Base-64 char数组错误的长度无效

时间:2016-01-05 22:37:59

标签: c# asp.net base64

正如标题所说,我得到了:

Base-64字符数组的长度无效。

所以我正在做的是我使用以下方法构建要传递的电子邮件:

smsg += "<br><b>To complete your registration, verify your email</b>" + "<a href=" + siteurl + "?usenamw=" + Encrypt(username.Trim()) + "><br>HERE!</a>";

加密方法如下所示:

private static string Encrypt(string clearText)
{
    string EncryptionKey = "MAKV2SPBNI99212";
    byte[] clearBytes = Encoding.Unicode.GetBytes(clearText);
    using (Aes encryptor = Aes.Create())
    {
        Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
        encryptor.Key = pdb.GetBytes(32);
        encryptor.IV = pdb.GetBytes(16);
        using (MemoryStream ms = new MemoryStream())
        {
            using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write))
            {
                cs.Write(clearBytes, 0, clearBytes.Length);
                cs.Close();
            }
            clearText = Convert.ToBase64String(ms.ToArray());
        }
    }
    return clearText;
}

这是HTML在hotmail中的样子:

http://localhost:30850/Activation.aspx?username=9mQkc5vEebsl2Qg6hbxL+r3KVNhOEsig32oP6eb6rd0=

在接收端,Activation.aspx.cs页面包含以下行:

String username = Request.QueryString["username"].ToString();
    Label1.Text = Decrypt(username);

还有解密方法:

private string Decrypt(string cipherText)
{
    string EncryptionKey = "MAKV2SPBNI99212";
    byte[] cipherBytes = Convert.FromBase64String(cipherText);
    using (Aes encryptor = Aes.Create())
    {
        Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
        encryptor.Key = pdb.GetBytes(32);
        encryptor.IV = pdb.GetBytes(16);
        using (MemoryStream ms = new MemoryStream())
        {
            using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateDecryptor(), CryptoStreamMode.Write))
            {

                cs.Write(cipherBytes, 0, cipherBytes.Length);
                cs.Close();
            }
            cipherText = Encoding.Unicode.GetString(ms.ToArray());
        }
    }
    return cipherText;
}

所以基本上当我输入用户名像foe示例Jonathan时,在接收端标签上显示Jonathan没有问题。但是,如果我输入的不是4的倍数,我会得到错误。据我所知,Base64占4个中的多个,如果它有7个字符,它将为它增加空间。这有什么解决方案吗?非常感谢你。

2 个答案:

答案 0 :(得分:4)

base64用户名字符串在末尾填充'=';在解释URL查询字符串时,将忽略此项。即:

username => "9mQkc5vEebsl2Qg6hbxL+r3KVNhOEsig32oP6eb6rd0="

变为:

username => 9mQkc5vEebsl2Qg6hbxL+r3KVNhOEsig32oP6eb6rd0

在请求处理程序中。

您需要对字符串进行URL编码,然后才能在URL中使用它。

答案 1 :(得分:1)

默认的Base64字符集在Url中使用是不安全的,尤其是=(空格)和+(查询参数的名称/值分隔符)。

您可以使用修改后的集合(手动将一些字符替换为其他字符)或仔细编码您的数据以确保保留每个字符(特别是$scope.load_icons = function(file){ filename = file[0].name; filenamearray = filename.split('.'); extencion = filenamearray[filenamearray.length-1]; console.log(user_profiling); if(extencion==='png'||extencion==='gif'||extencion==='jpg'||extencion==='PNG'||extencion==='GIF'||extencion==='JPG'){ $upload.upload({ url: '/user_icons.json', data: {}, file: file }).progress(function(evt){ console.log(evt); }).success(function(data, status, headers, config) { console.log(data); }).error(function(data, status, headers, config){ console.log(data); }); } } ,因为ASP.Net将其视为空格)。

有关规范的链接,请参阅ExecutorService API documentation,有关PHP的类似问题,请参阅Base64 on Wikipedia