0

我在我的 C# WCF 中使用以下加密/解密:

    public static string EncryptString(string InputText, string Password)
    {
        RijndaelManaged RijndaelCipher = new RijndaelManaged();
        RijndaelCipher.Padding = PaddingMode.ISO10126;
        if (string.IsNullOrEmpty(Password) == true)
        {
            Password = "Test";
        }
        byte[] PlainText = System.Text.Encoding.Unicode.GetBytes(InputText);
        byte[] Salt = Encoding.ASCII.GetBytes(Password.Length.ToString());

        //This class uses an extension of the PBKDF1 algorithm defined in the PKCS#5 v2.0 
        //standard to derive bytes suitable for use as key material from a password. 
        //The standard is documented in IETF RRC 2898.

        PasswordDeriveBytes SecretKey = new PasswordDeriveBytes(Password, Salt);
        //Creates a symmetric encryptor object. 
        ICryptoTransform Encryptor = RijndaelCipher.CreateEncryptor(SecretKey.GetBytes(32), SecretKey.GetBytes(16));
        MemoryStream memoryStream = new MemoryStream();
        //Defines a stream that links data streams to cryptographic transformations
        CryptoStream cryptoStream = new CryptoStream(memoryStream, Encryptor, CryptoStreamMode.Write);
        cryptoStream.Write(PlainText, 0, PlainText.Length);
        //Writes the final state and clears the buffer
        cryptoStream.FlushFinalBlock();
        byte[] CipherBytes = memoryStream.ToArray();
        memoryStream.Close();
        memoryStream = null;
        cryptoStream.Close();
        cryptoStream = null;
        PlainText = null;
        Salt = null;
        try
        {
            GC.Collect();
        }
        catch { }
        return Convert.ToBase64String(CipherBytes);

    }


    public static string DecryptString(string InputText, string Password)
    {

        RijndaelManaged RijndaelCipher = new RijndaelManaged();
        RijndaelCipher.Padding = PaddingMode.ISO10126;
        if (string.IsNullOrEmpty(Password) == true)
        {
            Password = "Test";
        }
        byte[] EncryptedData = Convert.FromBase64String(InputText);
        byte[] Salt = Encoding.ASCII.GetBytes(Password.Length.ToString());
        //Making of the key for decryption
        PasswordDeriveBytes SecretKey = new PasswordDeriveBytes(Password, Salt);
        //Creates a symmetric Rijndael decryptor object.
        ICryptoTransform Decryptor = RijndaelCipher.CreateDecryptor(SecretKey.GetBytes(32), SecretKey.GetBytes(16));
        MemoryStream memoryStream = new MemoryStream(EncryptedData);
        //Defines the cryptographics stream for decryption.THe stream contains decrpted data
        CryptoStream cryptoStream = new CryptoStream(memoryStream, Decryptor, CryptoStreamMode.Read);
        byte[] PlainText = new byte[EncryptedData.Length];
        int DecryptedCount = cryptoStream.Read(PlainText, 0, PlainText.Length);
        memoryStream.Close();
        memoryStream = null;
        cryptoStream.Close();
        cryptoStream = null;
        Salt = null;
        try
        {
            GC.Collect();
        }
        catch { }
        //Converting to string
        return Encoding.Unicode.GetString(PlainText, 0, DecryptedCount);
    }

现在,我正在尝试使用 Java 脚本来适应,想要在我的网络中加密数据并能够解密我的 WCF 中的数据,我尝试使用此脚本但不起作用,我可以在其中找到 Javascript 或 JS & .净样本 ?

得到以下错误:{“要解密的数据长度无效。”}

谢谢。

4

1 回答 1

0

好的,如果我理解正确,您想在浏览器中加密 javascript 中的用户名/密码,以便安全地将数据传输到 WCF 服务。为了实现这一点,您在双方都使用了 AES(对称)加密。

如果这是正确的,那么你真的应该使用 SSL。为什么?因为 SSL 可以做到这一点,但要好得多。简单来说,SSL 将在验证 RSA 密钥的公钥后协商 AES 密钥。因此,您可以获得客户端 javascript 的额外好处,因为您知道它正在与正确的服务器通信。

我认为滚动你自己的 AES 方法的错误在于,至少你必须将你的密钥(没有公钥认证步骤)暴露给客户端 javascript。这意味着您正在立即破坏安全性,因为拥有该密钥的任何人现在都可以将数据发送到服务器。

如果我误解了,那么也许有一个合适的时间来做这件事,但是,目前,我没有看到。

希望这可以帮助。

于 2012-03-07T14:26:29.973 回答