我有一个程序,我在其中编写和读取配置文件。当我写作时,我使用vb.net中的RijndaelManaged对象加密整个文件,当我读取时,我使用相同的值解密钥和初始向量。
在我的开发机器和许多其他机器上都可以正常工作。但是,某些PC无法使用相同的程序加密/解密文件。
此加密对象中是否存在阻止它的内容以及您建议使用的内容?
由于
编辑:这是我用来加密和解密的代码:从我所看到的,如果我从主机加密字节,我可以从任何PC上解密它。但是,如果我从其他PC加密字节,我无法从任何PC解密它。此外,当我查看文件的内容时,它们看起来根本不相同。请注意,我常用的方法是从文件(通常是XML)创建内存流,然后加密/解密。
Public Shared Function EncryptBytes(ByVal strContenu() As Byte, ByVal initVectorBytes() As Byte, ByVal saltValueBytes() As Byte) As Byte()
' Convert our plaintext into a byte array.
' Let us assume that plaintext contains UTF8-encoded characters.
Dim plainTextBytes As Byte() = strContenu
'plainTextBytes = System.Text.Encoding.Unicode.GetBytes(strMessage)
Dim strPassPhrase As String = "d%6&?76dhd8?532LDhds8!7?&?8&?dhcv77"
Dim strHashAlgorithm As String = "SHA1"
Dim intPswdIterations As Integer = 2
' First, we must create a password, from which the key will be derived.
' This password will be generated from the specified passphrase and
' salt value. The password will be created using the specified hash
' algorithm. Password creation can be done in several iterations.
Dim password As PasswordDeriveBytes
password = New PasswordDeriveBytes(strPassPhrase, _
saltValueBytes, _
strHashAlgorithm, _
intPswdIterations)
' Use the password to generate pseudo-random bytes for the encryption
' key. Specify the size of the key in bytes (instead of bits).
Dim keyBytes As Byte()
keyBytes = password.GetBytes(32)
' Create uninitialized Rijndael encryption object.
Dim symmetricKey As RijndaelManaged
symmetricKey = New RijndaelManaged()
' It is reasonable to set encryption mode to Cipher Block Chaining
' (CBC). Use default options for other symmetric key parameters.
symmetricKey.Mode = CipherMode.CBC
' Generate encryptor from the existing key bytes and initialization
' vector. Key size will be defined based on the number of the key
' bytes.
Dim encryptor As ICryptoTransform
encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes)
' Define memory stream which will be used to hold encrypted data.
Dim memoryStream As System.IO.MemoryStream
memoryStream = New System.IO.MemoryStream()
' Define cryptographic stream (always use Write mode for encryption).
Dim cryptoStream As CryptoStream
cryptoStream = New CryptoStream(memoryStream, _
encryptor, _
CryptoStreamMode.Write)
' Start encrypting.
cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length)
' Finish encrypting.
cryptoStream.FlushFinalBlock()
' Convert our encrypted data from a memory stream into a byte array.
Dim cipherTextBytes As Byte()
cipherTextBytes = memoryStream.ToArray()
' Close both streams.
memoryStream.Close()
cryptoStream.Close()
' Convert encrypted data into a base64-encoded string.
'Dim cipherText As String
'cipherText =
Return cipherTextBytes
' Return encrypted string.
'Return cipherText
End Function
Public Shared Function DecryptBytes(ByVal strContenuEncrypte() As Byte, ByVal initVectorBytes() As Byte, ByVal saltValueBytes() As Byte) As Byte()
' Convert strings defining encryption key characteristics into byte
' arrays. Let us assume that strings only contain ASCII codes.
' If strings include Unicode characters, use Unicode, UTF7, or UTF8
' encoding.
' Convert our ciphertext into a byte array.
Dim cipherTextBytes As Byte() = strContenuEncrypte
Dim strPassPhrase As String = "d%6&?76dhd8DSDhds8!7?&?8&?dhcv77"
Dim strHashAlgorithm As String = "SHA1"
Dim intPswdIterations As Integer = 2
' First, we must create a password, from which the key will be
' derived. This password will be generated from the specified
' passphrase and salt value. The password will be created using
' the specified hash algorithm. Password creation can be done in
' several iterations.
Dim password As PasswordDeriveBytes
password = New PasswordDeriveBytes(strPassPhrase, _
saltValueBytes, _
strHashAlgorithm, _
intPswdIterations)
' Use the password to generate pseudo-random bytes for the encryption
' key. Specify the size of the key in bytes (instead of bits).
Dim keyBytes As Byte()
keyBytes = password.GetBytes(32)
' Create uninitialized Rijndael encryption object.
Dim symmetricKey As RijndaelManaged
symmetricKey = New RijndaelManaged()
' It is reasonable to set encryption mode to Cipher Block Chaining
' (CBC). Use default options for other symmetric key parameters.
symmetricKey.Mode = CipherMode.CBC
' Generate decryptor from the existing key bytes and initialization
' vector. Key size will be defined based on the number of the key
' bytes.
Dim decryptor As ICryptoTransform
decryptor = symmetricKey.CreateDecryptor(keyBytes, initVectorBytes)
' Define memory stream which will be used to hold encrypted data.
Dim memoryStream As System.IO.MemoryStream
memoryStream = New System.IO.MemoryStream(cipherTextBytes)
' Define memory stream which will be used to hold encrypted data.
Dim cryptoStream As CryptoStream
cryptoStream = New CryptoStream(memoryStream, _
decryptor, _
CryptoStreamMode.Read)
' Since at this point we don't know what the size of decrypted data
' will be, allocate the buffer long enough to hold ciphertext;
' plaintext is never longer than ciphertext.
Dim plainTextBytes As Byte()
ReDim plainTextBytes(cipherTextBytes.Length)
' Start decrypting.
Dim decryptedByteCount As Integer
decryptedByteCount = cryptoStream.Read(plainTextBytes, _
0, _
plainTextBytes.Length)
' Close both streams.
memoryStream.Close()
cryptoStream.Close()
' Convert decrypted data into a string.
' Let us assume that the original plaintext string was UTF8-encoded.
Dim plainText As String
plainText = System.Text.Encoding.Unicode.GetString(plainTextBytes, _
0, _
decryptedByteCount)
' Return decrypted string.
Return plainTextBytes
End Function
答案 0 :(得分:1)
如果您使用Mono而不是普通的.NET作为运行时,则PasswordDeriveBytes将因任何高于20的输出而失败。PasswordDeriveBytes使用未知的,专有的,非确定性的,破坏的,加密的请求更多输出时的不安全方法,而不是哈希输出可以在PasswordDeriveBytes内提供。 This has been marked as no-fix by the Mono developers.
最好的办法是升级到Rfc2898DeriveBytes,它实现PBKDF2而不是PBKDF1。 PBKDF2定义了如何扩展输出量,以便所有实现都应该按照指定的方式运行。
如果您需要的输出多于哈希函数提供的输出,那么在PBKDF2的输出上使用KBKDF(如HKDF)会更安全。 PKBDF2需要另一组完整的轮次来创建更多数据,这可能有利于攻击者而不是普通用户,并且根据请求的字节数将使CPU负载增加一倍或三倍。
[编辑]
另请注意,使用密码 string 的PasswordDeriveBytes构造函数未指定要使用的字符编码,因此最好在将其转换为字节之前将其转换为字节到构造函数。
根据大多数观察,两者似乎都使用UTF-8 - 请注意其他运行时(如Java)在这方面可能有所不同。
答案 1 :(得分:0)
一个疯狂的猜测:你在文本模式下编写和阅读文件吗?当加密数据恰好包含0x1A(EOF,ctrl-z)时,读取可能会提前停止并且您解密为几个字节。
答案 2 :(得分:0)
您无法将120Gb文件上传到字节()。或者你有一些疯狂的机器。 尝试在Ram中将字节上传到字节
Dim fStream As FileStream = New FileStream("Encrypted.Encrypted", FileMode.Create)
Dim cryptoStream As New CryptoStream(fStream, Encryptor, CryptoStreamMode.Write)
Using UploadFile As FileStream = New FileStream(OpenfileDialog.FileName, FileMode.Open)
For i = 0 To UploadFile.Length - 1
Dim NewByte As New Byte
NewByte = UploadFile.ReadByte
cryptoStream.WriteByte(NewByte)
Next
End Using
cryptoStream.FlushFinalBlock()
cryptoStream.Close()
fStream.Close()