ASP.NET AES Padding无效,无法删除
这是一个常见问题,但建议的解决方案here和here对我不起作用,也不涉及数据库。
我希望代码示例'失败代码(WITH数据库)'能够正常工作。
这是我的加密/解密代码(从这里复制:https://msdn.microsoft.com/en-us/library/system.security.cryptography.aes.aspx?cs-save-lang=1&cs-lang=vb&f=255&MSPPError=-2147217396#code-snippet-2):
Shared Function EncryptStringToBytes_Aes(ByVal plainText As String, ByVal Key() As Byte, ByVal IV() As Byte) As Byte()
' Check arguments.
If plainText Is Nothing OrElse plainText.Length <= 0 Then
Throw New ArgumentNullException("plainText")
End If
If Key Is Nothing OrElse Key.Length <= 0 Then
Throw New ArgumentNullException("Key")
End If
If IV Is Nothing OrElse IV.Length <= 0 Then
Throw New ArgumentNullException("Key")
End If
Dim encrypted() As Byte
' Create an Aes object
' with the specified key and IV.
Using aesAlg As Aes = Aes.Create()
aesAlg.Key = Key
aesAlg.IV = IV
' Create a decrytor to perform the stream transform.
Dim encryptor As ICryptoTransform = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV)
' Create the streams used for encryption.
Using msEncrypt As New MemoryStream()
Using csEncrypt As New CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write)
Using swEncrypt As New StreamWriter(csEncrypt)
'Write all data to the stream.
swEncrypt.Write(plainText)
End Using
encrypted = msEncrypt.ToArray()
End Using
End Using
End Using
' Return the encrypted bytes from the memory stream.
Return encrypted
End Function 'EncryptStringToBytes_Aes
Shared Function DecryptStringFromBytes_Aes(ByVal cipherText() As Byte, ByVal Key() As Byte, ByVal IV() As Byte) As String
' Check arguments.
If cipherText Is Nothing OrElse cipherText.Length <= 0 Then
Throw New ArgumentNullException("cipherText")
End If
If Key Is Nothing OrElse Key.Length <= 0 Then
Throw New ArgumentNullException("Key")
End If
If IV Is Nothing OrElse IV.Length <= 0 Then
Throw New ArgumentNullException("Key")
End If
' Declare the string used to hold
' the decrypted text.
Dim plaintext As String = Nothing
' Create an Aes object
' with the specified key and IV.
Using aesAlg As Aes = Aes.Create()
aesAlg.Key = Key
aesAlg.IV = IV
' Create a decrytor to perform the stream transform.
Dim decryptor As ICryptoTransform = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV)
' Create the streams used for decryption.
Using msDecrypt As New MemoryStream(cipherText)
Using csDecrypt As New CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read)
Using srDecrypt As New StreamReader(csDecrypt)
' Read the decrypted bytes from the decrypting stream
' and place them in a string.
plaintext = srDecrypt.ReadToEnd()
End Using <= PADDING ERROR THROWN HERE
End Using
'cipherText = msDecrypt.ToArray() 'added by me
End Using
End Using
Return plaintext
End Function 'DecryptStringFromBytes_Aes
工作样本(没有数据库)
Dim original As String = "Here is some data to encrypt!"
Dim key As Rfc2898DeriveBytes = New Rfc2898DeriveBytes(_sharedSecret, _salt)
Try
' Create a new instance of the Aes
' class. This generates a new key and initialization
' vector (IV).
Using myAes As Aes = Aes.Create()
myAes.Key = key.GetBytes(myAes.KeySize / 8)
myAes.IV = key.GetBytes(myAes.BlockSize / 8)
' Encrypt the string to an array of bytes.
Dim encrypted As Byte() = EncryptStringToBytes_Aes(original, myAes.Key, myAes.IV)
' Decrypt the bytes to a string.
Dim roundtrip As String = DecryptStringFromBytes_Aes(encrypted, myAes.Key, myAes.IV)
'Display the original data and the decrypted data.
ltStatus.Text = String.Format("Original: {0}", original)
ltStatus.Text += String.Format("Round Trip: {0}", roundtrip)
End Using
Catch ex As Exception
Console.WriteLine("Error: {0}", ex.Message)
End Try
代码失败(WITH数据库)
Dim _salt As Byte() = Encoding.ASCII.GetBytes("o6806642kbM7c5")
Dim _sharedSecret As String = "abcd"
Dim original As String = "Here is some data to encrypt!"
Dim key As Rfc2898DeriveBytes = New Rfc2898DeriveBytes(_sharedSecret, _salt)
Dim encrypted As Byte()
Try
Using myAes As Aes = Aes.Create()
myAes.Key = key.GetBytes(myAes.KeySize / 8)
myAes.IV = key.GetBytes(myAes.BlockSize / 8)
myAes.Padding = PaddingMode.PKCS7
encrypted = EncryptStringToBytes_Aes(original, myAes.Key, myAes.IV)
End Using
Catch ex As Exception
Console.WriteLine("Error: {0}", ex.Message)
End Try
'save to DB
Dim myConnection As SqlConnection = GetConnection()
Dim cmd As New SqlCommand("UPDATE banks set bank_name=@bankname WHERE id=1", myConnection)
cmd.Parameters.Add(New SqlParameter("@bankname", encrypted))
Try
myConnection.Open()
cmd.ExecuteScalar()
Catch ex As Exception
GlobalFunctions.LogError("banks:INSERT encrypted", ex.Message, LogLevel.Normal)
Finally
myConnection.Close()
End Try
'retreive from db
Dim decrypted As String = ""
myConnection = GetConnection()
cmd = New SqlCommand("SELECT bank_name FROM banks where id=1", myConnection)
Dim reader As SqlDataReader
Try
myConnection.Open()
reader = cmd.ExecuteReader
If reader.Read Then
Using myAes As Aes = Aes.Create()
myAes.Key = key.GetBytes(myAes.KeySize / 8)
myAes.IV = key.GetBytes(myAes.BlockSize / 8)
myAes.Padding = PaddingMode.PKCS7
decrypted = DecryptStringFromBytes_Aes(reader("bank_name"), myAes.Key, myAes.IV)
End Using
Else
GlobalFunctions.LogError("banks:nothing to be read?!?", LogLevel.Normal)
End If
Catch ex As Exception
GlobalFunctions.LogError("banks:SELECT encrypted.", ex.Message, LogLevel.Normal)
Finally
myConnection.Close()
End Try
但这里出了点问题:
在bank_name类型的字段varbinary(MAX)中,我的MSSQL数据库中成功添加了二进制值。 (我也尝试过较小的字段,例如varbinary(50))
但是当我尝试从数据库中撤销后尝试解密此字段时,我收到错误Padding is invalid and cannot be removed.在上面的代码中看到带有注释'&lt; = PADDING ERROR THROWN THENWN'的代码行'失败的代码(WITH数据库) )”
我查看了here和here。而且我没有传递空字符串
此外,我尝试添加cipherText = msDecrypt.ToArray(),但错误已在此行被发现之前发生。
更新2
我的转储值是:
ReportError将值存储在数据库的文本字段中,报告的值为:
myAes.Key in 00000000 95 0C 95 EA 1D 40 0C FB 1D 3F B7 FB 73 FB 3F EA 00000010 40 62 51 62 51 EA 62 73 B7 2E 1D C8 1D 51 51 95
myAes.IV in 00000000 51 A6 84 73 95 C8 2E 62 84 C8 0C 62 C8 2E 1D84
加密 00000000 FB FB B7 73 D9 51 A6 2E 95 73 62 73 3F 84 A640 00000010 B7 62 84 2E 51 95 EA 1D 51 A6 EA 2E 51 A6 51 95
myAes.Key out 00000000 51 1D 73 40 EA A6 73 EA FB 73 73 A6 0C A6 D9 1D 00000010 2E 3F FB 2E 73 A6 A6 0C A6 C8 95 0C D9 1D B7 73
myAes.IV out 00000000 B7 95 51 73 B7 D9 95 EA 0C C8 95 95 0C 84 40 62
加密出来 00000000 FB FB B7 73 D9 51 A6 2E 95 73 62 73 3F 84 A640 00000010 B7 62 84 2E 51 95 EA 1D 51 A6 EA 2E 51 A6 51 95
银行:SELECT加密。填充无效,无法删除。
这是我现在使用的完整代码:
Imports System.Security.Cryptography
Imports System.Data.SqlClient
Imports System.Text
Namespace HexDump
Class Utils
Public Shared Function HexDump(bytes As Byte(), Optional bytesPerLine As Integer = 16) As String
If bytes Is Nothing Then
Return "<null>"
End If
Dim bytesLength As Integer = bytes.Length
Dim HexChars As Char() = "0123456789ABCDEF".ToCharArray()
' 8 characters for the address
Dim firstHexColumn As Integer = 8 + 3
' 3 spaces
' - 2 digit for the hexadecimal value and 1 space
' - 1 extra space every 8 characters from the 9th
Dim firstCharColumn As Integer = firstHexColumn + bytesPerLine * 3 + (bytesPerLine - 1) / 8 + 2
' 2 spaces
' - characters to show the ascii value
Dim lineLength As Integer = firstCharColumn + bytesPerLine + Environment.NewLine.Length
' Carriage return and line feed (should normally be 2)
Dim line As Char() = (New [String](" "c, lineLength - Environment.NewLine.Length) + Environment.NewLine).ToCharArray()
Dim expectedLines As Integer = (bytesLength + bytesPerLine - 1) / bytesPerLine
Dim result As New StringBuilder(expectedLines * lineLength)
Dim i As Integer = 0
While i < bytesLength
line(0) = HexChars((i >> 28) And &HF)
line(1) = HexChars((i >> 24) And &HF)
line(2) = HexChars((i >> 20) And &HF)
line(3) = HexChars((i >> 16) And &HF)
line(4) = HexChars((i >> 12) And &HF)
line(5) = HexChars((i >> 8) And &HF)
line(6) = HexChars((i >> 4) And &HF)
line(7) = HexChars((i >> 0) And &HF)
Dim hexColumn As Integer = firstHexColumn
Dim charColumn As Integer = firstCharColumn
For j As Integer = 0 To bytesPerLine - 1
If j > 0 AndAlso (j And 7) = 0 Then
hexColumn += 1
End If
If i + j >= bytesLength Then
line(hexColumn) = " "c
line(hexColumn + 1) = " "c
line(charColumn) = " "c
Else
'Dim b As Byte = bytes(i + j)
'line(hexColumn) = HexChars((b >> 4) And &HF)
'line(hexColumn + 1) = HexChars(b And &HF)
'line(charColumn) = (If(b < 32, "·"c, CChar(b)))
Dim b As Byte = bytes((i + j))
line(hexColumn) = HexChars(((b + 4) _
And 15))
line((hexColumn + 1)) = HexChars((b And 15))
line(charColumn) = Microsoft.VisualBasic.ChrW(65533)
End If
hexColumn += 3
charColumn += 1
Next
result.Append(line)
i += bytesPerLine
End While
Return result.ToString()
End Function
End Class
End Namespace
Public Class banks_financial
Inherits System.Web.UI.Page
Private _lang As String
Private _registryId As Integer
Private _salt As Byte() = Encoding.ASCII.GetBytes("o6806642kbM7c5")
Private _sharedSecret As String = "abcd"
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
Dim original As String = "Here is some data to encrypt!"
Dim key As Rfc2898DeriveBytes = New Rfc2898DeriveBytes(_sharedSecret, _salt)
Dim encrypted As Byte()
Try
Using myAes As Aes = Aes.Create()
myAes.Key = key.GetBytes(myAes.KeySize / 8)
myAes.IV = key.GetBytes(myAes.BlockSize / 8)
myAes.Padding = PaddingMode.PKCS7
encrypted = EncryptStringToBytes_Aes(original, myAes.Key, myAes.IV)
ReportError("myAes.Key in", HexDump.Utils.HexDump(myAes.Key))
ReportError("myAes.IV in", HexDump.Utils.HexDump(myAes.IV))
ReportError("encrypted in", HexDump.Utils.HexDump(encrypted))
End Using
Catch ex As Exception
Console.WriteLine("Error: {0}", ex.Message)
End Try
'save to DB
Dim myConnection As SqlConnection = GetConnection()
Dim cmd As New SqlCommand("UPDATE banks set bank_name=@bankname WHERE id=1", myConnection)
cmd.Parameters.Add(New SqlParameter("@bankname", encrypted))
Try
myConnection.Open()
cmd.ExecuteScalar()
Catch ex As Exception
GlobalFunctions.ReportError("banks:INSERT encrypted", ex.Message, LogLevel.Normal)
Finally
myConnection.Close()
End Try
'retreive from db
Dim decrypted As String = ""
myConnection = GetConnection()
cmd = New SqlCommand("SELECT bank_name FROM banks where id=1", myConnection)
Dim reader As SqlDataReader
Try
myConnection.Open()
reader = cmd.ExecuteReader
If reader.Read Then
Using myAes As Aes = Aes.Create()
myAes.Key = key.GetBytes(myAes.KeySize / 8)
myAes.IV = key.GetBytes(myAes.BlockSize / 8)
myAes.Padding = PaddingMode.PKCS7
ReportError("myAes.Key out", HexDump.Utils.HexDump(myAes.Key))
ReportError("myAes.IV out", HexDump.Utils.HexDump(myAes.IV))
ReportError("encrypted out", HexDump.Utils.HexDump(reader("bank_name")))
decrypted = DecryptStringFromBytes_Aes(reader("bank_name"), myAes.Key, myAes.IV)
ReportError("decrypted", decrypted)
End Using
Else
GlobalFunctions.ReportError("banks:nothing to be read?!?", LogLevel.Normal)
End If
Catch ex As Exception
GlobalFunctions.ReportError("banks:SELECT encrypted.", ex.Message, LogLevel.Normal)
Finally
myConnection.Close()
End Try
ltStatus.Text = GetMessageStatus(decrypted, MsgType.ok)
End Class
2 个答案:
答案 0 :(得分:3)
当前的问题是您的测试代码滥用了Rfc2898DeriveBytes / PBKDF。它与数据库无关。每次在给定实例上调用GetBytes()时,它都会返回一组不同的字节(按设计!)。这有点像这样的代码很明显:
Dim salt = CryptoTools.GetRandomBytes(16)
Dim PBKDF = New Rfc2898DeriveBytes("secret", salt, 10000)
Dim a = PBKDF.GetBytes(32)
Dim b = PBKDF.GetBytes(32)
Dim c = PBKDF.GetBytes(32)
If a.SequenceEqual(b) = False Then
Console.WriteLine("A != B")
End If
...
Intellisense非常清楚:
阵列根本不相同。来自MSDN for GetBytes的备注部分:
Rfc2898DeriveBytes类获取密码,salt和迭代计数,然后通过调用GetBytes方法生成键。 重复调用此方法不会生成相同的密钥; ...
重点是我的,但是要指出它是一个关键的生成器而不仅仅是一个哈希。所以,在你的“Fails with Database”代码中你有这个块:
Dim key As Rfc2898DeriveBytes = New Rfc2898DeriveBytes(_sharedSecret, _salt)
...
Using myAes As Aes = Aes.Create()
...
myAes.Key = key.GetBytes(myAes.KeySize / 8)
myAes.IV = key.GetBytes(myAes.BlockSize / 8)
...
End Using
生成的Key和IV将不相同。这很好,但可能不是你想要的。稍后使用相同的块来解密从db读回的内容。用于解密的Key和IV也会彼此不同,但更重要的是它们与用于加密的Key和IV不同!
这是一个致命的缺陷,并导致错误。这似乎是一个误导性的错误消息,但重现/修复很简单。您需要新的PBKDF才能在解密部分“重新开始”,或Reset现有的PBKDF:
' after this line...
Dim decrypted As String = ""
' ...add this:
key As Rfc2898DeriveBytes = New Rfc2898DeriveBytes(_sharedSecret, _salt)
' or
'key.Reset()
实际代码更有可能不会在同一方法中进行往返,并且会创建使用新的Rfc2898DeriveBytes。
最后,请注意,IV和Salt 应该是唯一且随机的,以便进行有效加密。使用相同的密码,密钥,盐和IV来加密每一行并没有太多意义,超出了安全的假象。有人只需要破解一行的PW来获取所有行的数据。
因为Rfc2898DeriveBytes是确定性的,所以它可以在生成IV和Salt(对于要加密的数据)中发挥作用,而不必保存它们或使用静态数据。
答案 1 :(得分:0)
通常,填充错误实际上意味着密钥,加密数据或选项本身不正确,而不是填充本身。
确保密钥的长度正确,否则实现将使用未指定的字节。使密钥完全正确的密钥大小:128,192或256位(16,24或32字节)。
确保密钥,数据和IV没有错误的编码,加密基于没有编码的8位字节。有些库会接受并生成其他编码,如Base64和hexadecimal,请仔细检查文档。
十六进制转储密钥,IV,加密数据和解密数据,并将这些数据的样本添加到问题中。
加密函数调用实际上很简单,如果提供正确(和完整)输入,输出将是正确的。如果结果仔细检查输入。
更新:
加密和解密的IV和密钥不同,它们必须相同。
确保IV相同的一种方法是在加密时将其预先加密到加密数据,并在解密时从加密数据中恢复它,并在解密加密数据时跳过它。
密钥必须在解密之前以某种方式在加密和解密代码之间预先共享。
相关问题
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?