c# - Force generation of Initialization Vector 32 bytes (16 characters) in length

Question

I want to generate an Initialization Vector (IV) for my AES encryption method. I have defined the key size as 256 (since I am using AES) so my IV needs to 32 bytes in length (256 / 8). I wish to store the IV as a string representation so using UTF-8, this would equate to a 16 character string.

Here is the code I am using to generate and return the IV ...

using (var aesProv = new AesCryptoServiceProvider())
{
  aesProv.GenerateIV();
  return System.Text.Encoding.Default.GetString(aesProv.IV);
}

How do I go about making sure that the IV is 16 characters in length? Can I count on a 16 character length being generated because I am using an AES library? AesCryptoServiceProvider

score 3 · Accepted Answer

我希望将 IV 存储为字符串表示形式，因此使用 UTF-8，这将等同于 16 个字符的字符串。

不，只是不要这样做。是的，您可以将 32 个字节解释为 UCS-2 序列，但这是一个非常糟糕的主意。这不是自然的文本——它基本上是任意的二进制数据。由于代理对等原因，您很容易得到无效的 UTF-16 代码单元序列。

假设您想要一个可能能够安全传输的字符串表示形式等，我建议只使用 base64：

return Convert.ToBase64String(aesProv.IV);

或者你当然可以使用十六进制。当然，这两个字符都比 16 个字符长得多，但这是适当处理数据的“代价”。

c# - Force generation of Initialization Vector 32 bytes (16 characters) in length

1 回答 1

Related

Reference