C# 推荐的 .NET 加密库
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/1180365/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Recommended .NET encryption library
提问by JeremyWeir
After reading (yet another) postby Jeff Atwoodmore or less concluding that us mortal developers shouldn't be getting too involved with encryption, I'm left wondering what library I should be using. The only two libraries I've found that seem legitimate are entlib's and Bouncy Castle, but they don't seem much more of an abstraction than the .NET cryptography APIs to me.
在阅读了Jeff Atwood 的(又一个)帖子后,或多或少地得出结论,我们凡人的开发人员不应该过多地参与加密,我想知道我应该使用什么库。我发现的唯一两个看起来合法的库是 entlib's 和Bouncy Castle,但对我来说,它们似乎并不比 .NET 加密 API 更抽象。
I guess what I'm wondering is if there is a "jQuery of cryptography libraries" that is simple, widely-trusted, open and well-documented.
我想我想知道的是是否有一个“密码库的 jQuery”,它简单、广受信任、开放且有据可查。
采纳答案by CraigTP
edit:Here is a comprehensive list of popular crypto libraries from https://github.com/quozd/awesome-dotnet/blob/master/README.md#cryptography:
编辑:这是来自https://github.com/quozd/awesome-dotnet/blob/master/README.md#cryptography的流行加密库的完整列表:
- BouncyCastle- Together with the .Net System.Security.Cryptography, the reference implementation for cryptographic algorithms on the CLR.
- HashLib- HashLib is a collection of nearly all hash algorithms you've ever seen, it supports almost everything and is very easy to use
- libsodium-net- libsodium for .NET - A secure cryptographic library
- Pkcs11Interop- Managed .NET wrapper for unmanaged PKCS#11 libraries that provide access to the cryptographic hardware
- StreamCryptor- Stream encryption & decryption with libsodium and protobuf
- SecurityDriven.Inferno- .NET crypto library. Professionally audited.
- BouncyCastle- 与 .Net System.Security.Cryptography 一起,CLR 上加密算法的参考实现。
- HashLib- HashLib 是您见过的几乎所有哈希算法的集合,它支持几乎所有内容并且非常易于使用
- libsodium-net- .NET 的 libsodium - 一个安全的加密库
- Pkcs11Interop- 用于提供对加密硬件的访问的非托管 PKCS#11 库的托管 .NET 包装器
- StreamCryptor- 使用 libsodium 和 protobuf 进行流加密和解密
- SecurityDriven.Inferno- .NET 加密库。专业审核。
Original answer follows.
原答案如下。
The Bouncy Castle library is indeed a well respected, and mature encryption library, but what's wrong with using many of the fantastic encryption functions that are built right into the .NET framework?
Bouncy Castle 库确实是一个备受推崇且成熟的加密库,但是使用 .NET 框架中内置的许多出色的加密函数有什么问题呢?
System.Security.Cryptography Namespace
In my experience, these implementations are rock-solid, provide numerous options (for example: you've usually got a Crypto API, CNGand Managed implementations of each algorithm to choose from) , and you're not going to "get it wrong", since you're only usingthe implementation. If you're slightly worried that you might usethem incorrectly, you can always follow MSDN's own example code.
根据我的经验,这些实现是坚如磐石的,提供了许多选项(例如:您通常有每个算法的加密 API、CNG和托管实现可供选择),并且您不会“弄错” ",因为您只使用了实现。如果你有点担心你可能会错误地使用它们,你总是可以遵循MSDN 自己的示例代码。
回答by Jon Galloway
Bouncy Castleseems to be pretty widely respected
充气城堡似乎受到了广泛的尊重
回答by Jon Grant
You have completely misunderstood the maxim "do not implement encryption routines yourself". What this means is: do not roll your own RSA/DSA/whatever encryption algorithm. It doesn't mean that you shouldn't use one written by someone who knows what they are doing. In fact, if anything, adding more layers between you and the trusted algorithm is going to hurt you, and not the reverse.
您完全误解了“不要自己实现加密例程”的格言。这意味着:不要推出自己的 RSA/DSA/任何加密算法。这并不意味着你不应该使用由知道自己在做什么的人写的。事实上,如果有的话,在你和可信算法之间添加更多层会伤害你,而不是相反。
回答by Dipen Bhikadya
EntLib Cryptography block works well for most of encryption/hashing needs.
EntLib Cryptography 块适用于大多数加密/散列需求。
