0

在此处输入图像描述在此处输入图像描述场景:一个对称密钥,每个用户都有自己的 IV,文档存储在 NVARCHAR(MAX) 字段中。当我尝试解密文件时,我得到:
输入数据不是一个完整的块。

// Create symmetric key
public static byte[] CreateKey()
{
    AesCryptoServiceProvider aesCrypto = (AesCryptoServiceProvider)AesCryptoServiceProvider.Create();
    byte[] key = aesCrypto.Key;
    return key;
}

//Get key (stored in a database)
public static Byte[] GetAppKey()
{
    return db.Encryptors.Where(x => x.EncryptorID == 1).Single().EncryptionKey.ToArray();
}

// Get application IV (stored in database)
public static Byte[] GetAppIV()
{
    return db.Encryptors.Where(x => x.EncryptorID == 1).Single().IV.ToArray();
}

// Encrypt document (this will be stored in a VARBINARY(MAX) field
public static byte[] EncryptBinaryToBytes(Binary document, byte[] iv)
{
    byte[] key = GetAppKey();
    byte[] encrypted;

    using (AesCryptoServiceProvider aesCsp = new AesCryptoServiceProvider())
    {
        aesCsp.Key = key;
        aesCsp.IV = iv;

        ICryptoTransform encryptor = aesCsp.CreateEncryptor(aesCsp.Key, aesCsp.IV);

        using (MemoryStream msEncrypt = new MemoryStream())
        {
            using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
            {
                using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
                {
                    swEncrypt.Write(document);
                }
                encrypted = msEncrypt.ToArray();
            }
        }
    }
    // return the encrypted document
    return encrypted;
}

// Decrypt document
public static byte[] DecryptBytesToBytes(byte[] document, byte[] iv) 
{
    byte[] key = GetAppKey();

    using (AesCryptoServiceProvider aesCsp = new AesCryptoServiceProvider())
    {
        aesCsp.Key = key;
        aesCsp.IV = iv;

        ICryptoTransform decryptor = aesCsp.CreateDecryptor(aesCsp.Key, aesCsp.IV);

        using (MemoryStream msDecrypt = new MemoryStream())
        {
            using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Write))
            {
                using (StreamWriter swDecrypt = new StreamWriter(csDecrypt))
                {
                    swDecrypt.Write(document);
                }
                byte[] decrypted = msDecrypt.ToArray();
                // return the unencrypted document
                return decrypted;
            }
        }
    }
}

提前致谢。

存储文档

    byte[] fileByte = fluUploadFile.FileBytes;
    Binary document = new Binary(fileByte);

    byte[] appIv = AES.GetAppIV();
    byte[] encryptedDocument = AES.EncryptBinaryToBytes(document, appIv);
    byte[] decryptedDocument = AES.DecryptBytesToBytes(encryptedDocument, appIv);
    Document d = new Document()
    {
        OriginalName = originalName,
        DocSize = fileSize,
        BinaryDocument = encryptedDocument,
        UploadedName = uploadedFileName,
        MimeType = MIMEType,
        DocExtension = extension
    };
    db.Documents.InsertOnSubmit(d);
    db.SubmitChanges();
4

1 回答 1

2

将数据库字段的数据类型更改为 非常重要,VARBINARY(MAX)这样可以避免无法解释为合法字符的字符编码和字节组合问题。

另外,我认为问题在于在加密和解密例程中调用ToArray()方法之前没有关闭流。调用soMemoryStream非常重要,Close()加密过程将最终块写入流。CryptoStreamFlushFinalBlock()

尝试将调用移动MemoryStream.ToArray()到外部using块,即在using块之外CryptoStream,以便Dispose()在之前CryptoStream调用 and 调用MemoryStream.Close()

您的代码的另一个问题是您CryptoStream使用 a包装 ,它将您传递给方法的对象的文本StreamWriter表示形式写入。您应该改为直接写入以避免任何字节到字符串的转换。WriteCryptoStream

于 2011-12-06T04:16:39.600 回答