使用 TripleDES 在 .net 核心中加密 [英] encrypt in .net core with TripleDES

问题描述

public static string Encrypt(string toEncrypt, string secretKey)
    {
        byte[] keyArray;
        byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes(toEncrypt);

        var md5Serv = System.Security.Cryptography.MD5.Create();
        keyArray = md5Serv.ComputeHash(UTF8Encoding.UTF8.GetBytes(secretKey));
        md5Serv.Dispose();


        var tdes = System.Security.Cryptography.TripleDES.Create();


        //set the secret key for the tripleDES algorithm
        tdes.Key = keyArray;
        //mode of operation. there are other 4 modes.
        //We choose ECB(Electronic code Book)
        tdes.Mode = CipherMode.ECB;
        //padding mode(if any extra byte added)

        tdes.Padding = PaddingMode.PKCS7;

        ICryptoTransform cTransform = tdes.CreateEncryptor();
        //transform the specified region of bytes array to resultArray
        byte[] resultArray =
          cTransform.TransformFinalBlock(toEncryptArray, 0,
          toEncryptArray.Length);
        //Release resources held by TripleDes Encryptor
        tdes.Dispose();
        //Return the encrypted data into unreadable string format
        return Convert.ToBase64String(resultArray, 0, resultArray.Length);
    }

secretkey = 16 个字符的字符串

secretkey = 16 character of string

在这一行:

tdes.Key = keyArray;

我收到此错误:Message = "指定的密钥不是此算法的有效大小."

i get this error: Message = "Specified key is not a valid size for this algorithm."

错误信息截图

如何在asp.net core 1.1.0中解决这个问题?如何将字节[16]转换为字节[24]?

how to solved this problem in asp.net core 1.1.0? how to convert byte[16] to byte[24]?

更新帖子

感谢您的帮助 :) 但是！

thanks For Help :) but!

我在 .Net Framework 4.6.2 中使用此代码进行加密:

I use this code in .Net Framework 4.6.2 for encrypt:

public static string Encrypt(string toEncrypt, string secretKey)
{
    byte[] keyArray;
    byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes(toEncrypt);

    System.Configuration.AppSettingsReader settingsReader = new AppSettingsReader();


        MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();
        keyArray = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes(secretKey));

        hashmd5.Clear();



    TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
    //set the secret key for the tripleDES algorithm
    tdes.Key = keyArray;
    //mode of operation. there are other 4 modes.
    //We choose ECB(Electronic code Book)
    tdes.Mode = CipherMode.ECB;
    //padding mode(if any extra byte added)

    tdes.Padding = PaddingMode.PKCS7;

    ICryptoTransform cTransform = tdes.CreateEncryptor();
    //transform the specified region of bytes array to resultArray
    byte[] resultArray =
      cTransform.TransformFinalBlock(toEncryptArray, 0,
      toEncryptArray.Length);
    //Release resources held by TripleDes Encryptor
    tdes.Clear();
    //Return the encrypted data into unreadable string format
    return Convert.ToBase64String(resultArray, 0, resultArray.Length);
}

并在 .Net Core 1.1 中使用它:

and Use this in .Net Core 1.1 :

public static string Encrypt(string toEncrypt, string secretKey)
{
    byte[] keyArray;
    byte[] resultArray;
    byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes(toEncrypt);

    using (var md5Serv = System.Security.Cryptography.MD5.Create())
    {
        keyArray = md5Serv.ComputeHash(UTF8Encoding.Unicode.GetBytes(secretKey));
        if(keyArray.Length==16)
        {
            byte[] tmp = new byte[24];
            Buffer.BlockCopy(keyArray, 0, tmp, 0, keyArray.Length);
            Buffer.BlockCopy(keyArray, 0, tmp, keyArray.Length, 8);
            keyArray = tmp;
        }
    }

    using (var tdes = System.Security.Cryptography.TripleDES.Create())
    {
        //set the secret key for the tripleDES algorithm
        tdes.Key = keyArray;
        //mode of operation. there are other 4 modes.
        //We choose ECB(Electronic code Book)
        tdes.Mode = CipherMode.ECB;
        //padding mode(if any extra byte added)

        tdes.Padding = PaddingMode.PKCS7;

        ICryptoTransform cTransform = tdes.CreateEncryptor();
        //transform the specified region of bytes array to resultArray
        resultArray =
          cTransform.TransformFinalBlock(toEncryptArray, 0,
          toEncryptArray.Length);
    }

    //Return the encrypted data into unreadable string format
    return Convert.ToBase64String(resultArray, 0, resultArray.Length);
}

但我不知道为什么这些方法会给我不同的结果?！

推荐答案

if (key.Length == 16)
{
    byte[] tmp = new byte[24];
    Buffer.BlockCopy(key, 0, tmp, 0, key.Length);
    Buffer.BlockCopy(key, 0, tmp, key.Length, 8);
    key = tmp;
}

这会将您的 2DES 密钥(k1、k2)转换为 3DES 密钥(k1、k2、k1).FWIW，这已针对 .NET Core 2.0 (https://github.com/dotnet/corefx/issues/9966).

That will turn your 2DES key (k1, k2) into the 3DES key (k1, k2, k1). FWIW, this has been fixed for .NET Core 2.0 (https://github.com/dotnet/corefx/issues/9966).

那么，现在您的代码将再次运行.尽管如此，正如其他人在评论中指出的那样，您的代码中有很多事情在现代标准中不被认为是密码学上合理的.您应该强烈考虑将此作为增强加密的机会.(如果你不能因为它不能使用已经存在的数据"，那么你应该利用这个机会为你的数据添加加密敏捷性，以允许你随着时间的推移转向不同的密钥方案和/或算法.)

So, now your code will work again. Though, as others have pointed out in comments, there's a lot going on in your code which is not considered cryptologically sound by modern standards. You should strongly consider taking this as an opportunity to enhance your encryption. (If you can't "because then it can't work with already existing data" then you should take this opportunity to add crypto-agility to your data, to permit you to move to different key schemes and/or algorithms over time.)

这篇关于使用 TripleDES 在 .net 核心中加密的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！