1

我正在尝试使用 AesCryptoProvider 来加密和解密字节数组。

这是我的加密和解密方法:

public static byte[] EncryptAes(byte[] data, out byte[] key, out byte[] iv)
{
    if (data == null || data.Length <= 0)
        throw new ArgumentNullException("data");

    try
    {
        using (AesCryptoServiceProvider aesAlg = new AesCryptoServiceProvider())
        {
            aesAlg.KeySize = 256;
            aesAlg.BlockSize = 128;
            aesAlg.Padding = PaddingMode.PKCS7;
            aesAlg.Mode = CipherMode.CBC;
            aesAlg.GenerateKey();
            aesAlg.GenerateIV();

            key = aesAlg.Key;
            iv = aesAlg.IV;

            using (MemoryStream msEncrypt = new MemoryStream())
            {
                using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, aesAlg.CreateEncryptor(), CryptoStreamMode.Write))
                {
                    csEncrypt.Write(data, 0, data.Length);
                }

                return msEncrypt.ToArray();
            }
        }
    }
    catch (CryptographicException e)
    {
        Log.Error(e);
        key = null;
        iv = null;
        return null;
    }
}

public static byte[] DecryptAes(byte[] encryptedData, byte[] key, byte[] iv)
{
    if (encryptedData == null || encryptedData.Length <= 0)
        throw new ArgumentNullException("encryptedData");
    if (key == null || key.Length <= 0)
        throw new ArgumentNullException("key");
    if (iv == null || iv.Length <= 0)
        throw new ArgumentNullException("iv");

    try
    {
        using (AesCryptoServiceProvider aesAlg = new AesCryptoServiceProvider())
        {
            aesAlg.KeySize = 256;
            aesAlg.BlockSize = 128;
            aesAlg.Padding = PaddingMode.PKCS7;
            aesAlg.Mode = CipherMode.CBC;
            aesAlg.Key = key;
            aesAlg.IV = iv;

            using (MemoryStream msDecrypt = new MemoryStream(encryptedData))
            {
                using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, aesAlg.CreateDecryptor(), CryptoStreamMode.Write))
                {
                    csDecrypt.Write(encryptedData, 0, encryptedData.Length);
                }

                return msDecrypt.ToArray();
            }
        }
    }
    catch (CryptographicException e)
    {
        Log.Error(e);
        return null;
    }
}

然后测试它,我使用这个代码:

originalMessage = "This is a test message.";
originalData = System.Text.Encoding.UTF8.GetBytes(originalMessage);

byte[] key, iv;
byte[] encryptedData = Encryption.EncryptAes(originalData, out key, out iv);
byte[] decryptedData = Encryption.DecryptAes(encryptedData, key, iv);
string decryptedMessage = System.Text.Encoding.UTF8.GetString(decryptedData);
Log.Debug(decryptedMessage); // This is a test message.?{?o?}??

日志输出显示解密消息中有一堆乱码“?{?o?}??” 在最后。

我见过类似的问题,但他们的答案似乎没有帮助。我尝试在解密过程中写入另一个数组,如下所示:

using (MemoryStream msDecrypt = new MemoryStream(encryptedData))
{
    using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, aesAlg.CreateDecryptor(), CryptoStreamMode.Write))
    {
        byte[] decryptedData = new byte[encryptedData.Length];
        csDecrypt.Write(decryptedData, 0, decryptedData.Length);
    }

    return msDecrypt.ToArray();
}

但这会导致此异常:

System.Security.Cryptography.CryptographicException: Padding is invalid and cannot be removed.

所以一定有一些我想念的东西。有任何想法吗?谢谢!

4

1 回答 1

2

是的,重用缓冲区会咬你。您通常不希望加密和解密的数据大小相同,因此重用缓冲区会导致您在解密数据中看到剩余的加密数据。

使您的解密类似于加密。不要将缓冲区传递给 的构造函数MemoryStream,让它分配正确大小的缓冲区:

using (MemoryStream msDecrypt = new MemoryStream())
{
    using (CryptoStream csDecrypt =
          new CryptoStream(msDecrypt,
                           aesAlg.CreateDecryptor(),
                           CryptoStreamMode.Write))
    {
        csDecrypt.Write(encryptedData, 0, encryptedData.Length);
    }
    return msDecrypt.ToArray();
}

我尝试在解密过程中写入另一个数组,如下所示:

using (MemoryStream msDecrypt = new MemoryStream(encryptedData))
{
    using (CryptoStream csDecrypt =
          new CryptoStream(msDecrypt,
                           aesAlg.CreateDecryptor(),
                           CryptoStreamMode.Write))
    {
        byte[] decryptedData = new byte[encryptedData.Length];
        csDecrypt.Write(decryptedData, 0, decryptedData.Length);
    }

    return msDecrypt.ToArray();
}

没有读回给自己听。您仍在将加密流配置为写入而不是读取。您在这里所做的是分配一个新缓冲区,然后告诉 AES将该空缓冲区解密到使用加密数据初始化的内存流中。

于 2019-02-01T08:28:26.200 回答