0

我必须以加密格式将密码字段存储在 SQL Server 数据库中,并且必须在用户登录系统时对其进行解密。加密部分工作正常。但是我在解密部分收到错误消息,即“Base-64 char array 的长度无效” 

byte[] todecode_byte = Convert.FromBase64String(encryptpwd);

解密模块。

private string Encryptdata(string password)
{
        string encryptpwd = string.Empty;
        byte[] encode = new byte[password.Length];
        encode = Encoding.UTF8.GetBytes(password);
        encryptpwd = Convert.ToBase64String(encode);
        return encryptpwd;
}

private string Decryptdata(string encryptpwd)
{
        string decryptpwd = string.Empty;
        UTF8Encoding encodepwd = new UTF8Encoding();
        Decoder Decode = encodepwd.GetDecoder();
        byte[] todecode_byte = Convert.FromBase64String(encryptpwd); //here I am getting error as "Invalid length for a Base-64 char array"
        int charCount = Decode.GetCharCount(todecode_byte, 0, todecode_byte.Length);
        char[] decoded_char = new char[charCount];
        Decode.GetChars(todecode_byte, 0, todecode_byte.Length, decoded_char, 0);
        decryptpwd = new String(decoded_char);
        return decryptpwd;
}

输入数据:prabu
加密数据:cHJhYnU=

4

3 回答 3

0

你有一个错误,因为你的代码是这样的:

    string password = "prabu";
    string encryptdata = Encryptdata(password);
    string decryptdata = Decryptdata(password);
于 2012-09-25T06:41:23.600 回答
0

我们没有保存加密的用户密码并对其进行解密以执行身份验证,而是将密码保存为加盐哈希,其中每次存储新密码时都会自动生成盐(盐和哈希存储在数据库中) .

为了验证登录尝试,我们为登录期间提供的密码生成一个哈希,但使用我们在最初设置密码时存储的盐。然后要验证登录,只需比较两个哈希值。

例如,如果您选择 SHA1 哈希函数:

using System;
using System.Security.Cryptography;

public interface ISaltedHash
{
    /// <summary>
    /// Gets the hash.
    /// </summary>
    string Hash
    {
        get;
    }

    /// <summary>
    /// Gets the salt.
    /// </summary>
    string Salt
    {
        get;
    }
}

public class SaltedHashProvider
{
    #region Fields

    private int m_saltLength = 6;

    #endregion // Fields

    #region Public Methods

    /// <summary>
    /// Encrypts data with the a salted SHA1 algorith. 
    /// The salt will be automatically generated.
    /// </summary>
    /// <param name="value">Value to be encrypted.</param>
    /// <returns>The encrypted data.</returns>
    public ISaltedHash EncryptWithSalt( string value )
    {
        string salt = CreateSalt();

        string hash = Encrypt( salt + value );

        return new SaltedHash
        {
            Hash = hash,
            Salt = salt
        };
    }

    /// <summary>
    /// Encrypts data with the a salted SHA1 algorith. 
    /// </summary>
    /// <param name="value">Value to be encrypted.</param>
    /// <param name="salt">Salt to be used when encypting the value.</param>
    /// <returns>The encrypted data.</returns>
    public ISaltedHash EncryptWithSalt( string value, string salt )
    {
        string hash = Encrypt( salt + value );

        return new SaltedHash
        {
            Hash = hash,
            Salt = salt
        };
    }

    #endregion // Public Methods

    #region Helper Methods

    /// <summary>
    /// Creates salt.
    /// </summary>
    /// <returns>A base64 salt string.</returns>
    private string CreateSalt()
    {
        byte[] saltBlob = CreateRandomBytes(m_saltLength);

        return Convert.ToBase64String(saltBlob);
    }

    /// <summary>
    /// Encrypts data with the SHA1 algorithm.
    /// </summary>
    /// <param name="value">Value to be encrypted.</param>
    /// <returns>The encrypted data.</returns>
    private string Encrypt( string value )
    {
        byte[] blob = ToByteArray( value );

        byte[] hash = ComputeHash( blob );

        return Convert.ToBase64String( hash );
    }

    /// <summary>
    /// Computes the hash value for the specified byte array.
    /// </summary>
    /// <param name="blob">The input to commute the hash for.</param>
    /// <returns>The computed hash code.</returns>
    private byte[] ComputeHash( byte[] blob )
    {
        return new SHA1CryptoServiceProvider().ComputeHash( blob );
    }

    /// <summary>
    /// Gets a UTF8 byte array encoding for the specified character array.
    /// </summary>
    /// <param name="value">The input containing characters to be encoded.</param>
    /// <returns>The UTF8 encoded array.</returns>
    private byte[] ToByteArray( string value )
    {
        return System.Text.Encoding.UTF8.GetBytes( value );
    }

    /// <summary>
    /// Creates a random byte array.
    /// </summary>
    /// <param name="length">Length of array to be generated.</param>
    /// <returns>A random byte array.</returns>
    private static byte[] CreateRandomBytes( int length )
    {
        byte[] blob = new byte[length];

        new RNGCryptoServiceProvider().GetBytes( blob );

        return blob;
    }

    #endregion // Helper Methods
}
于 2012-09-25T07:30:40.677 回答
0 
private string Decrypt(string cipherText)
        {
            string EncryptionKey = "MAKV2SPBNI99212";
            byte[] cipherBytes = Convert.FromBase64String(cipherText);
            using (Aes encryptor = Aes.Create())
            {
                Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
                encryptor.Key = pdb.GetBytes(32);
                encryptor.IV = pdb.GetBytes(16);
                using (MemoryStream ms = new MemoryStream())
                {
                    using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateDecryptor(), CryptoStreamMode.Write))
                    {
                        cs.Write(cipherBytes, 0, cipherBytes.Length);
                        cs.Close();
                    }
                    cipherText = Encoding.Unicode.GetString(ms.ToArray());
                }
            }
            return cipherText;
        }
于 2017-11-15T08:38:08.850 回答