSX765w0bdF8N9GyiZGKwi8H2AwY5
4giXPBFuOmfYkt1kDqEC/jg5nyeufITfWPH3lHBxMzlbzrwUuRqUuw0LE=
zi2tb/DxAfRyK6/LWuaCvZAeCDMUkfuuRnzwrgUBaeti41T8HfQRzLCpag
3p+nes4SSFm0KFuz6JO+tSSjEJ1Ee2v2PATEO6VC9M3PW9I/N31WPCR4gtzG
FTkSIM4KlrTiJbMq37RvkbuaLaoBi5c6HFH4OEyTEht8lEth47ISk=
quiI1KJGh4ulO9dEm/riqrF9U9RBDxZlMa8lhOb7Vv9HmMAnb4rrrq1lEhB
iySLby3yrjs8Y9fN3KragCJr8Ma4IpiRZvfTrLOt4bAgNW0X+/mDmLCjtvo7LTN
0la/7hqPZ3Xfq4sK2x9fQdz9mtzC0lzQzW1R6LnBInWRXLO/E=
ANvd2haF2n07MIVl8nX9W27LQTt9PXJv8mk403C/5cIOQmYrOrC2lkSy
H/f43os7FCED0XbAedwz1CURza9QnCrETx3KQkcR8qHTzyPS6uBrwl7NA2FE
15IcOAGNTi5GfSfVe2uQHWaSP/62rG4N77ZfzNbOacwjmNFk0OFlW6k=
NTNFwG5f/bA0paO6R7bgQnsAgM5R51BghexThn4dxlqXlU2QBHx
snPhV15IKJHwTEYQv+oUM5r5OiHWZxbtucqZemsD4PcUprjoaZaYqJ29fZ98S
d4xi96MZIDTFvU8YXfJyY55Bod4+/I3laNxg28U3DEoY/gu4u3HV99FmOcc=
CQhMS8FNOtNsJXu3AwvUU1OjifIYLE0OP6/G4aJ8iwuIqtCYWjoBHTHki
n6INLBdzqkbL5yhNSGAjX+/ozXCjjjWR1bYkHAbyYUTaHUCxDOtFKtvXgUd
M5W4wsQsfuBjFgMx/lDEkDE1UulnTv1FBjUz60IaU0SIo+F1eqBJPGzAReBm
BHSDKTjt+6xhpefjZRxTsH+um5zuRphBii8CvbOmTetNaMaIfvE7Huydy4eEc3y
nyFcZyxFiMzilxgDIS+Brr7Hm2za5v2dKeAleK0E2fWHWJ1tPwK0Re1XTDzTP
cYTrfpAJ2rPjpsOm4hqMLjt9ptb+VygPooNQYSV4YQ==
Cc bc thc hin thut ton RSA m ha file bng public key:
Chia nh bn r thnh cc khi d liu nh hn hoc bng 128 byte.
M ha cc khi nh d liu bng public key v hm m ha.
Ni cc khi m ha thnh bn m.
Thc hin gii m file bng private key.
-
18
Chia nh bn m thnh cc khi d liu bng 128 byte.
Gii m tng khi nh bn m bng private key v hm gii m.
Ni cc khi gii m thnh bn r.
Gii thut k s (Digital Signature Algorithm, vit tt DSA) l chun ca chnh
ph M hoc FIPS cho cc ch k s. Gii thut ny c ngh bi Vin cc tiu
chun v cng ngh quc gia (NIST) vo thng 8/1991 s dng trong chun ch
k s (DSS), c ch ra trong FIPS 186, c chp nhn nm 1993. Mt sa i
nh c a ra nm 1996 trong FIPS 186-1, chun c m rng hn nm 2000,
c xem nh FIPS 186-2.[1]
Hot ng ca DSA:
To kha.
K ln bn r.
Kim tra tnh hp l ca ch k.
2.5.4. Cc thut ton hm bm trong .Net framework.
C 2 loi thut ton hm bm thng dng l SHA-1 (Secure Hash Algorithm)
v MD5 (Message Digest). Thm na, mt vi phin bn mi ca SHA c
cng b. Gii thut ton bm c kha cng rt quan trng trong vic xc thc thng
tin. Tt c nhng th u c h tr bi .Net framework di dng cc lp trong
HashAlgorithm:
MD5
SHA-1
SHA-256
SHA-384
SHA-512
KeyedHashAlgorithm
Tm tt cc thut ton bm ca .Net framework.
-
19
Thut ton Kch thc khi
u vo (bit)
Tin nhn gii hn
(bit)
Kch thc m
bm (bit)
MD5 512 264 128
SHA-1 512 264 160
SHA-256 512 264 256
SHA-384 1024 2128 384
SHA-512 1024 2128 512
Bng 2.5: Cc thut ton hm bm.
Di y l s trong lp HashAlgorithm. Cc lp ny cng l lp tru tng
nn ta khng th thao tc trc tip ln lp. ng vi mi lp s c mt lp thc thi
c th v ta s s dng chng trc tip:
-
20
Hnh 2.6: Cc thut ton m ha bng hm bm.
Cch khai bo cc lp ca thut ton hm bm c trong .Net framework:
Khai bo MD5:
MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
byte[] hashKey = md5.ComputeHash(bytesKey);
-
21
Khai bo SHA-1:
SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider();
byte[] hashKey = sha1.ComputeHash(bytesKey);
Khai bo SHA-256:
SHA256CryptoServiceProvider sha2 = new SHA256CryptoServiceProvider();
byte[] hashKey = sha2.ComputeHash(bytesKey);
Khai bo SHA-384:
SHA384CryptoServiceProvider sha3 = new SHA384CryptoServiceProvider();
byte[] hashKey = sha3.ComputeHash(bytesKey);
Khai bo SHA-512:
SHA512CryptoServiceProvider sha5 = new SHA512CryptoServiceProvider();
byte[] hashKey = sha5.ComputeHash(bytesKey);
Khai bo lp KeyedHashAlgorithm, trong lp ny n thc thi c th da trn
lp HMACSHA1 v MACTripleDES. Nhng lp ny m ha thut ton hm bm
c kha da trn thut ton SHA-1 v TripleDES:
HMACSHA1 msha1 = new HMACSHA1 ();
MACTripleDES mtrdes = new MACTripleDES ();
Cc thuc tnh c trong lp hm bm.
Thuc tnh ngha
Hash Thuc tnh ny tr v gi tr ca m bm
tnh ton. N khng thng c s dng.
HashSize Thuc tnh ny tr v kch thc ca m
bm (bit) m thut ton bm to ra.
-
22
CanReuseTransform Cc thuc tnh t lp ICryptoTranform,
m khng lin quan trc tip n bm,
nhng c thc hin bi lp
HashAlgorithm
Bng 2.6: Cc thuc tnh c trong lp Hash Algorithm.
Cc phng thc ca lp Hash Algorithm:
Methods ngha
Create Phng thc tnh ny to ra mt th hin mi ca lp
HashAlgorithm bng tn.
ComputeHash Phng thc ComputeHash c s dng to ra m
bm t mng byte v lung d liu.
Initialize Lp ny c s dng bi cc lp hc thut ton thc hin
khi to trng thi ca h trc khi s dng.
Bng 2.7: Cc phng thc ca lp Hash Algorithm.
Nhng ngi lp trnh cn tha thun t tn chung hang tram cc chun,
thut ton v kiu d liu c t di mt ci tn duy nht. OIDs (Object
Identifiers) s c nh ngha v qun l bng s cc cu trc bao gm c ANSI
(American National Standards Institute) vi mc ch nh danh duy nht cc kiu
thng qua mt s phn cp logic. C s lng ln OIDs nh danh mi kiu
ring nh: giao thc, thut ton, cc kiu d liu. Phn ln cc thut ton m ha
c cng nhn bi ANSI u c ng k vi mt tn duy nht trong OIDs.
Chng ta s xem OIDs mt cch c th trong cc lp ca .Net Security Framework
nh SignHash v VerifyHash trong lp RSACryptoServiceProvider v
DSACryptoServiceProvider.
-
23
Cryptographic Hash Algorithm OIDs
MD5 1.2.840.113549.2.5
SHA-1 1.3.14.3.2.26
SHA-256 2.16.840.1.101.3.4.2.1
SHA-384 2.16.840.1.101.3.4.2.2
SHA-512 2.16.840.1.101.3.4.2.3
Bng 2.6: OIDs ca cc thut ton hm bm.
Sau y l mt v d minh ha vic s dng OIDs nh mt thnh phn trong
phng thc SignHash ca lp RSACryptoServiceProvider. Tt nhin n ch l gi
nh v bin hashbytes l mt mng byte c to ra bng cch gi hm
ComputerHash ca lp SHA-1.
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
Signaturebytes = rsa.SignHash(hashbytes,1.3.14.3.2.26);
-
24
CHNG 3: LP TRNH M HA TRONG .NET
FRAMEWORK
3.1. Lp trnh m ha i xng trong .Net.
3.1.1. M ha v gii m file vi thut ton m ha i xng.
Chng ta s cng xem mt chng trnh demo v cng gii thch lm th no
m ha mt file vi cc thut ton m ha i xng. Di y l mt s giao din
ca chng trnh.
Hnh 3.1: Giao din Symmetric Algorithm.
Giao din chng trnh gm 3 GroupBox: Symmetric Algorithm, Modes,
Padding. Symmetric Algorithm bao gm 4 thut ton DES, RC2, TripleDES,
Rijndael (AES) v 4 Radiobutton i din cho 4 loi m ha , y chn ch
mc nh l DES. Cirpher Modes bao gm 5 Radiobutton i din cho 5 ch l
ECB, CBC, CFB, OFB, CTS, chn ch mc nh l CBC. Padding bao gm 3
-
25
Radiobutton i din cho 3 ch padding PKCS #7, Zeros, None chn ch mc
nh l PKCS #7.
Khi load form hoc c s thay i Radiobutton Symmetric Algorithm th s
gi n hm khi to thut ton m ha i xng.
private void rbtDES_CheckedChanged(object sender, EventArgs e)
{
if (rbtDES.Checked == true)
{
tbxCreateKeySym.Enabled = false;
sa = SymmetricAlgorithm.Create("DES");
}
}
private void rbtRC2_CheckedChanged(object sender, EventArgs e)
{
if (rbtRC2.Checked == true)
{
tbxCreateKeySym.Enabled = true;
sa = SymmetricAlgorithm.Create("RC2");
}
}
private void rbt3DES_CheckedChanged(object sender, EventArgs e)
{
if (rbt3DES.Checked == true)
{
tbxCreateKeySym.Enabled = false;
sa = SymmetricAlgorithm.Create("TripleDES");
}
}
private void rbtAES_CheckedChanged(object sender, EventArgs e)
{
if (rbtAES.Checked == true)
{
tbxCreateKeySym.Enabled = true;
sa = SymmetricAlgorithm.Create("AES");
}
}
-
26
Modes, la chn ch mc nh CBC cho cc qu trnh m ha v gii m.
Khi c s thay i y s gi ti hm:
private void rbtEBC_CheckedChanged(object sender, EventArgs e)
{
if (rbtEBC.Checked == true)
{
sa.Mode = CipherMode.ECB;
}
}
private void rbtCBC_CheckedChanged(object sender, EventArgs e)
{
if (rbtCBC.Checked == true)
{
sa.Mode = CipherMode.CBC;
}
}
private void rbtCFB_CheckedChanged(object sender, EventArgs e)
{
if (rbtCFB.Checked == true)
{
sa.Mode = CipherMode.CFB;
}
}
private void rbtOFB_CheckedChanged(object sender, EventArgs e)
{
if (rbtOFB.Checked == true)
{
sa.Mode = CipherMode.OFB;
}
}
private void rbtCTS_CheckedChanged(object sender, EventArgs e)
{
if (rbtCTS.Checked == true)
{
MessageBox.Show("Not use!!!!");
rbtCBC.Checked = true;
}
}
-
27
Button Create Key v Create IV khi click vo s gi n GenKey() v GenIV()
dng sinh kha v sinh iv cho mi thut ton:
private void btnCreateKeySym_Click(object sender, EventArgs e)
{
if (rbtAES.Checked == true)
{
tbxCreateKeySym.Enabled = false;
tbxCreateKeySym.Text = GenKey();
}
tbxCreateKeySym.Text = GenKey();
}
private void btnCreateIV_Click(object sender, EventArgs e)
{
tbxCreateIVSym.Text = GenIV();
}
Hm GenKey() v GenIV().
public string GenKey()
{
sa.GenerateKey();
byte[] key = sa.Key;
string strKey = "";
foreach (int b in key)
strKey += b.ToString("X2") + " ";
return strKey;
}
public string GenIV()
{
sa.GenerateIV();
byte[] iv = sa.IV;
string strIV = "";
foreach (int b in iv)
strIV += b.ToString("X2") + " ";
return strIV;
}
-
28
Cc button Save Key v Save IV s lu key v iv thnh cc file c lu mc
nh .txt
private void btnSaveKey_Click(object sender, EventArgs e)
{
saveFD = new SaveFileDialog();
saveFD.DefaultExt = "txt";
saveFD.Title = "You want to save file?";
if (saveFD.ShowDialog() == DialogResult.OK)
{
SaveKey(saveFD.FileName);
}
}
private void btnSaveIV_Click(object sender, EventArgs e)
{
saveFD = new SaveFileDialog();
saveFD.DefaultExt = "txt";
saveFD.Title = "You want to save file?";
if (saveFD.ShowDialog() == DialogResult.OK)
{
SaveIV(saveFD.FileName);
}
}
Khi mun m ha v gii m ngi dng phi ch ng dn ca Key, IV qua
cc ng dn Load Key, Load IV v ng dn Source File, Destination File.
Bc vo qu trnh gii m, khi ngi dng click vo button Encrypt, khi c
y cc thng tin cn thit qu trnh m ha s din ra.
private void btnEncryptSym_Click(object sender, EventArgs e)
{
if (rbtAES.Checked == true)
{
EncryptData(4, tbxSourceFileSym.Text, tbxDesFileSym.Text,
HashKey(2, tbxCreateKeySym.Text), LoadIV(tbxLoadIVSym.Text));
MessageBox.Show("Encrypted!!!");
return;
}
-
29
if (rbtDES.Checked == true)
{
EncryptData(1, tbxSourceFileSym.Text, tbxDesFileSym.Text,
LoadKey(tbxLoadKeySym.Text), LoadIV(tbxLoadIVSym.Text));
MessageBox.Show("Encrypted!!!");
return;
}
if (rbt3DES.Checked == true)
{
EncryptData(3, tbxSourceFileSym.Text, tbxDesFileSym.Text,
LoadKey(tbxLoadKeySym.Text), LoadIV(tbxLoadIVSym.Text));
MessageBox.Show("Encrypted!!!");
return;
}
if (rbtRC2.Checked == true)
{
EncryptData(2, tbxSourceFileSym.Text, tbxDesFileSym.Text,
HashKey(1, tbxLoadKeySym.Text), LoadIV(tbxLoadIVSym.Text));
MessageBox.Show("Encrypted!!!");
return;
}
}
V button Decrypt, thc hin qu trnh gii m vi key v iv c dng
m ha.
private void btnDecryptSym_Click(object sender, EventArgs e)
{
if (rbtAES.Checked == true)
{
DecryptData(4, tbxSourceFileSym.Text, tbxDesFileSym.Text,
HashKey(2, tbxCreateKeySym.Text), LoadIV(tbxLoadIVSym.Text));
MessageBox.Show("Decrypted!!!");
return;
}
if (rbtDES.Checked == true)
{
DecryptData(1, tbxSourceFileSym.Text, tbxDesFileSym.Text,
LoadKey(tbxLoadKeySym.Text), LoadIV(tbxLoadIVSym.Text));
-
30
MessageBox.Show("Decrypted!!!");
return;
}
if (rbt3DES.Checked == true)
{
DecryptData(3, tbxSourceFileSym.Text, tbxDesFileSym.Text,
LoadKey(tbxLoadKeySym.Text), LoadIV(tbxLoadIVSym.Text));
MessageBox.Show("Decrypted!!!");
return;
}
if (rbtRC2.Checked == true)
{
DecryptData(2, tbxSourceFileSym.Text, tbxDesFileSym.Text,
HashKey(1, tbxLoadKeySym.Text), LoadIV(tbxLoadIVSym.Text));
MessageBox.Show("Decrypted!!!");
return;
}
3.1.2. M ha file bng thut ton m ha bt i xng.
Chng ta s cng xem mt chng trnh demo v cng gii thch lm th no
m ha mt file vi cc thut ton m ha i xng. Di y l mt s giao din
ca chng trnh.
-
31
Hnh 3.2: Giao din ca chng trnh Asymmetric Alogorithm.
y ch cung cp mt thut ton m ha bt i xng l RSA v cc padding:
PKCS #1 v1.5 v OAEP.
Khi click vo button Create Key, public key v private key c sinh ra di
dang file .XML.
private void btnCreateKeyAsym_Click(object sender, EventArgs e)
{
rsa = new RSACryptoServiceProvider();
tbxPublicKeyAsym.Text = rsa.ToXmlString(false);
tbxPrivateKeyAsym.Text = rsa.ToXmlString(true);
}
Cp kha public v private key s c lu khi ngi dng click vo button Save
Key.
private void btnSavePubKey_Click(object sender, EventArgs e)
-
32
{
if (tbxPublicKeyAsym.Text == "")
{
MessageBox.Show("You have not created key !!!");
return;
}
saveFD = new SaveFileDialog();
saveFD.DefaultExt = "xml";
saveFD.Title = "Do you want to save file?";
if (saveFD.ShowDialog() == DialogResult.OK)
{
string pathSave = saveFD.FileName;
WriteFileText(pathSave, tbxPublicKeyAsym.Text);
}
saveFD.Dispose();
}
private void btnSavaPrivateKey_Click(object sender, EventArgs e)
{
saveFD = new SaveFileDialog();
saveFD.DefaultExt = "xml";
saveFD.Title = "Do you want to save file?";
if (saveFD.ShowDialog() == DialogResult.OK)
{
string pathSave = saveFD.FileName;
WriteFileText(pathSave, tbxPrivateKeyAsym.Text);
}
saveFD.Dispose();
}
Bc vo qu trnh m ha, ngi dng phi ch ng dn ti ni lu kha
public key Load Key, nhp cc ng dn ti file cn m ha v lu file m ha.
Khi click vo button, Encrypt qu trnh m ha s bt u.
private void btnEncrypt_Click(object sender, EventArgs e)
{
if (tbxDesFileAsym.Text == "")
{
MessageBox.Show("Choose the source file to encrypt!!!");
-
33
return;
}
if (tbxDesFileAsym.Text == "")
{
MessageBox.Show("Path wrong!");
return;
}
if (tbxLoadKeyAsym.Text == "")
{
MessageBox.Show("Choose the Public Key or Private Key to Encrypt
!!!");
return;
}
EncryptRSA(tbxLoadKeyAsym.Text, tbxSourceFileAsym.Text,
tbxDesFileAsym.Text);
MessageBox.Show("Encrypted !!!");
}
Button Decrypt, dng gii m file c m ha bng private key c
to ra cng public key. Kha private key s c c t ng dn Load Key.
private void btnDecrypt_Click(object sender, EventArgs e)
{
if (tbxDesFileAsym.Text == "")
{
MessageBox.Show("Choose the source file to encrypt!!!");
return;
}
if (tbxDesFileAsym.Text == "")
{
MessageBox.Show("Path wrong!!");
return;
}
if (tbxLoadKeyAsym.Text == "")
{
MessageBox.Show("Choose the Public Key or Private Key to Decrypt
!!!");
return;
}
-
34
DecryptRSA(tbxLoadKeyAsym.Text, tbxSourceFileAsym.Text,
tbxDesFileAsym.Text);
MessageBox.Show("Decrypted !!!");
}
3.1.4. M ha file bng thut ton hm bm.
m ha file bng thut ton hm bm s c h tr cc thut ton nh: MD5,
SHA-1, SHA-256, SHA-384, SHA-512, Keyed Hash Algorithm qua cc radiobutton
trong GroupBox Hash Algorithm.
Hnh 3.3: Giao din Hash Algorithm.
Thut ton Keyed Hash Algorithm l hm bm c key, nn khi chn thut ton
ny s cho php in key vo m ha trong khi cc thut ton khc th khng.
Ngi dng s phi in y ng dn v file cn m ha v file lu sau
khi m ha xong. Tip lc click vo button Hash, qu trnh m ha s bt u.
-
35
private void btnEncryptHash_Click(object sender, EventArgs e)
{
if (tbxSourceFileHash.Text == "")
{
MessageBox.Show("Choose source file!!!");
}
else if (tbxDesFileHash.Text == "")
{
MessageBox.Show("Choose destination file!!!");
}
else if (rbtKeyHash.Checked == true && tbxKeyHA.Text == "")
{
MessageBox.Show("Enter Key!!!");
}
else
{
FileInfo fiSource = new FileInfo(tbxSourceFileHash.Text);
if (fiSource.Exists)
{
if (hash == 6)
{
KeyedHashFile(tbxKeyHA.Text, tbxSourceFileHash.Text,
tbxDesFileHash.Text);
}
else
{
HashFile(hash, tbxSourceFileHash.Text, tbxDesFileHash.Text);
}
MessageBox.Show("Hash successfull!!!");
}
else
{
MessageBox.Show("Path wrong!!!");
return;
}
}
}
-
36
KT LUN
Sau qu trnh tm hiu ti bo co, nhm tm hiu v thc hin c mt
s vn d nh sau:
Tm hiu v .Net framework cng nh .Net framework trong bo mt
thng tin.
Tm hiu v lp Cryptopraphy trong .Net framework h tr trong lp trnh
bo mt
Xy dng c chng trnh demo v m ha file bng cc thut ton m
ha.
Bn cnh bi bo co cng c nhng mt hn ch:
Chng trnh cn kh n gin, cha thn thin vi ngi dng.
Cha bt ht cc li trong chng trnh.
Cha c h thng h tr ngi s dng.
Cha c phn to ch k s.
Chng trnh m ha cha m ha c cc file c dung lng ln.
Hng pht trin ca bo co:
Xy dng chng trnh hon thin hn,
Bt ht cc li cn thiu st.
B sung h thng h tr ngi s dng
-
37
TI LIU THAM KHO
1. http://vi.wikipedia.org/wiki/.NET_Framework
2. .Net Security and Cryptography.
3. Programing .Net Security.
4. V mt s ti liu khc trn internet.