我在Windows Phone中使用了以下代码进行加密:
public static string Encrypt(string dataToEncrypt, string password)
{
AesManaged aes = null;
MemoryStream memoryStream = null;
CryptoStream cryptoStream = null;
string salt = "12345678";
try
{
// Generate a Key based on a Password and HMACSHA1 pseudo-random number generator
// Salt must be at least 8 bytes long
// Use an iteration count of at least 1000
Rfc2898DeriveBytes rfc2898 = new Rfc2898DeriveBytes(password, Encoding.UTF8.GetBytes(salt), 10000);
// Create AES algorithm
aes = new AesManaged();
// Key derived from byte array with 32 pseudo-random key bytes
aes.Key = rfc2898.GetBytes(32);
// IV derived from byte array with 16 pseudo-random key bytes
aes.IV = rfc2898.GetBytes(16);
// Create Memory and Crypto Streams
memoryStream = new MemoryStream();
cryptoStream = new CryptoStream(memoryStream, aes.CreateEncryptor(), CryptoStreamMode.Write);
// Encrypt Data
byte[] data = Encoding.UTF8.GetBytes(dataToEncrypt);
cryptoStream.Write(data, 0, data.Length);
cryptoStream.FlushFinalBlock();
// Return Base 64 String
return Convert.ToBase64String(memoryStream.ToArray());
}
finally
{
if (cryptoStream != null)
{
cryptoStream.Close();
}
if (memoryStream != null)
{
memoryStream.Close();
}
if (aes != null)
{
aes.Clear();
}
}
}
public static string Decrypt(string dataToDecrypt, string password)
{
AesManaged aes = null;
MemoryStream memoryStream = null;
string salt = "12345678";
try
{
// Generate a Key based on a Password and HMACSHA1 pseudo-random number generator
// Salt must be at least 8 bytes long
// Use an iteration count of at least 1000
Rfc2898DeriveBytes rfc2898 = new Rfc2898DeriveBytes(password, Encoding.UTF8.GetBytes(salt), 10000);
// Create AES algorithm
aes = new AesManaged();
// Key derived from byte array with 32 pseudo-random key bytes
aes.Key = rfc2898.GetBytes(32);
// IV derived from byte array with 16 pseudo-random key bytes
aes.IV = rfc2898.GetBytes(16);
// Create Memory and Crypto Streams
memoryStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(memoryStream, aes.CreateDecryptor(), CryptoStreamMode.Write);
// Decrypt Data
byte[] data = Convert.FromBase64String(dataToDecrypt);
cryptoStream.Write(data, 0, data.Length);
cryptoStream.FlushFinalBlock();
// Return Decrypted String
byte[] decryptBytes = memoryStream.ToArray();
// Dispose
if (cryptoStream != null)
{
cryptoStream.Dispose();
}
// Retval
return Encoding.UTF8.GetString(decryptBytes, 0, decryptBytes.Length);
}
finally
{
if (memoryStream != null)
{
memoryStream.Dispose();
}
if (aes != null)
{
aes.Clear();
}
}
}
加密的表现很差。任何人都可以建议对上述代码进行一些改进吗?
答案 0 :(得分:3)
当然,您可以使用Rfc2898DeriveBytes在这些函数之外移动密钥派生代码,因为给定密码的密钥将是常量并且通常会多次使用。除此之外,我没有太大的改进空间。
答案 1 :(得分:1)
也许您应该引入一些using()括号以确保没有内存泄漏。你可以看看这个:
http://zayko.net/post/How-to-EncryptDecrypt-a-String-in-Silverlight-for-Windows-Phone-7.aspx
这只会在你的功能随着时间的推移变慢而不是第一次运行时有所帮助。