MACTripleDES 类
定义
重要
一些信息与预发行产品相关,相应产品在发行之前可能会进行重大修改。 对于此处提供的信息,Microsoft 不作任何明示或暗示的担保。
使用 TripleDES 计算输入数据 CryptoStream 的消息验证代码 (MAC)。
public ref class MACTripleDES : System::Security::Cryptography::KeyedHashAlgorithm
public class MACTripleDES : System.Security.Cryptography.KeyedHashAlgorithm
[System.Runtime.InteropServices.ComVisible(true)]
public class MACTripleDES : System.Security.Cryptography.KeyedHashAlgorithm
type MACTripleDES = class
inherit KeyedHashAlgorithm
[<System.Runtime.InteropServices.ComVisible(true)>]
type MACTripleDES = class
inherit KeyedHashAlgorithm
Public Class MACTripleDES
Inherits KeyedHashAlgorithm
- 继承
- 属性
示例
以下示例为名为 input.txt
的文件创建 MAC,该文件位于包含示例可执行文件的 文件夹中。 MAC 和原始文本将写入同一文件夹中名为 encrypted.hsh
的文件。 然后读取已签名的文件,并针对文件的文本部分计算 MAC,并将其与文本中包含的 MAC 进行比较。
using System;
using System.IO;
using System.Security.Cryptography;
public class MACTripleDESexample
{
public static void Main(string[] Fileargs)
{
string dataFile;
string signedFile;
//If no file names are specified, create them.
if (Fileargs.Length < 2)
{
dataFile = @"text.txt";
signedFile = "signedFile.enc";
if (!File.Exists(dataFile))
{
// Create a file to write to.
using (StreamWriter sw = File.CreateText(dataFile))
{
sw.WriteLine("Here is a message to sign");
}
}
}
else
{
dataFile = Fileargs[0];
signedFile = Fileargs[1];
}
try
{
// Create a random key using a random number generator. This would be the
// secret key shared by sender and receiver.
byte[] secretkey = new Byte[24];
//RNGCryptoServiceProvider is an implementation of a random number generator.
using (RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider())
{
// The array is now filled with cryptographically strong random bytes.
rng.GetBytes(secretkey);
// Use the secret key to sign the message file.
SignFile(secretkey, dataFile, signedFile);
// Verify the signed file
VerifyFile(secretkey, signedFile);
}
}
catch (IOException e)
{
Console.WriteLine("Error: File not found", e);
}
} //end main
// Computes a keyed hash for a source file and creates a target file with the keyed hash
// prepended to the contents of the source file.
public static void SignFile(byte[] key, String sourceFile, String destFile)
{
// Initialize the keyed hash object.
using (MACTripleDES hmac = new MACTripleDES(key))
{
using (FileStream inStream = new FileStream(sourceFile, FileMode.Open))
{
using (FileStream outStream = new FileStream(destFile, FileMode.Create))
{
// Compute the hash of the input file.
byte[] hashValue = hmac.ComputeHash(inStream);
// Reset inStream to the beginning of the file.
inStream.Position = 0;
// Write the computed hash value to the output file.
outStream.Write(hashValue, 0, hashValue.Length);
// Copy the contents of the sourceFile to the destFile.
int bytesRead;
// read 1K at a time
byte[] buffer = new byte[1024];
do
{
// Read from the wrapping CryptoStream.
bytesRead = inStream.Read(buffer, 0, 1024);
outStream.Write(buffer, 0, bytesRead);
} while (bytesRead > 0);
}
}
}
return;
} // end SignFile
// Compares the key in the source file with a new key created for the data portion of the file. If the keys
// compare the data has not been tampered with.
public static bool VerifyFile(byte[] key, String sourceFile)
{
bool err = false;
// Initialize the keyed hash object.
using (MACTripleDES hmac = new MACTripleDES(key))
{
// Create an array to hold the keyed hash value read from the file.
byte[] storedHash = new byte[hmac.HashSize / 8];
// Create a FileStream for the source file.
using (FileStream inStream = new FileStream(sourceFile, FileMode.Open))
{
// Read in the storedHash.
inStream.Read(storedHash, 0, storedHash.Length);
// Compute the hash of the remaining contents of the file.
// The stream is properly positioned at the beginning of the content,
// immediately after the stored hash value.
byte[] computedHash = hmac.ComputeHash(inStream);
// compare the computed hash with the stored value
for (int i = 0; i < storedHash.Length; i++)
{
if (computedHash[i] != storedHash[i])
{
err = true;
}
}
}
}
if (err)
{
Console.WriteLine("Hash values differ! Signed file has been tampered with!");
return false;
}
else
{
Console.WriteLine("Hash values agree -- no tampering occurred.");
return true;
}
} //end VerifyFile
} //end class
Imports System.IO
Imports System.Security.Cryptography
Public Class MACTripleDESexample
Public Shared Sub Main(ByVal Fileargs() As String)
Dim dataFile As String
Dim signedFile As String
'If no file names are specified, create them.
If Fileargs.Length < 2 Then
dataFile = "text.txt"
signedFile = "signedFile.enc"
If Not File.Exists(dataFile) Then
' Create a file to write to.
Using sw As StreamWriter = File.CreateText(dataFile)
sw.WriteLine("Here is a message to sign")
End Using
End If
Else
dataFile = Fileargs(0)
signedFile = Fileargs(1)
End If
Try
' Create a random key using a random number generator. This would be the
' secret key shared by sender and receiver.
Dim secretkey() As Byte = New [Byte](23) {}
'RNGCryptoServiceProvider is an implementation of a random number generator.
Using rng As New RNGCryptoServiceProvider()
' The array is now filled with cryptographically strong random bytes.
rng.GetBytes(secretkey)
' Use the secret key to encode the message file.
SignFile(secretkey, dataFile, signedFile)
' Take the encoded file and decode
VerifyFile(secretkey, signedFile)
End Using
Catch e As IOException
Console.WriteLine("Error: File not found", e)
End Try
End Sub
' Computes a keyed hash for a source file and creates a target file with the keyed hash
' prepended to the contents of the source file.
Public Shared Sub SignFile(ByVal key() As Byte, ByVal sourceFile As String, ByVal destFile As String)
' Initialize the keyed hash object.
Using myhmac As New MACTripleDES(key)
Using inStream As New FileStream(sourceFile, FileMode.Open)
Using outStream As New FileStream(destFile, FileMode.Create)
' Compute the hash of the input file.
Dim hashValue As Byte() = myhmac.ComputeHash(inStream)
' Reset inStream to the beginning of the file.
inStream.Position = 0
' Write the computed hash value to the output file.
outStream.Write(hashValue, 0, hashValue.Length)
' Copy the contents of the sourceFile to the destFile.
Dim bytesRead As Integer
' read 1K at a time
Dim buffer(1023) As Byte
Do
' Read from the wrapping CryptoStream.
bytesRead = inStream.Read(buffer, 0, 1024)
outStream.Write(buffer, 0, bytesRead)
Loop While bytesRead > 0
End Using
End Using
End Using
Return
End Sub
' end SignFile
' Compares the key in the source file with a new key created for the data portion of the file. If the keys
' compare the data has not been tampered with.
Public Shared Function VerifyFile(ByVal key() As Byte, ByVal sourceFile As String) As Boolean
Dim err As Boolean = False
' Initialize the keyed hash object.
Using hmac As New MACTripleDES(key)
' Create an array to hold the keyed hash value read from the file.
Dim storedHash(hmac.HashSize / 8) As Byte
' Create a FileStream for the source file.
Using inStream As New FileStream(sourceFile, FileMode.Open)
' Read in the storedHash.
inStream.Read(storedHash, 0, storedHash.Length - 1)
' Compute the hash of the remaining contents of the file.
' The stream is properly positioned at the beginning of the content,
' immediately after the stored hash value.
Dim computedHash As Byte() = hmac.ComputeHash(inStream)
' compare the computed hash with the stored value
Dim i As Integer
For i = 0 To storedHash.Length - 2
If computedHash(i) <> storedHash(i) Then
err = True
End If
Next i
End Using
End Using
If err Then
Console.WriteLine("Hash values differ! Signed file has been tampered with!")
Return False
Else
Console.WriteLine("Hash values agree -- no tampering occurred.")
Return True
End If
End Function 'VerifyFile
End Class
'end class
注解
MAC 可用于确定通过不安全通道发送的消息是否已被篡改,前提是发送方和接收方共享密钥。 发送方计算原始数据的 MAC,并将这两者作为单个消息发送。 接收方对收到的消息重新计算 MAC,并检查计算的 MAC 是否与传输的 MAC 匹配。
对数据或 MAC 的任何更改都会导致不匹配,因为需要知道密钥才能更改消息并重现正确的 MAC。 因此,如果代码匹配,则会对消息进行身份验证。
MACTripleDES 使用长度为 16 或 24 字节的键,并生成长度为 8 字节的哈希序列。
构造函数
MACTripleDES() |
初始化 MACTripleDES 类的新实例。 |
MACTripleDES(Byte[]) |
使用指定的密钥数据初始化 MACTripleDES 类的新实例。 |
MACTripleDES(String, Byte[]) |
使用 MACTripleDES 的指定实现,用指定的密钥数据初始化 TripleDES 类的新实例。 |
字段
HashSizeValue |
表示计算所得的哈希代码的大小(以位为单位)。 (继承自 HashAlgorithm) |
HashValue |
表示计算所得的哈希代码的值。 (继承自 HashAlgorithm) |
KeyValue |
用于哈希算法的密钥。 (继承自 KeyedHashAlgorithm) |
State |
表示哈希计算的状态。 (继承自 HashAlgorithm) |
属性
CanReuseTransform |
获取一个值,该值指示是否可重复使用当前转换。 (继承自 HashAlgorithm) |
CanTransformMultipleBlocks |
当在派生类中重写时,获取一个值,该值指示是否可以转换多个块。 (继承自 HashAlgorithm) |
Hash |
获取计算所得的哈希代码的值。 (继承自 HashAlgorithm) |
HashSize |
获取计算所得的哈希代码的大小(以位为单位)。 (继承自 HashAlgorithm) |
InputBlockSize |
当在派生类中重写时,获取输入块的大小。 (继承自 HashAlgorithm) |
Key |
获取或设置用于哈希算法的密钥。 (继承自 KeyedHashAlgorithm) |
OutputBlockSize |
当在派生类中重写时,获取输出块的大小。 (继承自 HashAlgorithm) |
Padding |
获取或设置哈希算法中使用的填充模式。 |
方法
显式接口实现
IDisposable.Dispose() |
释放由 HashAlgorithm 占用的非托管资源,还可以另外再释放托管资源。 (继承自 HashAlgorithm) |