如何添加和检索TDES IV（初始化向量）的加密字符串 [英] How to add and retrieve TDES IV (Initialization Vector) in encrypted string

问题描述

我工作的一个MVC应用程序超过净，以确保我的敏感信息，如在web.config中我有两个功能，加密和解密使用Triple DES资料信息，不过，我是新来的这一点，成功到达到这里通过朋友的帮助，并询问一些问题在这里。

在这里我现在卡住问题的关键是如何添加TDES IV（初始化向量）的加密字符串的结束，怎么也重新找回它，而解密？我的意思是你会如何在一个加密的信息识别，从这里 IV（初始化向量）明星？

请帮助。

 公共静态字符串加密（字符串消息）
    {
        字节[] IV;
        byte []的结果;
        System.Text.UTF8Encoding UTF8 =新System.Text.UTF8Encoding（）;
        MD5CryptoServiceProvider HashProvider =新MD5CryptoServiceProvider（）;
        byte []的TDESKey = HashProvider.ComputeHash（UTF8.GetBytes（GetSHA256String（）））;
        TripleDESCryptoServiceProvider TDESAlgorithm =新TripleDESCryptoServiceProvider（）;
        TDESAlgorithm.Key = TDESKey;
        TDESAlgorithm.Mode = CipherMode.ECB;
        TDESAlgorithm.Padding = PaddingMode.PKCS7;
        //捕获随机生成IV
        IV = TDESAlgorithm.IV;
        byte []的D​​ataToEncrypt = UTF8.GetBytes（消息）;
        尝试
        {
            ICryptoTransform的加密器= TDESAlgorithm.CreateEncryptor（）;
            结果= Encryptor.TransformFinalBlock（DataToEncrypt，0，DataToEncrypt.Length）;
            //变种lnght = Results.GetLength（0）;
            //System.Buffer.BlockCopy(iv，0，结果，lnght + 1，iv.Length（））; //怎么样？
        }
        最后
        {
            TDESAlgorithm.Clear（）;
            HashProvider.Clear（）;
        }
        返回Convert.ToBase64String（结果）;
        //返回Encoding.UTF8.GetString（结果）;
    }

    公共静态字符串解密（字符串消息）
    {
        byte []的结果;
        System.Text.UTF8Encoding UTF8 =新System.Text.UTF8Encoding（）;
        MD5CryptoServiceProvider HashProvider =新MD5CryptoServiceProvider（）;
        byte []的TDESKey = HashProvider.ComputeHash（UTF8.GetBytes（GetSHA256String（）））;
        TripleDESCryptoServiceProvider TDESAlgorithm =新TripleDESCryptoServiceProvider（）;
        TDESAlgorithm.Key = TDESKey;
        //加密过程中采用相同的四使用
        //TDESAlgorithm.IV = IV; // 怎么样？
        TDESAlgorithm.Mode = CipherMode.ECB;
        TDESAlgorithm.Padding = PaddingMode.PKCS7;
        尝试
        {
            byte []的D​​ataToDecrypt = Convert.FromBase64String（消息）;
            // byte []的D​​ataToDecrypt = UTF8.GetBytes（消息）;
            // byte []的D​​ataToDecrypt = Encoding.UTF8.GetBytes（消息）;
            ICryptoTransform的解密= TDESAlgorithm.CreateDecryptor（）;
            结果= Decryptor.TransformFinalBlock（DataToDecrypt，0，DataToDecrypt.Length）; //＆LT;＆LT;错误是在这里。
        }
        最后
        {
            TDESAlgorithm.Clear（）;
            HashProvider.Clear（）;
        }
        返回UTF8.GetString（结果）;
    }

...
...
...
 

解决方案

您的问题是，你使用ECB模式。 ECB不支持的IV，并且具有许多不希望的特性。你可以切换到CBC吧。

通常情况下你把IV之前，而不是之后的加密数据。 GameScripting的回答显示了这样做的一个办法。

最后，你的密钥推导看起来可疑，但因为它是不完整的，我不能告诉你，你应该做的在那里。

I’m working on a mvc application over .Net, to secure my sensitive information such as info in web.config I’ve got two functions that encrypts and decrypts information using Triple DES, however I’m new to this and succeeded to reach till here by the help of a friend and asking few question over here.

The point where I’m currently stuck is how can I add TDES IV (Initialization Vector) at the end of the encrypted string and how also retrieve it again while decrypting? I mean how would you identify in an encrypted info that from here the IV (Initialization Vector) stars?

Kindly help.

public static string Encrypt(string Message)
    {
        byte[] iv;
        byte[] Results;
        System.Text.UTF8Encoding UTF8 = new System.Text.UTF8Encoding();
        MD5CryptoServiceProvider HashProvider = new MD5CryptoServiceProvider();
        byte[] TDESKey = HashProvider.ComputeHash(UTF8.GetBytes(GetSHA256String()));
        TripleDESCryptoServiceProvider TDESAlgorithm = new TripleDESCryptoServiceProvider();
        TDESAlgorithm.Key = TDESKey;
        TDESAlgorithm.Mode = CipherMode.ECB;
        TDESAlgorithm.Padding = PaddingMode.PKCS7;
        // Capture the randomly generated IV
        iv = TDESAlgorithm.IV;
        byte[] DataToEncrypt = UTF8.GetBytes(Message);
        try
        {
            ICryptoTransform Encryptor = TDESAlgorithm.CreateEncryptor();
            Results = Encryptor.TransformFinalBlock(DataToEncrypt, 0, DataToEncrypt.Length);
            //var lnght=Results.GetLength(0);
            //System.Buffer.BlockCopy(iv, 0, Results, lnght + 1, iv.Length()); //HOW?
        }
        finally
        {
            TDESAlgorithm.Clear();
            HashProvider.Clear();
        }
        return Convert.ToBase64String(Results);
        //return Encoding.UTF8.GetString(Results);
    }

    public static string Decrypt(string Message)
    {
        byte[] Results;
        System.Text.UTF8Encoding UTF8 = new System.Text.UTF8Encoding();
        MD5CryptoServiceProvider HashProvider = new MD5CryptoServiceProvider();
        byte[] TDESKey = HashProvider.ComputeHash(UTF8.GetBytes(GetSHA256String()));
        TripleDESCryptoServiceProvider TDESAlgorithm = new TripleDESCryptoServiceProvider();
        TDESAlgorithm.Key = TDESKey;
        // Apply the same IV used during encryption
        //TDESAlgorithm.IV = iv;  // HOW?
        TDESAlgorithm.Mode = CipherMode.ECB;
        TDESAlgorithm.Padding = PaddingMode.PKCS7;
        try
        {
            byte[] DataToDecrypt = Convert.FromBase64String(Message);
            //byte[] DataToDecrypt = UTF8.GetBytes(Message);
            //byte[] DataToDecrypt = Encoding.UTF8.GetBytes(Message);
            ICryptoTransform Decryptor = TDESAlgorithm.CreateDecryptor();
            Results = Decryptor.TransformFinalBlock(DataToDecrypt, 0, DataToDecrypt.Length); // << ERROR is here.
        }
        finally
        {
            TDESAlgorithm.Clear();
            HashProvider.Clear();
        }
        return UTF8.GetString(Results);
    }

…
…
…

解决方案

Your problem is that you're using ECB mode. ECB doesn't support IVs, and has a number of undesirable properties. You could switch to CBC instead.

Typically you put the IV before and not after the encrypted data. GameScripting's answer shows one way to do that.

Finally your key derivation looks dubious, but since it's incomplete I can't tell you what you should do there.

这篇关于如何添加和检索TDES IV（初始化向量）的加密字符串的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！