1

我使用此代码解密 AES 数据:

public static String decrypt(String ciphertext, String password)
{
    byte[] cipherdata = System.Convert.FromBase64String(ciphertext);

    byte[] iv = new byte[AESBlockSize * 4];
    Array.Copy(cipherdata, 0, iv, 0, iv.Length);

    byte[] input = new byte[cipherdata.Length - iv.Length];
    Array.Copy(cipherdata, iv.Length, input, 0, input.Length);

    Rfc2898DeriveBytes passwordDB = new Rfc2898DeriveBytes(password, iv, PBKDF2Iterations);
    byte[] keyBytes = passwordDB.GetBytes(256 / 8);

    RijndaelManaged symmetricKey = new RijndaelManaged();

    symmetricKey.Mode = CipherMode.CBC;
    symmetricKey.Padding = PaddingMode.ISO10126;

    ICryptoTransform decryptor = symmetricKey.CreateDecryptor(keyBytes, iv);

    MemoryStream memoryStream = new MemoryStream(input);
    CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read);

    byte[] plainTextBytes = new byte[input.Length];

    int decryptedByteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);

    memoryStream.Close();
    cryptoStream.Close();

    return Encoding.UTF8.GetString(plainTextBytes, 0, decryptedByteCount);
}

当提供错误密码时,我Padding is invalid and cannot be removed在调用时遇到异常。cryptoStream.Read

使用错误密码时有什么方法可以防止此异常,因为我正在尝试进行暴力破解,并且异常处理起来很慢。

4

1 回答 1

0

如果您只是暴力破解并设置PaddingModeNone,您将解密包含填充的最后一个块,您可以将其用于识别明文以及您正在检查的任何其他内容。

于 2013-04-09T13:33:25.647 回答