解密之前可以确定CryptoStream的长度吗? [英] Can the length of a CryptoStream be determined before decryption?
问题描述
能否在解密数据之前获得解密数据的最终长度?这是一个示例:
Is it possible to get the final length of decrypted data before decrypting it? Here's an example:
RijndaelManaged RMCrypto = new RijndaelManaged();
RMCrypto.Padding = PaddingMode.ISO10126;
Response.Buffer = false;
Response.ClearHeaders();
Response.ClearContent();
Response.AddHeader("Content-length", ??????);
CryptoStream crypto = new CryptoStream(Response.OutputStream, RMCrypto.CreateDecryptor(Key, IV), CryptoStreamMode.Write);
using (Stream orig = GetDataStream())
{
int bufferSize = 100000;
int bytesReceived = bufferSize;
byte[] buffer = new byte[bufferSize];
while (bytesReceived == bufferSize)
{
bytesReceived = orig.Read(buffer, 0, bufferSize);
crypto.Write(buffer, 0, bytesReceived);
}
crypto.FlushFinalBlock();
}
Response.End();
此代码已简化.源数据被加密,并从 GetDataStream()方法中以 Stream 的形式检索.如果不包含 content-length 标头,则浏览器将无法给出完成百分比或估计的时间来下载文件.提前解密流是不可能的,因为该流可能在千兆字节大小范围内,并且可以通过网络读取.
This code has been simplified. The source data is encrypted and is retrieved as a Stream from the GetDataStream() method. If the content-length header is not included, the browser won't be able to give a percent complete or time estimate for downloading the file. Decrypting the stream ahead of time is out of the question because the stream could be in the gigabyte size range and is read over a network.
推荐答案
如果您知道正在使用的分组密码模式和填充模式,那么可以,可以提前确定长度.(例如,如果您使用的是CBC,则可以将倒数第二个密文块用作IV,将最后一个密文块用作实际密文,然后计算存在多少填充字节.)
If you know the block cipher mode and padding mode being used, then yes, it is possible to determine the length ahead of time. (For example, if you're using CBC, then you could use the penultimate ciphertext block as the IV and the final ciphertext block as the actual ciphertext, then calculate how many padding bytes were present.)
大多数开发人员只是去"???"并以一种更轻松的方式解决该问题:在初始加密过程中将纯文本长度存储在某个地方.
Most developers just go "???" at the above and solve the problem in a far easier way: store the plaintext length somewhere during the initial encryption process.
这篇关于解密之前可以确定CryptoStream的长度吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
