1

我有一个程序,我可以在其中编写和读取配置文件。当我写作时,我使用 vb.net 中的 RijndaelManaged 对象加密整个文件,当我阅读时,我使用相同的密钥和初始化向量值解密。

在我的开发机器和许多其他机器上一切正常。但是,某些 PC 无法使用相同的程序加密/解密文件。

这个加密对象中是否有任何东西可以阻止它,你会推荐使用什么?

谢谢

编辑:这是我用来加密和解密的代码:据我所知,如果我从我的主机加密字节,我可以从任何 PC 上解密它。但是,如果我从另一台 PC 加密字节,我无法从任何 PC 解密它。另外,当我查看文件的内容时,它们看起来根本不一样。请注意,我通常采用的方法是从文件(通常是 XML)创建一个内存流,然后加密/解密。

Public Shared Function EncryptBytes(ByVal strContenu() As Byte, ByVal initVectorBytes() As Byte, ByVal saltValueBytes() As Byte) As Byte()

    ' Convert our plaintext into a byte array.
    ' Let us assume that plaintext contains UTF8-encoded characters.
    Dim plainTextBytes As Byte() = strContenu
    'plainTextBytes = System.Text.Encoding.Unicode.GetBytes(strMessage)

    Dim strPassPhrase As String = "d%6&?76dhd8?532LDhds8!7?&?8&?dhcv77"

    Dim strHashAlgorithm As String = "SHA1"

    Dim intPswdIterations As Integer = 2

    ' First, we must create a password, from which the key will be derived.
    ' This password will be generated from the specified passphrase and 
    ' salt value. The password will be created using the specified hash 
    ' algorithm. Password creation can be done in several iterations.
    Dim password As PasswordDeriveBytes
    password = New PasswordDeriveBytes(strPassPhrase, _
                                       saltValueBytes, _
                                       strHashAlgorithm, _
                                       intPswdIterations)

    ' Use the password to generate pseudo-random bytes for the encryption
    ' key. Specify the size of the key in bytes (instead of bits).
    Dim keyBytes As Byte()
    keyBytes = password.GetBytes(32)

    ' Create uninitialized Rijndael encryption object.
    Dim symmetricKey As RijndaelManaged
    symmetricKey = New RijndaelManaged()

    ' It is reasonable to set encryption mode to Cipher Block Chaining
    ' (CBC). Use default options for other symmetric key parameters.
    symmetricKey.Mode = CipherMode.CBC

    ' Generate encryptor from the existing key bytes and initialization 
    ' vector. Key size will be defined based on the number of the key 
    ' bytes.
    Dim encryptor As ICryptoTransform
    encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes)

    ' Define memory stream which will be used to hold encrypted data.
    Dim memoryStream As System.IO.MemoryStream
    memoryStream = New System.IO.MemoryStream()

    ' Define cryptographic stream (always use Write mode for encryption).
    Dim cryptoStream As CryptoStream
    cryptoStream = New CryptoStream(memoryStream, _
                                    encryptor, _
                                    CryptoStreamMode.Write)
    ' Start encrypting.
    cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length)

    ' Finish encrypting.
    cryptoStream.FlushFinalBlock()

    ' Convert our encrypted data from a memory stream into a byte array.
    Dim cipherTextBytes As Byte()
    cipherTextBytes = memoryStream.ToArray()

    ' Close both streams.
    memoryStream.Close()
    cryptoStream.Close()

    ' Convert encrypted data into a base64-encoded string.
    'Dim cipherText As String
    'cipherText = 
    Return cipherTextBytes

    ' Return encrypted string.
    'Return cipherText

End Function

Public Shared Function DecryptBytes(ByVal strContenuEncrypte() As Byte, ByVal initVectorBytes() As Byte, ByVal saltValueBytes() As Byte) As Byte()

    ' Convert strings defining encryption key characteristics into byte
    ' arrays. Let us assume that strings only contain ASCII codes.
    ' If strings include Unicode characters, use Unicode, UTF7, or UTF8
    ' encoding.

    ' Convert our ciphertext into a byte array.
    Dim cipherTextBytes As Byte() = strContenuEncrypte

    Dim strPassPhrase As String = "d%6&?76dhd8DSDhds8!7?&?8&?dhcv77"

    Dim strHashAlgorithm As String = "SHA1"

    Dim intPswdIterations As Integer = 2

    ' First, we must create a password, from which the key will be 
    ' derived. This password will be generated from the specified 
    ' passphrase and salt value. The password will be created using
    ' the specified hash algorithm. Password creation can be done in
    ' several iterations.
    Dim password As PasswordDeriveBytes
    password = New PasswordDeriveBytes(strPassPhrase, _
                                       saltValueBytes, _
                                       strHashAlgorithm, _
                                       intPswdIterations)

    ' Use the password to generate pseudo-random bytes for the encryption
    ' key. Specify the size of the key in bytes (instead of bits).
    Dim keyBytes As Byte()
    keyBytes = password.GetBytes(32)

    ' Create uninitialized Rijndael encryption object.
    Dim symmetricKey As RijndaelManaged
    symmetricKey = New RijndaelManaged()

    ' It is reasonable to set encryption mode to Cipher Block Chaining
    ' (CBC). Use default options for other symmetric key parameters.
    symmetricKey.Mode = CipherMode.CBC

    ' Generate decryptor from the existing key bytes and initialization 
    ' vector. Key size will be defined based on the number of the key 
    ' bytes.
    Dim decryptor As ICryptoTransform
    decryptor = symmetricKey.CreateDecryptor(keyBytes, initVectorBytes)

    ' Define memory stream which will be used to hold encrypted data.
    Dim memoryStream As System.IO.MemoryStream
    memoryStream = New System.IO.MemoryStream(cipherTextBytes)

    ' Define memory stream which will be used to hold encrypted data.
    Dim cryptoStream As CryptoStream
    cryptoStream = New CryptoStream(memoryStream, _
                                    decryptor, _
                                    CryptoStreamMode.Read)

    ' Since at this point we don't know what the size of decrypted data
    ' will be, allocate the buffer long enough to hold ciphertext;
    ' plaintext is never longer than ciphertext.
    Dim plainTextBytes As Byte()
    ReDim plainTextBytes(cipherTextBytes.Length)

    ' Start decrypting.
    Dim decryptedByteCount As Integer
    decryptedByteCount = cryptoStream.Read(plainTextBytes, _
                                           0, _
                                           plainTextBytes.Length)

    ' Close both streams.
    memoryStream.Close()
    cryptoStream.Close()

    ' Convert decrypted data into a string. 
    ' Let us assume that the original plaintext string was UTF8-encoded.
    Dim plainText As String
    plainText = System.Text.Encoding.Unicode.GetString(plainTextBytes, _
                                        0, _
                                        decryptedByteCount)

    ' Return decrypted string.
    Return plainTextBytes


End Function
4

3 回答 3

1

如果您使用 Mono 而不是普通的 .NET 作为运行时,那么PasswordDeriveBytes任何高于 20 的输出都会失败。PasswordDeriveBytes当请求的输出多于哈希输出可以提供的输出时,使用未知的、专有的、非确定性的、损坏的、密码不安全的方法内PasswordDeriveBytes这已被 Mono 开发人员标记为不可修复。.

最好的办法是升级到Rfc2898DeriveBytes,它实现了 PBKDF2 而不是 PBKDF1。PBKDF2 定义了如何扩展输出量,因此所有实现都应该按照指定的方式运行。

如果您需要比散列函数提供的更多输出,那么使用 KBKDF(例如 HKDF)比 PBKDF2 的输出更安全。PKBDF2 需要另一轮完整的轮次来创建更多数据,这可能有利于攻击者而不是普通用户,并且会根据请求的字节数增加两倍或三倍的 CPU 负载。

[编辑]

另请注意,它的构造函数PasswordDeriveBytes采用密码字符串并没有指定要使用的字符编码,因此最好在将其提供给构造函数之前将其转换为字节。

根据大多数观察结果,两者似乎都使用 UTF-8 - 请注意其他运行时(例如 Java)在这方面可能会有所不同。

于 2012-11-20T21:05:58.980 回答
0

您不能将 120Gb 文件上传到 byte()。或者你有一些疯狂的机器。尝试在 Ram 中逐字节上传

Dim fStream As FileStream = New FileStream("Encrypted.Encrypted", FileMode.Create)
        Dim cryptoStream As New CryptoStream(fStream, Encryptor, CryptoStreamMode.Write)
        Using UploadFile As FileStream = New FileStream(OpenfileDialog.FileName, FileMode.Open)
            For i = 0 To UploadFile.Length - 1
                Dim NewByte As New Byte
                NewByte = UploadFile.ReadByte
                cryptoStream.WriteByte(NewByte)
            Next
        End Using

        cryptoStream.FlushFinalBlock()
        cryptoStream.Close()
        fStream.Close()
于 2015-01-28T10:23:15.127 回答
0

一个疯狂的猜测:您是在文本模式下编写和读取文件吗?当加密数据恰好包含 0x1A(EOF,ctrl-z)时,读取可能会过早停止,并且您解密到几个字节。

于 2012-11-20T18:29:34.900 回答