CryptoJS AES代码等同于c#代码

时间:2013-06-06 07:29:09

标签: c# cryptography aes cryptojs

下面是一个有效的c#加密代码。

包含的命名空间参考 

using System.Web.Script.Serialization;
using System.Security.Cryptography;
using System.Text;

用于编码json格式用户数据的C#代码 

// Encode the data into a JSON object     
JavaScriptSerializer s = new JavaScriptSerializer();
string json_data = s.Serialize(user_data);

string site_key = "84129";
string api_key = "0d2c15da-b36f-4a9c-8f44-93eb95811e2e-05e1fb36-54aa-44fc-888e-45d2669c3013";
byte[] bIV = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };

//Using byte arrays now instead of strings
byte[] encrypted = null;
byte[] data = Encoding.ASCII.GetBytes(json_data);

//Use the AesManaged object to do the encryption
using (AesManaged aesAlg = new AesManaged())
{
    aesAlg.IV = bIV;
    aesAlg.KeySize = 16 * 8;

    // Create the 16-byte salted hash     
    SHA1 sha1 = SHA1.Create();
    byte[] saltedHash = sha1.ComputeHash(Encoding.ASCII.GetBytes(api_key + site_key), 0, (api_key + site_key).Length);
    Array.Resize(ref saltedHash, 16);
    aesAlg.Key = saltedHash;

    // Encrypt using the AES Managed object  
    ICryptoTransform encryptor = aesAlg.CreateEncryptor();
    using (MemoryStream msEncrypt = new MemoryStream())
    {
        using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
        {
            csEncrypt.Write(data, 0, data.Length);
            csEncrypt.FlushFinalBlock();
        }
        encrypted = msEncrypt.ToArray();
    }
}

// the Base64-encoded encrypted data       
 string encodedData= Convert.ToBase64String(encrypted, Base64FormattingOptions.None)
              .TrimEnd("=".ToCharArray()) // Remove trailing equal (=) characters       
              .Replace("+", "-")   // Change any plus (+) characters to dashes (-)     
              .Replace("/", "_");  // Change any slashes (/) characters to underscores (_)

注意:json_data字符串就像..

{ “电子邮件”: “chandresh@domainname.com”, “名称”: “chandresh”, “过期”: “2013-07-05T11:47:32”}

我尝试编写与上述C#工作代码等效的CryptoJS代码。

不知何故,加密/编码完成的编码数据无效。请帮助 

var json_data = '{"email":"chandresh@domainname.com","name":"chandresh","expires":"2013-07-05T11:47:32"}';
var site_key = "84129";
var api_key = "0d2c15da-b36f-4a9c-8f44-93eb95811e2e-05e1fb36-54aa-44fc-888e-45d2669c3013";
var _iv = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];

var options = { mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7, iv: _iv, keySize: 128/8 };

// Create the 16-byte salted hash     
var saltedHash = CryptoJS.SHA1(api_key + site_key);
saltedHash.sigBytes = 16;

saltedHash = CryptoJS.enc.Base64.stringify(saltedHash);
var encrypted = CryptoJS.AES.encrypt(json_data,saltedHash, options);

// the Base64-encoded encrypted data
var encodedData  =  encrypted.ciphertext.toString(CryptoJS.enc.Base64);
encodedData = encodedData.trimEnd("=");          // Remove trailing equal (=) characters       
encodedData = encodedData.replace(/\+/gi, "-");  // Change any plus (+) characters to dashes (-)
encodedData = encodedData.replace(/\//gi, "_");  // Change any slashes (/) characters to underscores (_)

1 个答案:

答案 0 :(得分:1)

您在JavaScript版本中使用Base64编码密钥。只需传递saltedHash变量而无需编码,它应该可以正常工作。

此加密系统还存在其他问题。静态IV几乎总是一个安全问题。密钥派生在这里也很可疑。

相关问题
最新问题