当我将此字符串解密为硬编码参数时,我得到了我期望的五位数。
字符串结果= Decrypt(HttpUtility.UrlDecode(“ ha3bEv8A%2ffs0goPGeO6NPQ%3d%3d”));
但是,当我尝试从URL抓取...
http://localhost:12345/pagename?id=ha3bEv8A%2ffs0goPGeO6NPQ%3d%3d
string result1 = Decrypt(Request.QueryString [“ id”]);
Decrypt方法产生“填充无效且无法删除”错误。我确保PaddingMode匹配,这在大多数情况下似乎是导致这种情况的原因。
此外,我注意到UrlDecode()和QueryString()产生的唯一区别是前者中的某些字母大写。
ha3bEv8A / fs0goPGeO6NPQ ==
ha3bev8a / fs0gopgeo6npq ==
是否存在可以使其产生相同字符串的设置?因为一个可以正确解密,而另一个可以出错。
我已经包含了我正在使用的Encrypt和Decrypt方法...
private string Encrypt(string clearText)
{
string EncryptionKey = "hyddhrii%2moi43Hd5%%";
byte[] clearBytes = Encoding.Unicode.GetBytes(clearText);
byte[] salt =
new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d,0x65, 0x64, 0x76,
0x65, 0x64, 0x65, 0x76 };
using (Aes encryptor = Aes.Create())
{
Rfc2898DeriveBytes pdb =
new Rfc2898DeriveBytes(EncryptionKey, salt);
encryptor.Padding = PaddingMode.PKCS7;
encryptor.Key = pdb.GetBytes(32);
encryptor.IV = pdb.GetBytes(16);
using (MemoryStream ms = new MemoryStream())
{
using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write))
{
cs.Write(clearBytes, 0, clearBytes.Length);
cs.Close();
}
clearText = Convert.ToBase64String(ms.ToArray());
}
}
return clearText;
}
public static string Decrypt(string cipherText)
{
string EncryptionKey = "hyddhrii%2moi43Hd5%%";
cipherText = cipherText.Replace(" ", "+");
byte[] cipherBytes = Convert.FromBase64String(cipherText);
byte[] salt = new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d,
0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 };
using (Aes encryptor = Aes.Create())
{
Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey,
salt);
encryptor.Padding = PaddingMode.PKCS7;
encryptor.Key = pdb.GetBytes(32);
encryptor.IV = pdb.GetBytes(16);
using (MemoryStream ms = new MemoryStream())
{
using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateDecryptor(), CryptoStreamMode.Write))
{
cs.Write(cipherBytes, 0, cipherBytes.Length);
cs.Close();
}
cipherText = Encoding.Unicode.GetString(ms.ToArray());
}
}
return cipherText;
}