問(wèn)題描述

我正在使用 C# 應(yīng)用程序.我們有常用的方法將數(shù)據(jù)存儲(chǔ)在文件中.這些方法加密數(shù)據(jù)并將它們存儲(chǔ)在文件系統(tǒng)上.當(dāng)我們需要數(shù)據(jù)時(shí)，ReadData 方法會(huì)解密數(shù)據(jù)并返回給我純文本.

I am working in a C# application. We have common methods to store data on a file. These methods encrypt the data and store them on the file system. when we need the data, ReadData method decrypts the data and returns me plain text.

如果文本的大小很小，則此代碼在正常情況下可以正常工作.但對(duì)于下面給出的示例文本，解密代碼拋出異常 - 要解密的數(shù)據(jù)長(zhǎng)度無(wú)效.

This code works fine in normal cases if size of the text in small. but for a example text given below, the decryption code is throwing exception - length of the data to decrypt is invalid.

異常發(fā)生在行

        // close the CryptoStream
        x_cryptostream.Close();

我嘗試了不同的方法，但沒(méi)有運(yùn)氣.可以請(qǐng)一些幫助.

I tried different ways but no luck. Can some pls help.

我為什么要加密已經(jīng)加密的數(shù)據(jù)-我只是想使用大型應(yīng)用程序的常用方法將其存儲(chǔ)在文件中.常用方法 storedata(key,data) 和 readdata(key) 做我無(wú)法避免的加密/解密.

Why am I encrypting already encrypted data - I am just trying to store in a file using common method of the huge application. The common methods storedata(key,data) nad readdata(key) do the encryption/decryption I can't avoid.

   public static byte[] Decrypt(byte[] ciphertext, string Key, string IV)
    {
        byte[] k = Encoding.Default.GetBytes(Key);
        byte[] iv = Encoding.Default.GetBytes(IV);

        // create the encryption algorithm
        SymmetricAlgorithm x_alg = SymmetricAlgorithm.Create("Rijndael");
        x_alg.Padding = PaddingMode.PKCS7;

        // create an ICryptoTransform that can be used to decrypt data
        ICryptoTransform x_decryptor = x_alg.CreateDecryptor(k, iv);

        // create the memory stream
        MemoryStream x_memory_stream = new MemoryStream();

        // create the CryptoStream that ties together the MemoryStream and the 
        // ICryptostream
        CryptoStream x_cryptostream = new CryptoStream(x_memory_stream,
        x_decryptor, CryptoStreamMode.Write);

        // write the ciphertext out to the cryptostream
        x_cryptostream.Write(ciphertext, 0, ciphertext.Length);

        // close the CryptoStream
        x_cryptostream.Close();

        // get the plaintext from the MemoryStream
        byte[] x_plaintext = x_memory_stream.ToArray();

下面是加密方法的代碼.

Below is the code of encrypt method.

        public static byte[] Encrypt(string strplain, string Key, string IV)
        {
        byte[] k = Encoding.Default.GetBytes(Key);
        byte[] iv = Encoding.Default.GetBytes(IV);

        byte[] plaintext = Encoding.Default.GetBytes(strplain);

        // create the encryption algorithm
        SymmetricAlgorithm x_alg = SymmetricAlgorithm.Create("Rijndael");
        x_alg.Padding = PaddingMode.PKCS7;
        // create an ICryptoTransform that can be used to encrypt data
        ICryptoTransform x_encryptor = x_alg.CreateEncryptor(k, iv);

        // create the memory stream
        MemoryStream x_memory_stream = new MemoryStream();

        // create the CryptoStream that ties together the MemoryStream and
        // the ICryptostream
        CryptoStream x_cryptostream = new CryptoStream(x_memory_stream,
        x_encryptor, CryptoStreamMode.Write);

        // write the plaintext out to the cryptostream
        x_cryptostream.Write(plaintext, 0, plaintext.Length);

        // close the CryptoStream
        x_cryptostream.Close();

        // get the ciphertext from the MemoryStream
        byte[] x_ciphertext = x_memory_stream.ToArray();

        // close memory stream
        x_memory_stream.Close();

        // convert from array to string
        string cipher_Tx = Encoding.Default.GetString(x_ciphertext, 
            0, x_ciphertext.Length);

        x_encryptor.Dispose();

        x_alg.Clear();
        byte[] cipher = Encoding.Default.GetBytes(cipher_Tx);

        return cipher;
    }  

推薦答案

你的問(wèn)題是string cipher_Tx = Encoding.Default.GetString(x_ciphertext, 0, x_ciphertext.Length);.

x_ciphertext 不是文本的有效字節(jié)表示，它有許多無(wú)法呈現(xiàn)的字符，當(dāng)您進(jìn)行 byte[] 到 string 轉(zhuǎn)換時(shí)你正在丟失信息.正確的方法是使用字符串格式，該格式旨在使用 Convert.ToBase64String(byte[]) 和 Convert.FromBase64String(string).

x_ciphertext is not a valid byte representation of text, it has many unpresentable characters and when you do your byte[] to string conversion you are loosing information. The correct way to do it is use a string format that is designed to represent binary data using something like Convert.ToBase64String(byte[]) and Convert.FromBase64String(string).

string cipher_Tx = Convert.ToBase64String(x_ciphertext)

x_encryptor.Dispose();

x_alg.Clear();
byte[] cipher = Convert.FromBase64String(cipher_Tx)

話雖如此，您的代碼還有很多其他奇怪"的地方，例如您不使用 using 語(yǔ)句，而您確實(shí)應(yīng)該使用.此外，完全沒(méi)有必要將整個(gè)轉(zhuǎn)換為字符串并返回，只需返回 x_ciphertext.代碼也可能存在其他問(wèn)題(例如 Key 和 IV 的字符串來(lái)自哪里)和許多其他最佳實(shí)踐(例如您應(yīng)該生成隨機(jī) IV并將其寫(xiě)到輸出中，并且應(yīng)該使用不直接來(lái)自用戶文本的密鑰派生函數(shù)生成密鑰)，但是在發(fā)現(xiàn)字符串轉(zhuǎn)換問(wèn)題后我停止了檢查.

That being said, there is a lot of other "odd" things about your code, for example you don't use using statements and you really should. Also that whole conversion to string and back is totally unnecessary, just return x_ciphertext. There may be other problems with the code too (like where did the strings for Key and IV come from) and many other best practices (like you should be generating a random IV and writing it out in to the output and the key should be generated using a key derivation function not straight from user text), but I stopped checking after I found the string conversion issue.

這篇關(guān)于解密異常 - 要解密的數(shù)據(jù)長(zhǎng)度無(wú)效的文章就介紹到這了，希望我們推薦的答案對(duì)大家有所幫助，也希望大家多多支持html5模板網(wǎng)！