将算法名称映射到加密类Mapping Algorithm Names to Cryptography Classes

开发人员可通过以下四种方式使用 Windows SDK 创建加密对象:There are four ways a developer can create a cryptography object using the Windows SDK:

  • 使用new运算符创建对象。Create an object by using the new operator.

  • 通过对该算法的抽象类调用create方法, 创建实现特定加密算法的对象。Create an object that implements a particular cryptography algorithm by calling the Create method on the abstract class for that algorithm.

  • 通过调用CryptoConfig.CreateFromName方法, 创建实现特定加密算法的对象。Create an object that implements a particular cryptography algorithm by calling the CryptoConfig.CreateFromName method.

  • 通过对该类型算法SymmetricAlgorithm的抽象类调用create方法 (如), 创建一个实现一类加密算法 (如对称块密码) 的对象。Create an object that implements a class of cryptographic algorithms (such as a symmetric block cipher) by calling the Create method on the abstract class for that type of algorithm (such as SymmetricAlgorithm).

例如, 假设开发人员想要计算一组字节的 SHA1 哈希。For example, suppose a developer wants to compute the SHA1 hash of a set of bytes. System.Security.Cryptography命名空间包含 SHA1 算法的两个实现, 一个纯粹的托管实现, 另一个包装 CryptoAPI。The System.Security.Cryptography namespace contains two implementations of the SHA1 algorithm, one purely managed implementation and one that wraps CryptoAPI. 开发人员可以通过调用new运算符来选择实例化特定的 SHA1 SHA1Managed实现 (如)。The developer can choose to instantiate a particular SHA1 implementation (such as the SHA1Managed) by calling the new operator. 但是, 如果公共语言运行时加载哪个类 (只要类实现 SHA1 哈希算法), 开发人员就可以通过调用SHA1.Create方法来创建对象。However, if it does not matter which class the common language runtime loads as long as the class implements the SHA1 hash algorithm, the developer can create an object by calling the SHA1.Create method. 此方法调用CryptoConfig. cryptoconfig.createfromname ("") , 该方法必须返回 SHA1 哈希算法的一个实现。This method calls System.Security.Cryptography.CryptoConfig.CreateFromName("System.Security.Cryptography.SHA1"), which must return an implementation of the SHA1 hash algorithm.

开发人员还可以调用CryptoConfig. cryptoconfig.createfromname ("SHA1") , 因为默认情况下, 加密配置包括 .NET Framework 中附带的算法的短名称。The developer can also call System.Security.Cryptography.CryptoConfig.CreateFromName("SHA1") because, by default, cryptography configuration includes short names for the algorithms shipped in the .NET Framework.

如果使用的哈希算法并不重要, 开发人员可以调用方法, HashAlgorithm.Create这将返回实现哈希转换的对象。If it does not matter which hash algorithm is used, the developer can call the HashAlgorithm.Create method, which returns an object that implements a hashing transformation.

在配置文件中映射算法名称Mapping Algorithm Names in Configuration Files

默认情况下, 运行时为SHA1CryptoServiceProvider所有四个方案返回一个对象。By default, the runtime returns a SHA1CryptoServiceProvider object for all four scenarios. 但是, 计算机管理员可以更改最后两个方案中的方法返回的对象的类型。However, a machine administrator can change the type of object that the methods in the last two scenarios return. 为此, 必须将友好算法名称映射到要在计算机配置文件 (Machine.config) 中使用的类。To do this, you must map a friendly algorithm name to the class you want to use in the machine configuration file (Machine.config).

下面的示例演示如何配置运行时, 使其成为CryptoConfig、CRYPTOCONFIG.CREATEFROMNAME ("SHA1") 和 HashAlgorithm. 的配置运行时的配置。 返回对象。 MySHA1HashClassThe following example shows how to configure the runtime so that System.Security.Cryptography.SHA1.Create, System.Security.CryptoConfig.CreateFromName("SHA1"), and System.Security.Cryptography.HashAlgorithm.Create return a MySHA1HashClass object.

<configuration>  
   <!-- Other configuration settings. -->  
   <mscorlib>  
      <cryptographySettings>  
         <cryptoNameMapping>  
            <cryptoClasses>  
               <cryptoClass MySHA1Hash="MySHA1HashClass, MyAssembly  
                  Culture='en', PublicKeyToken=a5d015c7d5a0b012,  
                  Version=1.0.0.0"/>  
            </cryptoClasses>  
            <nameEntry name="SHA1" class="MySHA1Hash"/>  
            <nameEntry name="System.Security.Cryptography.SHA1"  
                       class="MySHA1Hash"/>  
            <nameEntry name="System.Security.Cryptography.HashAlgorithm"  
                       class="MySHA1Hash"/>  
         </cryptoNameMapping>  
      </cryptographySettings>  
   </mscorlib>  
</configuration>  

您可以在< 的 cryptoClass>元素中指定属性的名称 (上一个示例将属性MySHA1Hash命名为)。You can specify the name of the attribute in the <cryptoClass> element (the previous example names the attribute MySHA1Hash). CryptoClass > 元素中 < 属性的值是公共语言运行时用来查找类的字符串。The value of the attribute in the <cryptoClass> element is a string that the common language runtime uses to find the class. 您可以使用满足指定完全限定的类型名称中指定的要求的任何字符串。You can use any string that meets the requirements specified in Specifying Fully Qualified Type Names.

许多算法名称可以映射到同一个类。Many algorithm names can map to the same class. Y > 元素将类映射到一个友好算法名称。 <The <nameEntry> element maps a class to one friendly algorithm name. Name属性可以是在调用CryptoConfig. cryptoconfig.createfromname方法时使用的字符串, 也可以是System.Security.Cryptography命名空间中抽象加密类的名称。The name attribute can be either a string that is used when calling the System.Security.Cryptography.CryptoConfig.CreateFromName method or the name of an abstract cryptography class in the System.Security.Cryptography namespace. Class特性的值是 <cryptoClass > 元素中的特性的名称。The value of the class attribute is the name of the attribute in the <cryptoClass> element.

备注

可以通过调用SHA1.CreateCryptoConfig. cryptoconfig.createfromname ("SHA1") 方法获取 SHA1 算法。You can get an SHA1 algorithm by calling the SHA1.Create or the Security.CryptoConfig.CreateFromName("SHA1") method. 每个方法仅保证返回实现 SHA1 算法的对象。Each method guarantees only that it returns an object that implements the SHA1 algorithm. 不需要将算法的每个友好名称映射到配置文件中的相同类。You do not have to map each friendly name of an algorithm to the same class in the configuration file.

有关默认名称及其映射到的类的列表, 请参阅CryptoConfigFor a list of default names and the classes they map to, see CryptoConfig.

请参阅See also