如何保证Socket传输数据的安全
发布时间:2019-04-29 11:43:00 来源: 互盟云
服务器与客户端进行数据传输要考虑到效率和安全的问题,那么就需要对数据包体进行重新定义,包括加密,数据校验,包体内容以及数据长度组成。
首先对数据进行压缩,压缩是有条件的,当数据的长度大于某个长度的时候进行压缩,压缩工具是一个开源的压缩工具。
//1.如果数据包的长度大于了m_CompressLen则进行压缩
boolisCompress=data.Length>m_CompressLen?true:false;
if(isCompress)
{
data=ZlibHelper.CompressBytes(data);
}
接着我们对数据进行加密,加密使用异或的方式,异或因子是我们自己定的,这样可以实现数据只有我们自己的异或因子能解开。
data=SecurityUtil.Xor(data);
publicsealedclassSecurityUtil
{
///异或因子
privatestaticreadonlybyte[]xorScale=newbyte[]{45,66,38,55,23,254,9,165,90,19,41,45,201,58,55,37,254,185,165,169,19,171};//.data文件的xor加解密因子
#endregion
privateSecurityUtil()
{
}
///对数组进行异或
publicstaticbyte[]Xor(byte[]buffer)
{
//------------------
//第3步:xor解密
//------------------
intiScaleLen=xorScale.Length;
for(inti=0;i<buffer.Length;i++)
{
buffer[i]=(byte)(buffer[i]^xorScale[i%iScaleLen]);
}
returnbuffer;
}
}
之后对处理后的数据进行crc校验,循环冗余检查(CRC)是一种数据传输检错功能,对数据进行多项式计算,并将得到的结果附在帧的后面,接收设备也执行类似的算法,以保证数据传输的正确性和完整性。
ushortcrc=Crc16.CalculateCrc16(data);
publicclassCrc16
{
//TableofCRCvaluesforhigh-orderbyte
privatestaticreadonlybyte[]_auchCRCHi=newbyte[]{0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40,0x01,0xC0,0x80,0x41,0x01,0xC0,0x80,0x41,0x00,0xC1,0x81,0x40};
//TableofCRCvaluesforlow-orderbyte
privatestaticreadonlybyte[]_auchCRCLo=newbyte[]{0x00,0xC0,0xC1,0x01,0xC3,0x03,0x02,0xC2,0xC6,0x06,0x07,0xC7,0x05,0xC5,0xC4,0x04,0xCC,0x0C,0x0D,0xCD,0x0F,0xCF,0xCE,0x0E,0x0A,0xCA,0xCB,0x0B,0xC9,0x09,0x08,0xC8,0xD8,0x18,0x19,0xD9,0x1B,0xDB,0xDA,0x1A,0x1E,0xDE,0xDF,0x1F,0xDD,0x1D,0x1C,0xDC,0x14,0xD4,0xD5,0x15,0xD7,0x17,0x16,0xD6,0xD2,0x12,0x13,0xD3,0x11,0xD1,0xD0,0x10,0xF0,0x30,0x31,0xF1,0x33,0xF3,0xF2,0x32,0x36,0xF6,0xF7,0x37,0xF5,0x35,0x34,0xF4,0x3C,0xFC,0xFD,0x3D,0xFF,0x3F,0x3E,0xFE,0xFA,0x3A,0x3B,0xFB,0x39,0xF9,0xF8,0x38,0x28,0xE8,0xE9,0x29,0xEB,0x2B,0x2A,0xEA,0xEE,0x2E,0x2F,0xEF,0x2D,0xED,0xEC,0x2C,0xE4,0x24,0x25,0xE5,0x27,0xE7,0xE6,0x26,0x22,0xE2,0xE3,0x23,0xE1,0x21,0x20,0xE0,0xA0,0x60,0x61,0xA1,0x63,0xA3,0xA2,0x62,0x66,0xA6,0xA7,0x67,0xA5,0x65,0x64,0xA4,0x6C,0xAC,0xAD,0x6D,0xAF,0x6F,0x6E,0xAE,0xAA,0x6A,0x6B,0xAB,0x69,0xA9,0xA8,0x68,0x78,0xB8,0xB9,0x79,0xBB,0x7B,0x7A,0xBA,0xBE,0x7E,0x7F,0xBF,0x7D,0xBD,0xBC,0x7C,0xB4,0x74,0x75,0xB5,0x77,0xB7,0xB6,0x76,0x72,0xB2,0xB3,0x73,0xB1,0x71,0x70,0xB0,0x50,0x90,0x91,0x51,0x93,0x53,0x52,0x92,0x96,0x56,0x57,0x97,0x55,0x95,0x94,0x54,0x9C,0x5C,0x5D,0x9D,0x5F,0x9F,0x9E,0x5E,0x5A,0x9A,0x9B,0x5B,0x99,0x59,0x58,0x98,0x88,0x48,0x49,0x89,0x4B,0x8B,0x8A,0x4A,0x4E,0x8E,0x8F,0x4F,0x8D,0x4D,0x4C,0x8C,0x44,0x84,0x85,0x45,0x87,0x47,0x46,0x86,0x82,0x42,0x43,0x83,0x41,0x81,0x80,0x40};
///<summary>
///获得CRC16效验码
///</summary>
///<paramname="buffer"></param>
///<returns></returns>
publicstaticushortCalculateCrc16(byte[]buffer)
{
bytecrcHi=0xff;//highcrcbyteinitialized
bytecrcLo=0xff;//lowcrcbyteinitialized
for(inti=0;i<buffer.Length;i++)
{
intcrcIndex=crcHi^buffer[i];
//calculatethecrclookupindex
crcHi=(byte)(crcLo^_auchCRCHi[crcIndex]);
crcLo=_auchCRCLo[crcIndex];
}
return(ushort)(crcHi<<8|crcLo);
}
}
1
最后来写入数据,写入包体长度(包体还包括了长度,是否压缩标识,和crc标识,所以+3长度),用来在接收数据的时候判断数据是否接收完成,写入是否压缩的标识,写入crc校验码,最后写入处理完的数据。
using(MMO_MemoryStreamms=newMMO_MemoryStream())
{
ms.WriteUShort((ushort)(data.Length+3));
ms.WriteBool(isCompress);
ms.WriteUShort(crc);
ms.Write(data,0,data.Length);
retBuffer=ms.ToArray();
}
returnretBuffer;
拆分数据的数据执行相反的顺序即可,当然crc校验码不匹配的话,就不执行相应的数据处理。
byte[]bufferNew=newbyte[buffer.Length-3];
boolisCompress=false;
ushortcrc=0;
using(MMO_MemoryStreamms=newMMO_MemoryStream(buffer))
{
isCompress=ms.ReadBool();
crc=ms.ReadUShort();
ms.Read(bufferNew,0,bufferNew.Length);
}
//先crc
intnewCrc=Crc16.CalculateCrc16(bufferNew);
if(newCrc==crc)
{
//异或得到原始数据
bufferNew=SecurityUtil.Xor(bufferNew);
if(isCompress)
{
bufferNew=ZlibHelper.DeCompressBytes(bufferNew);
}
ushortprotoCode=0;
byte[]protoContent=newbyte[bufferNew.Length-2];
using(MMO_MemoryStreamms=newMMO_MemoryStream(bufferNew))
{
//协议编号
protoCode=ms.ReadUShort();
ms.Read(protoContent,0,protoContent.Length);
SocketDispatcher.Instance.Dispatch(protoCode,protoContent);
}
}
else
{
break;
}
Socket数据安全我们介绍完了,之后我们还会对Web的安全进行介绍。
大家感兴趣可以关注此公众号,Unity游戏开发大本营,我会经常在这里分享游戏开发相关的文章。
本文来源:
https://www.humengyun.com/news-view-643.html