我一直在使用我使用SHA1编写的旧代码来处理SHA256或SHA512. 我是密码学领域的新手,我想知道有没有人能告诉我,为什么我在ENCRYPT方法中的输入值通过DECRYPT方法返回时会丢失1-5个字节.
我可以用短字符串运行这些方法,没有问题,但显然不会更大,例如16个字节+.
有问题的两种方法是:
public string Decrypt(string data, EncryptionValue eV, string passPhrase)
{
byte[] bytes = Encoding.ASCII.GetBytes(eV.InitVector);
byte[] rgbSalt = Encoding.ASCII.GetBytes(eV.SaltValue);
byte[] buffer = Convert.FromBase64String(data);
byte[] rgbKey = new Rfc2898DeriveBytes(passPhrase, rgbSalt, eV.PassIterations, hash).GetBytes(eV.KeySize / 8);
var managed = Aes.Create("AesManaged");
managed.Padding = PaddingMode.PKCS7;
managed.Mode = CipherMode.CBC;
ICryptoTransform transform = managed.CreateDecryptor(rgbKey, bytes);
MemoryStream stream = new(buffer);
CryptoStream stream2 = new(stream, transform, CryptoStreamMode.Read);
byte[] buffer5 = new byte[buffer.Length];
int count = stream2.Read(buffer5, 0, buffer5.Length);
stream.Close();
stream2.Close();
return Encoding.UTF8.GetString(buffer5, 0, count);
}
public string Encrypt(string data, EncryptionValue eV, string passPhrase)
{
byte[] bytes = Encoding.ASCII.GetBytes(eV.InitVector);
byte[] rgbSalt = Encoding.ASCII.GetBytes(eV.SaltValue);
byte[] buffer = Encoding.UTF8.GetBytes(data);
byte[] rgbKey = new Rfc2898DeriveBytes(passPhrase, rgbSalt, eV.PassIterations, hash).GetBytes(eV.KeySize / 8);
var managed = Aes.Create("AesManaged");
managed.Padding = PaddingMode.PKCS7;
managed.Mode = CipherMode.CBC;
ICryptoTransform transform = managed.CreateEncryptor(rgbKey, bytes);
MemoryStream stream = new();
CryptoStream stream2 = new(stream, transform, CryptoStreamMode.Write);
stream2.Write(buffer, 0, buffer.Length);
stream2.FlushFinalBlock();
byte[] inArray = stream.ToArray();
stream.Close();
stream2.Close();
return Convert.ToBase64String(inArray);
}
加密值类别包含随机化的值,这不是这里的问题,但我还是要在这里发布它:
public int PassIterations { get; set; }
public int KeySize { get; set; }
public string InitVector { get; set; }
public string SaltValue { get; set; }
在我的所有测试中,迭代次数都在1000次左右.我已经做了越来越多的测试. KeySize始终为256或128, InitVector="~1B2C3D4e5F6g7H8";
我运行了一些测试,正如我所说的,较小的字符串是可以的,但我希望它能够存储至少120个字节.我以为这能行得通?