問題描述

我知道有人對此提出了其他問題，但到目前為止沒有一個問題提供解決方案或正是我遇到的問題.

I know other questions have been asked on this but none so far have provided a solution or are exactly the issue I have.

下面的類處理字符串的加解密，傳入的key和vector總是一樣的.

The class below handles the encryption and decryption of strings, the key and vector passed in are ALWAYS the same.

被加密和解密的字符串總是數字，大多數工作但偶爾解密時失敗(但僅在生產服務器上).我應該提到，本地和生產環境都在 Windows Server 2003 上的 IIS6 中，使用該類的代碼位于 .ashx 處理程序中.在生產服務器上失敗的例子是0000232668"

The strings being encrypted and decrypted are always numbers, most work but the occasional one fails when decrypting (but only on the production server). I should mention that both local and production environments are in IIS6 on Windows Server 2003, the code that uses the class sits in a .ashx handler. The example that fails on the production server is "0000232668"

錯誤信息是

System.Security.Cryptography.CryptographicException:填充無效且無法刪除.在 System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer, Int32 outputOffset, PaddingMode paddingMode, Boolean fLast)

System.Security.Cryptography.CryptographicException: Padding is invalid and cannot be removed. at System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer, Int32 outputOffset, PaddingMode paddingMode, Boolean fLast)

對于代碼

 public class Aes
    {
        private byte[] Key;
        private byte[] Vector;

        private ICryptoTransform EncryptorTransform, DecryptorTransform;
        private System.Text.UTF8Encoding UTFEncoder;

        public Aes(byte[] key, byte[] vector)
        {
            this.Key = key;
            this.Vector = vector;

            // our encyption method
            RijndaelManaged rm = new RijndaelManaged();

            rm.Padding = PaddingMode.PKCS7;

            // create an encryptor and decyptor using encryption method. key and vector
            EncryptorTransform = rm.CreateEncryptor(this.Key, this.Vector);
            DecryptorTransform = rm.CreateDecryptor(this.Key, this.Vector);

            // used to translate bytes to text and vice versa
            UTFEncoder = new System.Text.UTF8Encoding();
        }

        /// Encrypt some text and return a string suitable for passing in a URL. 
        public string EncryptToString(string TextValue)
        {
            return ByteArrToString(Encrypt(TextValue));
        }

        /// Encrypt some text and return an encrypted byte array. 
        public byte[] Encrypt(string TextValue)
        {
            //Translates our text value into a byte array. 
            Byte[] bytes = UTFEncoder.GetBytes(TextValue);
            Byte[] encrypted = null;

            //Used to stream the data in and out of the CryptoStream. 
            using (MemoryStream memoryStream = new MemoryStream())
            {                
                using (CryptoStream cs = new CryptoStream(memoryStream, EncryptorTransform, CryptoStreamMode.Write))
                {
                    cs.Write(bytes, 0, bytes.Length);                    
                }

                encrypted = memoryStream.ToArray();                
            }

            return encrypted;
        }

        /// The other side: Decryption methods 
        public string DecryptString(string EncryptedString)
        {
            return Decrypt(StrToByteArray(EncryptedString));
        }

        /// Decryption when working with byte arrays.     
        public string Decrypt(byte[] EncryptedValue)
        {
            Byte[] decryptedBytes = null;

            using (MemoryStream encryptedStream = new MemoryStream())
            {
                using (CryptoStream decryptStream = new CryptoStream(encryptedStream, DecryptorTransform, CryptoStreamMode.Write))
                {
                    decryptStream.Write(EncryptedValue, 0, EncryptedValue.Length);
                }

                decryptedBytes = encryptedStream.ToArray();
            }

            return UTFEncoder.GetString(decryptedBytes);
        }

        /// Convert a string to a byte array.  NOTE: Normally we'd create a Byte Array from a string using an ASCII encoding (like so). 
        //      System.Text.ASCIIEncoding encoding = new System.Text.ASCIIEncoding(); 
        //      return encoding.GetBytes(str); 
        // However, this results in character values that cannot be passed in a URL.  So, instead, I just 
        // lay out all of the byte values in a long string of numbers (three per - must pad numbers less than 100). 
        public byte[] StrToByteArray(string str)
        {
            if (str.Length == 0)
                throw new Exception("Invalid string value in StrToByteArray");

            byte val;
            byte[] byteArr = new byte[str.Length / 3];
            int i = 0;
            int j = 0;
            do
            {
                val = byte.Parse(str.Substring(i, 3));
                byteArr[j++] = val;
                i += 3;
            }
            while (i < str.Length);
            return byteArr;
        }

        // Same comment as above.  Normally the conversion would use an ASCII encoding in the other direction: 
        //      System.Text.ASCIIEncoding enc = new System.Text.ASCIIEncoding(); 
        //      return enc.GetString(byteArr);     
        public string ByteArrToString(byte[] byteArr)
        {
            byte val;
            string tempStr = "";
            for (int i = 0; i <= byteArr.GetUpperBound(0); i++)
            {
                val = byteArr[i];
                if (val < (byte)10)
                    tempStr += "00" + val.ToString();
                else if (val < (byte)100)
                    tempStr += "0" + val.ToString();
                else
                    tempStr += val.ToString();
            }
            return tempStr;
        }

感謝您的所有幫助，但是您的回答并沒有解決問題，結果證明這是非常簡單的事情.我在一臺服務器上生成了一個加密字符串，并將其交給另一臺服務器上的處理程序進行解密和處理，但事實證明，在不同服務器上運行時加密的結果不同，因此接收服務器無法解密它.其中一個答案偶然發現了這個提示，這就是我接受它的原因

Thankyou for all of your help however your answers did not un-cover the problem, which turned out to be something stupidly simple. I was generating an encrypted string on one server and handing it over to a handler on another server for decrpytion and processing, but it turns out that the results of encryption differ when run on different servers, hence the receiving server could not decrypt it. One of the answers stumbled across the hint at this by accident, which is why I accepted it

推薦答案

當加密和解密由于某種原因沒有使用相同的密鑰或初始化向量時，有時會收到有關無效填充的消息.填充是添加到明文末尾的一些字節，以使其組成完整數量的塊以供密碼處理.在 PKCS7 填充中，每個字節都等于添加的字節數，因此在解密后始終可以將其刪除.您的解密導致最后一個 n 個字節不等于最后一個字節的值 n 的字符串(希望這句話有意義).所以我會仔細檢查你所有的鑰匙.

You will sometimes get a message about invalid padding when encryption and decryption for whatever reason have not used the same key or initialisation vector. Padding is a number of bytes added to the end of your plaintext to make it up to a full number of blocks for the cipher to work on. In PKCS7 padding each byte is equal to the number of bytes added, so it can always be removed after decryption. Your decryption has led to a string where the last n bytes are not equal to the value n of the last byte (hope that sentence makes sense). So I would double check all your keys.

或者，在您的情況下，我建議您確保為每個加密和解密操作創建和處置 RijndaelManagedTransform 的實例，并使用密鑰和向量對其進行初始化.這個問題很可能是重用這個transform對象造成的，也就是說第一次使用后，它就不再是正確的初始狀態了.

Alternatively, in your case, I would suggest making sure that you create and dispose an instance of RijndaelManagedTransform for each encryption and decryption operation, initialising it with the key and vector. This problem could very well be caused by reusing this transform object, which means that after the first use, it is no longer in the right initial state.

這篇關于RijndaelManaged“填充無效，無法移除"僅在生產中解密時發生的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！