无法解密第二台计算机上的数据 [英] Unable to Decrypt data on second computer
问题描述
我有两个应用程序,服务器和客户端,从一台机器上运行的一个,并从第二机器,另外,该服务器是通过使用WebSocket连接数据,该数据被发送到客户端之前加密,该数据它使正确的客户端应用程序,但我想用同样的安全方法解密,与密钥,但我不会工作,它唯一的解密它时,这两个应用都是从同一台计算机上运行。没有任何一个有任何想法,为什么它从不同的机器上运行时,他们的作品时,他们都在同一台机器上运行,但不?
I have two applications, Server and the Client, one running from one machine, and the other from a second machine, the server is passing data using a WebSocket connection, the data is encrypted before is sent to the Client, the data makes it to the Client application correctly but I'm trying to Decrypt it using the same secure method, and Secret Key, but I won't work, it only decrypts it when both apps are run from the same computer. Does any one have any idea why it works when they are run from the same machine, but not when running them from separate machines?
服务器和客户端应用程序中使用此相同。安全的方法
Both Server and Client application use this same Secure Method.
using System.Security.Cryptography;
// ENCRYPT
static byte[] entropy = System.Text.Encoding.Unicode.GetBytes("MY SECRET KEY HERE");
public static string EncryptString(System.Security.SecureString input)
{
byte[] encryptedData = System.Security.Cryptography.ProtectedData.Protect(
System.Text.Encoding.Unicode.GetBytes(ToInsecureString(input)),
entropy,
System.Security.Cryptography.DataProtectionScope.CurrentUser);
return Convert.ToBase64String(encryptedData);
}
public static SecureString DecryptString(string encryptedData)
{
try
{
byte[] decryptedData = System.Security.Cryptography.ProtectedData.Unprotect(
Convert.FromBase64String(encryptedData),
entropy,
System.Security.Cryptography.DataProtectionScope.CurrentUser);
return ToSecureString(System.Text.Encoding.Unicode.GetString(decryptedData));
}
catch
{
return new SecureString();
}
}
public static SecureString ToSecureString(string input)
{
SecureString secure = new SecureString();
foreach (char c in input)
{
secure.AppendChar(c);
}
secure.MakeReadOnly();
return secure;
}
public static string ToInsecureString(SecureString input)
{
string returnValue = string.Empty;
IntPtr ptr = System.Runtime.InteropServices.Marshal.SecureStringToBSTR(input);
try
{
returnValue = System.Runtime.InteropServices.Marshal.PtrToStringBSTR(ptr);
}
finally
{
System.Runtime.InteropServices.Marshal.ZeroFreeBSTR(ptr);
}
return returnValue;
}
// ENCRYPT ENDS
要
string encryptedMessage = EncryptString(ToSecureString("Data to Encrypt Here"));
解密在我使用客户端的数据
SecureString data1 = DecryptString(dataEncryptedReceived);
IntPtr stringPointerData1 = Marshal.SecureStringToBSTR(data1);
string normalStringData1 = Marshal.PtrToStringBSTR(stringPointerData1);
Marshal.ZeroFreeBSTR(stringPointerData1);
同样,只有当我使用从同一台计算机服务器和客户端应用,这一切工作正常,但我尝试使用它们分开,服务器一台机器,而客户机上的另一个也不会解密数据,即使客户端成功地接收到加密的数据。
Again, this all works fine ONLY when I use both Server and Client applications from the same computer, but I try to use them separate, Server on one machine, and Client on another it won't Decrypt the data, even though the Client receives the encrypted data successfully.
请帮助!
感谢。
推荐答案
您正在使用的使用的类=HTTP: //msdn.microsoft.com/en-us/library/ms995355.aspx\">Data保护API(DPAPI)引擎盖下。 DPAPI加密密钥总是因此,当你加密您正在使用密钥的电脑上的数据,当您尝试解密正在使用的键B. DPAPI B电脑上的数据提供了接口的symmetric密文只有如此,才能成功解密数据,你需要使用完全相同的加密和解密相同的密钥。
You are using System.Security.Cryptography.ProtectedData class that uses Data Protection API (DPAPI) under the hood. DPAPI encryption keys are always unique on each computer therefore when you encrypt data on computer A you are using key A and when you try to decrypt the data on the computer B you are using the key B. DPAPI provides interface to symmetric cipher only so in order to decrypt the data successfully you need to use exactly the same key for both encryption and decryption.
我相信你应该改变你的代码,使用不同的加密算法AES,即(通过的 System.Security.Cryptography.AesManaged 类),让大家分享两个不同的机器之间的关键。
I believe you should change your code to use different encryption algorithm i.e. AES (implemented by System.Security.Cryptography.AesManaged class) that will allow you to share the key between two different machines.
这篇关于无法解密第二台计算机上的数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
