以下代码有什么问题。给定的代码不是CA2000的投诉:在丢失范围之前处置对象(https://msdn.microsoft.com/library/ms182289.aspx)..此代码生成以下警告
警告CA2000在方法'CryptoComputer.Encrypt(string,string,string,string)'中,对象'new RijndaelManaged()'未沿所有异常路径放置。在对所有引用超出范围之前,调用System.IDisposable.Dispose对象'new RijndaelManaged()'。
public static string Encrypt(string plainText, string passPhrase, string saltValue, string initVector)
{
var initVectorBytes = Encoding.UTF8.GetBytes(initVector);
var saltValueBytes = Encoding.UTF8.GetBytes(saltValue);
var plainTextBytes = Encoding.UTF8.GetBytes(plainText);
string cipherText;
PasswordDeriveBytes password = null;
RijndaelManaged symmetricKey = null;
MemoryStream memoryStream = null;
try
{
memoryStream = new MemoryStream();
password = new PasswordDeriveBytes(passPhrase, saltValueBytes, hashAlgorithm, passwordIterations);
byte[] keyBytes = password.GetBytes(keySize / 8);
symmetricKey = new RijndaelManaged { Mode = CipherMode.CBC };
var encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes);
var cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write);
cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
cryptoStream.FlushFinalBlock();
var cipherTextBytes = memoryStream.ToArray();
cipherText = Convert.ToBase64String(cipherTextBytes);
}
catch (Exception)
{
throw;
}
finally
{
password?.Dispose();
symmetricKey?.Dispose();
memoryStream?.Dispose();
}
return cipherText;
}
如何重写此代码以满足Microsoft指南
答案 0 :(得分:1)
答案 1 :(得分:0)
使用如下所示的Using { ... }
块包裹它,这将确保一次性实例一旦超出范围就被处理掉。确保将所有一次性物品包裹在using {}
块中,而不仅仅是下面显示的那个。
using (symmetricKey = new RijndaelManaged { Mode = CipherMode.CBC })
{
//rest code goes here
}