是否可以在 .net framework 4.7 中使用 AES(256 位)GCM 模式加密数据?

编程入门行业动态更新时间:2024-10-23 19:19:22

本文介绍了是否可以在 framework 4.7 中使用 AES(256 位)GCM 模式加密数据?的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！问题描述

MSDN 链接提供对具体 AES 类的引用:

The MSDN link provides references to concrete AES classes:

System.Security.Cryptography.AesCng
System.Security.Cryptography.AesCryptoServiceProvider
System.Security.Cryptography.AesManaged

然而，AesCryptoServiceProvider 适用于较旧的机器，而 AesManaged 未通过 FIPS 认证.所以唯一的选择是 AesCng.AesCng 有一个名为 Mode 的属性，它只需要:CBC、ECB、OFB、CFB、CTS 但没有 GCM.

However AesCryptoServiceProvider is for older machines and AesManaged is not certified for FIPS. So the only option is AesCng. The AesCng has a property called Mode, which will only take: CBC, ECB, OFB, CFB, CTS but no GCM.

此框架是否支持 AES GCM?

如果是，有没有例子?

如果不是，那我有什么选择?

推荐答案

此答案反映了上述 Luke Park、bartonjs、Timo、a 和 Maarten Bodewes 的评论.

This answer reflects the comments from Luke Park, bartonjs, Timo, aand Maarten Bodewes above.

一种选择是使用 Bouncycastle C# 库，它有自己独立的实现AES 以及 GCM 模式.查看类 GCMBlockCipher、AesEngine 和 AEADParameters 的源代码.

One option is to use the Bouncycastle C# library, which has its own self-contained implementation of AES as well as the GCM mode. Look at the source code for the classes GCMBlockCipher, AesEngine, and AEADParameters.

另一种选择是使用 P/Invoke 手动调用 BCryptEncrypt.

Another option is to use P/Invoke to manually call BCryptEncrypt.

最后，请注意 .NET Core 将从 3.0 开始支持.源已在 github.

Finally, note that .NET Core will have support starting in 3.0. The source is already available in github.