我正在使用 SagePay Forms,目前正在将他们拥有的 VB 示例转换为 C#。 我已经取得了很好的进展,所以我的项目的加密部分工作正常(SagePay 可以解密它)。
我遇到的问题是,当我尝试解密字符串时,它变成了垃圾。 如果有人以前这样做过,我真的很感激对我的解密代码的一些帮助。 我已经包含了有效的加密代码,前两行是来自另一种方法的设置和调用。
我还没有添加 VB 代码,但如果需要的话我可以添加它。 如果不需要的话,不想发一个大帖子。
实用方法:
public string byteArrayToHexString(byte[] ba)
{
return BitConverter.ToString(ba).Replace("-", "");
}
public static byte[] StringToByteArray(string hex)
{
return Enumerable.Range(0, hex.Length)
.Where(x => x % 2 == 0)
.Select(x => Convert.ToByte(hex.Substring(x, 2), 16))
.ToArray();
}
主要加密方法,前几行是从更大的方法中提取的调用。
string crypt = "blahblahblah"
string EncryptAndEncode = "@" + byteArrayToHexString(aesEncrypt(crypt));
private byte[] aesEncrypt(string inputText)
{
RijndaelManaged AES = new RijndaelManaged();
//set the mode, padding and block size for the key
AES.Padding = PaddingMode.PKCS7;
AES.Mode = CipherMode.CBC;
AES.KeySize = 128;
AES.BlockSize = 128;
//convert key and plain text input into byte arrays
Byte[] keyAndIvBytes = UTF8Encoding.UTF8.GetBytes("tR7nR6wZHGjYMCuV");
Byte[] inputBytes = UTF8Encoding.UTF8.GetBytes(inputText);//AbHLlc5uLone0D1q
//create streams and encryptor object
MemoryStream memoryStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(memoryStream, AES.CreateEncryptor(keyAndIvBytes, keyAndIvBytes), CryptoStreamMode.Write);
//perform encryption
cryptoStream.Write(inputBytes, 0, inputBytes.Length);
cryptoStream.FlushFinalBlock();
//get encrypted stream into byte array
Byte[] outBytes = memoryStream.ToArray();
//close streams
memoryStream.Close();
cryptoStream.Close();
AES.Clear();
return outBytes;
}
解码与解密方法
public string DecodeAndDecrypt(string strIn)
{
//** HEX decoding then AES decryption, CBC blocking with PKCS5 padding - DEFAULT **
string DecodeAndDecrypt = aesDecrypt(StringToByteArray(strIn.Substring(1)));
return (DecodeAndDecrypt);
}
private string aesDecrypt(Byte[] inputBytes)
{
RijndaelManaged AES = new RijndaelManaged();
Byte[] keyAndIvBytes = UTF8Encoding.UTF8.GetBytes("tR7nR6wZHGjYMCuV");
Byte[] outputBytes = inputBytes;//Convert.FromBase64String(inputBytes);
//set the mode, padding and block size
AES.Padding = PaddingMode.PKCS7;
AES.Mode = CipherMode.CBC;
AES.KeySize = 128;
AES.BlockSize = 128;
//create streams and decryptor object
MemoryStream memoryStream = new MemoryStream(outputBytes);
CryptoStream cryptoStream = new CryptoStream(memoryStream, AES.CreateEncryptor(keyAndIvBytes, keyAndIvBytes), CryptoStreamMode.Read);
//perform decryption
cryptoStream.Read(outputBytes, 0, outputBytes.Length);
Trace.WriteLine(outputBytes);
//close streams
memoryStream.Close();
cryptoStream.Close();
AES.Clear();
//return System.Text.Encoding.UTF8.GetString(outputBytes);
string plainText = Encoding.UTF8.GetString(outputBytes,
0,
outputBytes.Length);
return plainText;
}
您的代码实际上存在多个问题。 首先,在解密方法中,您要创建一个加密器,它应该是一个解密器。 其次,当您进行解密时,您正在读取整个块,包括将算法填充到缓冲区中。 下面是一个项目已修复的类,应该返回正确的结果。 不过,我确实建议您找到一种更好的方法来存储密钥,放入代码并按照您的方式生成它,这是不行的。 您应该使用 RNG (RNGCryptoServiceProvider) 生成密钥,然后使用安全哈希算法(例如 SHA512)对其进行哈希处理,然后使用该输出作为您的密钥。 然后你需要找到一个好地方来存储它,我会考虑加密你的 web.config 文件。
public static class EncryptionHelper
{
private static byte[] keyAndIvBytes;
static EncryptionHelper()
{
// You'll need a more secure way of storing this, I hope this isn't
// the real key
keyAndIvBytes = UTF8Encoding.UTF8.GetBytes("tR7nR6wZHGjYMCuV");
}
public static string ByteArrayToHexString(byte[] ba)
{
return BitConverter.ToString(ba).Replace("-", "");
}
public static byte[] StringToByteArray(string hex)
{
return Enumerable.Range(0, hex.Length)
.Where(x => x % 2 == 0)
.Select(x => Convert.ToByte(hex.Substring(x, 2), 16))
.ToArray();
}
public static string DecodeAndDecrypt(string cipherText)
{
string DecodeAndDecrypt = AesDecrypt(StringToByteArray(cipherText));
return (DecodeAndDecrypt);
}
public static string EncryptAndEncode(string plaintext)
{
return ByteArrayToHexString(AesEncrypt(plaintext));
}
public static string AesDecrypt(Byte[] inputBytes)
{
Byte[] outputBytes = inputBytes;
string plaintext = string.Empty;
using (MemoryStream memoryStream = new MemoryStream(outputBytes))
{
using (CryptoStream cryptoStream = new CryptoStream(memoryStream, GetCryptoAlgorithm().CreateDecryptor(keyAndIvBytes, keyAndIvBytes), CryptoStreamMode.Read))
{
using (StreamReader srDecrypt = new StreamReader(cryptoStream))
{
plaintext = srDecrypt.ReadToEnd();
}
}
}
return plaintext;
}
public static byte[] AesEncrypt(string inputText)
{
byte[] inputBytes = UTF8Encoding.UTF8.GetBytes(inputText);//AbHLlc5uLone0D1q
byte[] result = null;
using (MemoryStream memoryStream = new MemoryStream())
{
using (CryptoStream cryptoStream = new CryptoStream(memoryStream, GetCryptoAlgorithm().CreateEncryptor(keyAndIvBytes, keyAndIvBytes), CryptoStreamMode.Write))
{
cryptoStream.Write(inputBytes, 0, inputBytes.Length);
cryptoStream.FlushFinalBlock();
result = memoryStream.ToArray();
}
}
return result;
}
private static RijndaelManaged GetCryptoAlgorithm()
{
RijndaelManaged algorithm = new RijndaelManaged();
//set the mode, padding and block size
algorithm.Padding = PaddingMode.PKCS7;
algorithm.Mode = CipherMode.CBC;
algorithm.KeySize = 128;
algorithm.BlockSize = 128;
return algorithm;
}
}
调用起来很简单:
string crypt = "blahblahblah";
string EncryptAndEncode = EncryptionHelper.EncryptAndEncode(crypt);
Console.WriteLine(EncryptAndEncode);
Console.WriteLine(EncryptionHelper.DecodeAndDecrypt(EncryptAndEncode));
Console.ReadLine();
密钥传递加密和解密
using System;
using System.Text;
using System.Security.Cryptography;
public static class Aes256Cbc
{
private static readonly Encoding encoding = Encoding.UTF8;
public static string Encrypt(string text, string key)
{
try
{
var aes = new RijndaelManaged();
aes.KeySize = 256;
aes.BlockSize = 128;
aes.Padding = PaddingMode.PKCS7;
aes.Mode = CipherMode.CBC;
aes.Key = SHA256.Create().ComputeHash(encoding.GetBytes(key));
aes.IV = encoding.GetBytes(key);
var encrypt = aes.CreateEncryptor(aes.Key, aes.IV);
var bufferText = encoding.GetBytes(text);
var encryptedText =
Convert.ToBase64String(encrypt.TransformFinalBlock(bufferText, 0, bufferText.Length));
return encryptedText;
}
catch (Exception e)
{
throw new Exception("Error encrypting: " + e.Message);
}
}
public static string Decrypt(string text, string key)
{
try
{
var aes = new RijndaelManaged();
aes.KeySize = 256;
aes.BlockSize = 128;
aes.Padding = PaddingMode.PKCS7;
aes.Mode = CipherMode.CBC;
aes.Key = SHA256.Create().ComputeHash(encoding.GetBytes(key));
aes.IV = encoding.GetBytes(key);
var decrypt = aes.CreateDecryptor(aes.Key, aes.IV);
var bufferText = Convert.FromBase64String(text);
return encoding.GetString(decrypt.TransformFinalBlock(bufferText, 0, bufferText.Length));
}
catch (Exception e)
{
throw new Exception("Error decrypting: " + e.Message);
}
}
}