how to fix CspParameters not supported by Mono exception calling CryptDeriveKey(如何修复调用 CryptDeriveKey 的 Mono 异常不支持的 CspParameters)
问题描述
我尝试从 在哪里可以找到 C# 示例代码以在 ASP .NET MVC2 中实现密码恢复 对 Mono 的回答.我它包含以下程序.CryptDeriveKey 调用导致 Mono 中的异常
I try to port ASP .NET MVC2 password recovery code from Where to find C# sample code to implement password recovery in ASP .NET MVC2 answer to Mono. I it contains procedure below. CryptDeriveKey call causes exception in Mono
CspParameters not supported by Mono
如何在 ASP .NET MVC2 应用程序中实现 Mono 中的密码恢复?
How to implement password recovery in Mono in ASP .NET MVC2 application ?
/// <summary>
/// Takes a text message and encrypts it using a password as a key.
/// </summary>
/// <param name="plainMessage">A text to encrypt.</param>
/// <param name="password">The password to encrypt the message with.</param>
/// <returns>Encrypted string.</returns>
/// <remarks>This method uses TripleDES symmmectric encryption.</remarks>
public static string EncodeMessageWithPassword(string plainMessage, string password)
{
if (plainMessage == null)
throw new ArgumentNullException("encryptedMessage", "The message cannot be null");
TripleDESCryptoServiceProvider des = new TripleDESCryptoServiceProvider();
des.IV = new byte[8];
//Creates the key based on the password and stores it in a byte array.
PasswordDeriveBytes pdb = new PasswordDeriveBytes(password, new byte[0]);
// in mono CryptDeriveKey causes exception:
// CspParameters not supported by Mono
des.Key = pdb.CryptDeriveKey("RC2", "MD5", 128, new byte[8]);
MemoryStream ms = new MemoryStream(plainMessage.Length * 2);
CryptoStream encStream = new CryptoStream(ms, des.CreateEncryptor(), CryptoStreamMode.Write);
byte[] plainBytes = Encoding.UTF8.GetBytes(plainMessage);
encStream.Write(plainBytes, 0, plainBytes.Length);
encStream.FlushFinalBlock();
byte[] encryptedBytes = new byte[ms.Length];
ms.Position = 0;
ms.Read(encryptedBytes, 0, (int)ms.Length);
encStream.Close();
return Convert.ToBase64String(encryptedBytes);
}
推荐答案
你不能修复因为类型 CspParameters
不支持真正单声道.
You cannot fix this as the type CspParameters
is not really supported by Mono.
原因是这种类型用于在(托管)BCL 代码和 CryptoAPI 的 CSP(加密服务提供商)之间传递额外的信息.由于 Mono 仅使用托管代码并且 CryptoAPI 在 Windows 之外不可用,因此 CspParameters
类主要是一个存根,一个没有代码的定义.
The reason is that this type is used to communicate extra information between the (managed) BCL code and the CryptoAPI's CSP (crypto service provider). Since Mono use only managed code and that CryptoAPI is not available outside Windows then the CspParameters
class is mostly a stub, a definition without code.
尤其是类型 PasswordDeriveBytes
有点特别.它实现了 Mono 支持的标准 PKCS#5 v1.5,但它还添加了一些 Microsoft 扩展(违反规范)包括一个完全a> 损坏(安全方面).使用 PasswordDeriveBytes
时应格外小心.
In particular the type PasswordDeriveBytes
is a bit special. It implements the standard PKCS#5 v1.5, which Mono supports, but it also adds a few Microsoft extensions (breaking the specification) including one one them being totally broken (security wise). You should take great care when using PasswordDeriveBytes
.
CryptDeriveKey
的情况设计得更糟糕.它与(任何版本的)PKCS#5 无关,就像 PasswordDeriveBytes
的其余部分一样(即它不是基于标准的).它所做的只是使用默认 CSP 将您的参数重定向到 CryptoAPI.一些专业问题由此产生:
The case for CryptDeriveKey
is even more badly designed. It has nothing to do with (any version of) PKCS#5, like the rest of PasswordDeriveBytes
(i.e. it's not standard-based). What it does is simply redirect your parameters to CryptoAPI using the default CSP. Some majors issues arise form this:
AFAIK Microsoft 从未发布他们用来在他们的 CSP 中派生密钥的算法.我不能说它是否安全,他们的 PKCS#5 扩展不安全;
AFAIK Microsoft never published the algorithm(s) they are using to derive keys in their CSP. I can't say if it's even secure, their PKCS#5 extensions were not;
可以将默认"CSP(例如通过应用程序)更改为默认为非 Microsoft CSP(例如硬卡/智能卡 CSP).这些 CSP 提供的密钥派生算法是未知的(希望他们回调 MS CSP);
The "default" CSP can be changed (e.g. by applications) to default to a non-Microsoft CSP (e.g. hardward/smartcard CSP). The key derivation algorithm provided by those CSP is unknown (hopefully they call back into MS CSP);
CryptoAPI 和 CSP 仅在 Windows 上可用,并且因 Windows/exportability 的版本而异,而不是 .NET 框架的版本.
CryptoAPI and the CSP are only available on Windows and differs by the version of Windows/exportability, not the version of the .NET framework.
您应该避免使用 PasswordDeriveBytes.CryptDeriveKey
,即使在 Windows 上也是如此,除非您可以确保默认 CSP 在运行您的应用程序的所有计算机上(并将保持)相同.
You should avoid using PasswordDeriveBytes.CryptDeriveKey
, even on Windows, unless you can assure the default CSP is (and will remain) identical across all computers running your application.
总之,为了避免互操作性/安全问题,我强烈建议您使用更新的 PKCS#5 v2,Mono/MonoTouch/Microsoft 将其实现为 System.Security.Cryptography.Rfc2898DeriveBytes
.
In conclusion, to avoid interoperability / security issues, I strongly suggest your to use the newer PKCS#5 v2, which Mono/MonoTouch/Microsoft implements as System.Security.Cryptography.Rfc2898DeriveBytes
.
这篇关于如何修复调用 CryptDeriveKey 的 Mono 异常不支持的 CspParameters的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!
本文标题为:如何修复调用 CryptDeriveKey 的 Mono 异常不支持的 CspParameters
基础教程推荐
- 有没有办法忽略 2GB 文件上传的 maxRequestLength 限制? 2022-01-01
- 如何在 IDE 中获取 Xamarin Studio C# 输出? 2022-01-01
- rabbitmq 的 REST API 2022-01-01
- 将 XML 转换为通用列表 2022-01-01
- 将 Office 安装到 Windows 容器 (servercore:ltsc2019) 失败,错误代码为 17002 2022-01-01
- SSE 浮点算术是否可重现? 2022-01-01
- 为什么Flurl.Http DownloadFileAsync/Http客户端GetAsync需要 2022-09-30
- c# Math.Sqrt 实现 2022-01-01
- MS Visual Studio .NET 的替代品 2022-01-01
- 如何激活MC67中的红灯 2022-01-01