我是加密的新手,也是js加密的新手。我正在使用这样的.net 下面加密/解密的代码。 对于js我需要加密用户名,我使用这个lib http://code.google.com/p/crypto-js/
Crypto.AES.encrypt(" q"," test",{mode:new Crypto.mode.CBC(Crypto.pad.pkcs7)})
但是当我尝试在.net上解密值时,我得到了填充错误' 请帮助,非常感谢。
/// <summary>
/// Method which does the encryption using Rijndeal algorithm
/// </summary>
/// <param name="InputText">Data to be encrypted</param>
/// <param name="Password">The string to used for making the key.The same string
/// should be used for making the decrpt key</param>
/// <returns>Encrypted Data</returns>
public static string EncryptString(string InputText, string Password)
{
RijndaelManaged RijndaelCipher = new RijndaelManaged();
byte[] PlainText = System.Text.Encoding.Unicode.GetBytes(InputText);
byte[] Salt = Encoding.ASCII.GetBytes(Password.Length.ToString());
//This class uses an extension of the PBKDF1 algorithm defined in the PKCS#5 v2.0
//standard to derive bytes suitable for use as key material from a password.
//The standard is documented in IETF RRC 2898.
PasswordDeriveBytes SecretKey = new PasswordDeriveBytes(Password, Salt);
//Creates a symmetric encryptor object.
ICryptoTransform Encryptor = RijndaelCipher.CreateEncryptor(SecretKey.GetBytes(32), SecretKey.GetBytes(16));
MemoryStream memoryStream = new MemoryStream();
//Defines a stream that links data streams to cryptographic transformations
CryptoStream cryptoStream = new CryptoStream(memoryStream, Encryptor, CryptoStreamMode.Write);
cryptoStream.Write(PlainText, 0, PlainText.Length);
//Writes the final state and clears the buffer
cryptoStream.FlushFinalBlock();
byte[] CipherBytes = memoryStream.ToArray();
memoryStream.Close();
memoryStream = null;
cryptoStream.Close();
cryptoStream = null;
PlainText = null;
Salt = null;
try
{
GC.Collect();
}
catch { }
return Convert.ToBase64String(CipherBytes);
}
/// <summary>
/// Method which does the encryption using Rijndeal algorithm.This is for decrypting the data
/// which has orginally being encrypted using the above method
/// </summary>
/// <param name="InputText">The encrypted data which has to be decrypted</param>
/// <param name="Password">The string which has been used for encrypting.The same string
/// should be used for making the decrypt key</param>
/// <returns>Decrypted Data</returns>
public static string DecryptString(string InputText, string Password)
{
RijndaelManaged RijndaelCipher = new RijndaelManaged();
byte[] EncryptedData = Convert.FromBase64String(InputText);
byte[] Salt = Encoding.ASCII.GetBytes(Password.Length.ToString());
//Making of the key for decryption
PasswordDeriveBytes SecretKey = new PasswordDeriveBytes(Password, Salt);
//Creates a symmetric Rijndael decryptor object.
ICryptoTransform Decryptor = RijndaelCipher.CreateDecryptor(SecretKey.GetBytes(32), SecretKey.GetBytes(16));
MemoryStream memoryStream = new MemoryStream(EncryptedData);
//Defines the cryptographics stream for decryption.THe stream contains decrpted data
CryptoStream cryptoStream = new CryptoStream(memoryStream, Decryptor, CryptoStreamMode.Read);
byte[] PlainText = new byte[EncryptedData.Length];
int DecryptedCount = cryptoStream.Read(PlainText, 0, PlainText.Length);
memoryStream.Close();
memoryStream = null;
cryptoStream.Close();
cryptoStream = null;
Salt = null;
try
{
GC.Collect();
}
catch { }
//Converting to string
return Encoding.Unicode.GetString(PlainText, 0, DecryptedCount);
}
答案 0 :(得分:2)
问题,为什么要在JS中加密密码?为什么不确保您的注册/登录页面通过安全连接运行?
回到您的问题,请在Google网上论坛中查询此问题并回答:http://groups.google.com/group/crypto-js/browse_thread/thread/b4f32cc2fc59ec2c#
修改
您还可以尝试CBC的默认填充方案:
var crypted = Crypto.AES.encrypt("Message", "Secret Passphrase", { mode: new Crypto.mode.CBC });
看到你假设.Net中的默认CBC填充。
答案 1 :(得分:1)
PasswordDeriveBytes不执行PBKDF2,它只执行PBKDF1,并且只执行前20个字节。除此之外,它是一个基于PBKDF1的专有的,未描述的,严重实施的愚蠢方案。
您应该使用实现PBKDF2的Rfc2898DeriveBytes,就像您指向的Google库一样。在进一步处理之前,检查计算出的关键字节是否正确。
请注意,如果密文或密钥值不正确,则填充异常是唯一可能抛出的异常;基本上它告诉你某些东西是错误的,但除此之外并不多。