给定密钥加密和解密字符串 [英] encrypt and decrypt string given key

问题描述

我继承了下面的代码。不幸的是，hello_world的解密值不是：

I inherited the code below. Unfortunately, the decrypted value of hello_world is not:

hello world

但是（以我为例）：

&�|ktR���ڼ��S����%��< ���8�

有什么想法吗？似乎每次的结果都不同，这在给定代码的情况下是显而易见的。我可以更改此设置，以便发送一次加密的数据，以后再解密吗？谢谢！

Any ideas? It also appears that the result is different every time, which is kind of obvious given the code. Could I change this so that I can send the data encryted once and then decrypt in the future again? Thanks!

代码：

using System;
using System.IO;
using System.Security.Cryptography;

namespace crypt
{
    class Program
    {
        static void Main(string[] args)
        {
            var key = @"abcdefghijklmnopqrstuvw==";

            using (var aesAlg = Aes.Create())
            {
                aesAlg.Mode = CipherMode.CBC;
                aesAlg.Padding = PaddingMode.PKCS7;
                aesAlg.Key = Convert.FromBase64String(key);
                aesAlg.GenerateIV();
                var encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);

                var enc_hello_world = EncryptProperty(encryptor, "hello world");

                var hello_world = DecryptProperty(encryptor, enc_hello_world);
            }

        }
        private static string EncryptProperty(ICryptoTransform encryptor, string valueToEncrypt)
        {
            byte[] encrypted;
            using (var msEncrypt = new MemoryStream())
            {
                using (var csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
                {
                    using (var swEncrypt = new StreamWriter(csEncrypt))
                    {
                        swEncrypt.Write(valueToEncrypt);
                    }
                    encrypted = msEncrypt.ToArray();
                }
            }
            return Convert.ToBase64String(encrypted);
        }

        private static string DecryptProperty(ICryptoTransform decryptor, string valueToDecrypt)
        {
            string decrypted;

            using (var msDecrypt = new MemoryStream(Convert.FromBase64String(valueToDecrypt)))
            {
                using (var csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
                {
                    using (var srDecrypt = new StreamReader(csDecrypt))
                    {
                        decrypted = srDecrypt.ReadToEnd();
                    }
                }
            }
            return decrypted;
        }
    }
}

推荐答案

AES-CBC需要两个变量来编码和解码数据：密钥和IV（初始化向量）。初始化向量可以纯文本形式发送，不会导致加密的安全性变差。

AES-CBC requires two variables to encode and decode data: key and IV (initialization vector). Initialization vector can be sent in plaintext and it doesn't result in worse security of your encryption.

aesAlg.GenerateIV();

这是创建IV的位置，您需要存储此位置（我将其添加到

This is where your IV gets created, you need to store this (I do this by prepending that to the resulting data) and then access it and set the IV when decrypting.

您也可以使用空的IV，但这将使攻击者更容易公开您的密钥，因此，不建议这样做。

You could also use an empty IV but this will make it easier for attackers to expose your key, so this is not recommended.

以下是C＃中AES的一个很好的示例： https://gist.github.com/mark-adams/87aa34da3a5ed48ed0c7 （似乎正在使用我提到的方法）。

Here is a good example of AES in C#: https://gist.github.com/mark-adams/87aa34da3a5ed48ed0c7 (it seems to be using the method I've mentioned).

这篇关于给定密钥加密和解密字符串的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！