MSMQ消息加密

Posted 2020-10-09 相会

证书实现非对称加密/解密的代码如下 

//非对称加密密钥 

static byte[] RSAEncrypt(byte[] enkey, X509Certificate2 Certificate) 

{ 

RSACryptoServiceProvider RSA = Certificate.PublicKey.Key as RSACryptoServiceProvider; 

return RSA.Encrypt(enkey, false); 

} 

//非对成解密密钥 

static byte[] RSADecrypt(byte[] context, X509Certificate2 Certificate) 

{ 

RSACryptoServiceProvider RSA = Certificate.PrivateKey as RSACryptoServiceProvider; 

return RSA.Decrypt(context, false); 

} 

使用证书的公钥加密，使用证书的私钥解密 

　　

对称加密算法进行消息的加密和解密，代码如下： 

 

//对称加密消息内容 

static byte[] Encrypt(SymmetricAlgorithm RC2, string bodystring) 

{ 

MemoryStream ms = new MemoryStream(); 

CryptoStream encStream = new CryptoStream(ms, RC2.CreateEncryptor(), CryptoStreamMode.Write); 

StreamWriter sw = new StreamWriter(encStream); 

sw.WriteLine(bodystring); 

sw.Close(); 

encStream.Close(); 

byte[] buffer = ms.ToArray(); 

ms.Close(); 

return buffer; 

} 

//对称解密消息内容 

static string Decrypt(byte[] CypherText, SymmetricAlgorithm RC2) 

{ 

MemoryStream ms = new MemoryStream(CypherText); 

CryptoStream encStream = new CryptoStream(ms, RC2.CreateDecryptor(), CryptoStreamMode.Read); 

StreamReader sr = new StreamReader(encStream); 

string val = sr.ReadLine(); 

sr.Close(); 

encStream.Close(); 

ms.Close(); 

return val; 

} 

　　

发送加密消息

static void Send()

{

MessageQueue mq = new MessageQueue(DestinationQueue);

 

//mq.EncryptionRequired = EncryptionRequired.Body;

//mq.FormatName = new BinaryMessageFormatter();

Message message = new Message();

//采用二进制序列化

message.Formatter = new BinaryMessageFormatter();// new XmlMessageFormatter(new Type[] { typeof(string) });

//获取x509证书

X509Certificate2 certificate = GetCertificate();

 

//使用x509证书非对称加密对称加密密钥

RC2CryptoServiceProvider RC2 = new RC2CryptoServiceProvider();

byte[] key=RSAEncrypt(RC2.Key, certificate);

byte[] iv = RSAEncrypt(RC2.IV, certificate);

byte[] extarry= new byte[256];

key.CopyTo(extarry, 0);

iv.CopyTo(extarry, 128);

//保存使用非对称加密后的对称加密密钥

message.Extension = extarry;

//message.DestinationSymmetricKey = RSAEncrypt(RC2.Key, certificate);

//设定使用非对称加密的证书

//message.DigitalSignature = certificate.RawData;

message.SenderCertificate = certificate.RawData;

message.UseEncryption = false;

//message.AcknowledgeType = AcknowledgeTypes.PositiveReceive | AcknowledgeTypes.PositiveArrival;

//message.AdministrationQueue = new MessageQueue(@"thinkpad-t400\private$\myAdministrationQueue");

//message.UseJournalQueue = true;

message.UseDeadLetterQueue = true;

//设定对消息体对称加密算法

message.EncryptionAlgorithm = EncryptionAlgorithm.Rc2;

//message.ConnectorType = new Guid("1E9A03C5-A9B5-4BF6-B0CB-CCB313275285");

message.Label = Guid.NewGuid().ToString();

//生成同步加密key

//MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();

//SHA256CryptoServiceProvider hsa = new SHA256CryptoServiceProvider();

//byte[] keyArray = hsa.ComputeHash(System.Text.Encoding.ASCII.GetBytes(DestinationSymmetricKey));

//message.HashAlgorithm = System.Messaging.HashAlgorithm.Sha;

// RC2.Key = keyArray;

//使用RC2算法进行加密

byte[] enarry = Encrypt(RC2, BodyString);

string base64 = Convert.ToBase64String(enarry);

message.Body = enarry;

//message.SecurityContext = new SecurityContext();

Console.WriteLine("send encrypt message \r\n" + BodyString);

mq.Send(message, MessageQueueTransactionType.Single);

}

 

接收加密的消息

static void Receive()

{

MessageQueue mq = new MessageQueue(DestinationQueue);

//设定读取消息中证书，扩展属性中加密过的解密密钥

mq.MessageReadPropertyFilter.DestinationSymmetricKey = true;

mq.MessageReadPropertyFilter.Extension = true;

mq.MessageReadPropertyFilter.SenderCertificate = true;

mq.MessageReadPropertyFilter.DigitalSignature = true;

 

Message message=mq.Receive(MessageQueueTransactionType.Single);

 

message.Formatter = new BinaryMessageFormatter();

//获取证书

byte[] cert = message.SenderCertificate;

X509Certificate2 x509 = new X509Certificate2(cert);

x509 = GetCertificateBySubject(x509.Subject);

Console.WriteLine(x509.Thumbprint.ToString());

byte[] key = new byte[128];

byte[] iv = new byte[128];

for(int i=0;i<message.Extension.Length;i++)

{

if(i<128)

key[i] = message.Extension[i];

else

iv[i - 128] = message.Extension[i];

 

}

 

//还原对称加密密钥

key = RSADecrypt(key, x509);

iv = RSADecrypt(iv, x509);

//解密消息

RC2CryptoServiceProvider rc2 = new RC2CryptoServiceProvider();

rc2.Key = key;

rc2.IV = iv;

byte[] body = message.Body as byte[];

string bodystring= Decrypt(body, rc2);

Console.WriteLine("receive message " + bodystring);

}

证书实现非对称加密/解密的代码如下

//非对称加密密钥

static byte[] RSAEncrypt(byte[] enkey, X509Certificate2 Certificate)

{

RSACryptoServiceProvider RSA = Certificate.PublicKey.Key as RSACryptoServiceProvider;

return RSA.Encrypt(enkey, false);

}

//非对成解密密钥

static byte[] RSADecrypt(byte[] context, X509Certificate2 Certificate)

{

RSACryptoServiceProvider RSA = Certificate.PrivateKey as RSACryptoServiceProvider;

return RSA.Decrypt(context, false);

}

使用证书的公钥加密，使用证书的私钥解密