.net 如何解密用 HMACSHA1 加密的字符串?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2434154/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to decrypt a string encrypted with HMACSHA1?
提问by Jon Skeet
I'm an encryption novice trying to pass some values back and forth between systems. I can encrypt the value, but can't seem to figure out how to decrypt on the other end. I've created a simple Windows Forms application using VB.NET. Trying to input a value and a key, encrypt and then decrypt to get the original value. Here's my code so far. Any help greatly appreciated. Thanks.
我是一个加密新手,试图在系统之间来回传递一些值。我可以加密该值,但似乎无法弄清楚如何在另一端解密。我已经使用 VB.NET 创建了一个简单的 Windows 窗体应用程序。尝试输入一个值和一个密钥,加密然后解密得到原始值。到目前为止,这是我的代码。非常感谢任何帮助。谢谢。
Imports System
Imports System.IO
Imports System.Security.Cryptography
Imports System.Text
Public Class Form1
Private Sub btnEncode_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnEncode.Click
Dim hmacsha1 As New HMACSHA1(Encoding.ASCII.GetBytes(txtKey.Text))
Dim hashValue As Byte() = hmacsha1.ComputeHash(Encoding.ASCII.GetBytes(txtValue.Text))
txtResult.Text = BytesToHexString(hashValue)
hmacsha1.Clear()
End Sub
Private Sub btnDecode_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnDecode.Click
'???
End Sub
Private Function BytesToHexString(ByVal bytes As Byte()) As String
Dim output As String = String.Empty
Dim i As Integer = 0
Do While i < bytes.Length
output += bytes(i).ToString("X2")
i += 1
Loop
Return output
End Function
End Class
回答by Martin Milan
Just to expand on Jon's answer, because you're probably wondering what the point is of encrypting something that you can't decrypt - HMAC-SHA1 is, as Jon said, a hash. The string produced does not contain the original information, even in encrypted form... It's just a sequence of bytes.
只是为了扩展 Jon 的答案,因为您可能想知道加密您无法解密的内容有什么意义 - 正如 Jon 所说,HMAC-SHA1 是一个哈希值。生成的字符串不包含原始信息,即使是加密形式......它只是一个字节序列。
The beauty of the hash however is that any sort of change you might make in the string will almost certainly result in a change in the hash result, and the hash result tends to be fairly small. For this reason, hashs are often used to ensure that a piece of information has not been tampered with.
然而,散列的美妙之处在于您可能对字符串进行的任何类型的更改几乎肯定会导致散列结果的更改,并且散列结果往往相当小。出于这个原因,散列通常用于确保一条信息没有被篡改。
For instance,
例如,
I want to send Jon here a message - and I want him to be confident that one of his mates hasn't changed the message prior to his reading it. I can't just take the hash of my message and send that along, because all a trouble causer would have to do is replace the message with one of their own, and provide an appropriate hash...
我想给 Jon 发送一条消息——我想让他确信他的一个朋友在阅读之前没有改变这条消息。我不能只获取我的消息的哈希值并将其发送出去,因为所有麻烦制造者所要做的就是用他们自己的消息替换消息,并提供适当的哈希值......
However, if I supply my message with a hash not of the message itself, but rather of the message with a few specific extra bytes that John and I have agreed on in advance, the trouble maker is defeated. Jon knows to add the extra bytes (commonly known as salting the hash) before he hashes my message, but the trouble causer doesn't - so if he changes the message, even though he works out his own hash, Jon can see that something is amiss...
但是,如果我提供的消息不是消息本身的散列,而是带有约翰和我事先商定的一些特定额外字节的消息,那么麻烦制造者就会被击败。Jon 知道在对我的消息进行哈希处理之前添加额外的字节(通常称为对哈希进行加盐处理),但是麻烦的原因并没有 - 所以如果他更改了消息,即使他计算出自己的哈希,Jon 也可以看到一些东西错了……
Encyryption / Hashes are a fiddly business, and I've barely scratched the surface myself - but I thought this might give you a simple example of what hashes are used for...
加密/哈希是一项繁琐的业务,我自己几乎没有触及表面 - 但我认为这可能会给你一个简单的例子来说明哈希的用途......
Another very common use is for maintaining site membership information - people don't store the password, but rather the hash of the password. This means that even if someone manages to nick your user data, they are not able to use it to log into your system.
另一个非常常见的用途是维护站点成员信息——人们不存储密码,而是存储密码的哈希值。这意味着即使有人设法窃取您的用户数据,他们也无法使用它来登录您的系统。
Martin
马丁
回答by Jon Skeet
HMAC-SHA1 is a one-way hash, not a bidirectional encryptionalgorithm. You can't decrypt it. I don't have time to provide full encryption code here - it's a complicated topic, but Barry Dorrans' "Beginning ASP.NET Security"would give you a good starting point. (Only some of it is ASP.NET-specific.) You could also watch his DDD talkon the topic.
HMAC-SHA1 是一种单向哈希,而不是双向加密算法。你无法解密它。我没有时间在这里提供完整的加密代码 - 这是一个复杂的话题,但 Barry Dorrans 的“开始 ASP.NET 安全”会给你一个很好的起点。(只有其中一些是特定于 ASP.NET 的。)您还可以观看他关于该主题的DDD 演讲。
回答by sean
A simple one-way hash explaination as to why people would want to do it.
关于人们为什么想要这样做的简单单向哈希解释。
Lets say you have a user account with the username John and password Doe. You store the hash of the following string.
假设您有一个用户名 John 和密码 Doe 的用户帐户。您存储以下字符串的哈希值。
First name, your favorite number, and their selected password
名字、您喜欢的号码和他们选择的密码
for example: hash= myHash("john7@password")
例如:hash= myHash("john7@password")
now hash = "qk239qa*@$)(*84509053903" or whatever
Now that hash is secure and cant be reversed back to figure out what your favorite number is in most cases. To check if the hash is the right one for logging in, you'd re-hash the supplied input (name,your number or w/e, password) and if you get the same exact hash, its a valid deal. wo0t isnt it completely simple!
现在该哈希是安全的,并且在大多数情况下无法逆转以找出您最喜欢的数字。要检查散列是否适合登录,您需要重新散列提供的输入(姓名、您的号码或 w/e、密码),如果您获得完全相同的散列,则这是一笔有效的交易。wo0t 是不是很简单!
--should I use the same key to re-hash my data?
--我应该使用相同的密钥来重新散列我的数据吗?
