C#字符串解密
C# string decryption
我想在我的 wcf 服务中加密。为此,我正在编写一个 class 来加密和解密字符串。加密似乎工作正常并生成加密字符串,但在解密时出现不允许双重转义错误或错误 401。我在 webconfig 中添加了以下内容
<security>
<requestFiltering allowDoubleEscaping="true" />
</security>
现在它给出的错误要么是字符串的长度不正确,要么是较短的字符串 Bad String。密码是
加密
static string hash = "mypass@mysitec0m";
public static string Encrypt(string decrypted)
{
byte[] data = UTF8Encoding.UTF8.GetBytes(decrypted);
using (MD5CryptoServiceProvider mds = new MD5CryptoServiceProvider())
{
byte[] keys = mds.ComputeHash(UTF8Encoding.UTF8.GetBytes(hash));
using (TripleDESCryptoServiceProvider tripDes = new TripleDESCryptoServiceProvider())
{
ICryptoTransform transform = tripDes.CreateEncryptor();
byte[] result = transform.TransformFinalBlock(data, 0, data.Length);
return Convert.ToBase64String(result);
}
}
}
并解密
public static string decrypt(string encrypted)
{
byte[] data = Convert.FromBase64String(encrypted);
using (MD5CryptoServiceProvider mds = new MD5CryptoServiceProvider())
{
byte[] keys = mds.ComputeHash(UTF8Encoding.UTF8.GetBytes(hash));
using (TripleDESCryptoServiceProvider tripDes = new TripleDESCryptoServiceProvider())
{
ICryptoTransform transform = tripDes.CreateDecryptor();
byte[] result = transform.TransformFinalBlock(data, 0, data.Length);
return UTF8Encoding.UTF8.GetString(result);
}
}
}
为什么会出现错误,我该如何解决。
我建议您使用 POST 代替 GET。因为加密的字符串可能很长,而且会有很多特殊字符,就像你在问题中提到的那样
示例如下。
[OperationContract(Name = "Decrypt")]
[WebInvoke(Method = "POST",
UriTemplate = "Decrypt")]
string Decrypt(string data);
您从未使用您的密钥初始化密码,因此您对加密器使用了一个随机密钥,对解密器使用了另一个随机密钥。
使用 CreateEncryptor(Byte[], Byte[]) method instead, and similarly for the decryptor.
CreateEncryptor(Byte[], Byte[])...
creates a symmetric encryptor object with the specified Key property
and initialization vector (IV).
这与WCF无关,更像是一个问题TripleDESCryptoServiceProvider.There是你的加解密代码有误。如果不设置 IV,则加密模式应使用 ECB。默认是CBC.CBC需要设置IV.
这是我修改后的代码:
加密
public static string Encrypt(string decrypted)
{
byte[] data = UTF8Encoding.UTF8.GetBytes(decrypted);
using (MD5CryptoServiceProvider mds = new MD5CryptoServiceProvider())
{
byte[] keys = mds.ComputeHash(UTF8Encoding.UTF8.GetBytes(hash));
using (TripleDESCryptoServiceProvider tripDes = new TripleDESCryptoServiceProvider() {
Key=keys,
Mode=CipherMode.ECB
})
{
ICryptoTransform transform = tripDes.CreateEncryptor();
byte[] result = transform.TransformFinalBlock(data, 0, data.Length);
return Convert.ToBase64String(result);
}
}
}
解密
public static string decrypt(string encrypted)
{
byte[] data = Convert.FromBase64String(encrypted);
using (MD5CryptoServiceProvider mds = new MD5CryptoServiceProvider())
{
byte[] keys = mds.ComputeHash(UTF8Encoding.UTF8.GetBytes(hash));
using (TripleDESCryptoServiceProvider tripDes = new TripleDESCryptoServiceProvider()
{
Key = keys,
Mode = CipherMode.ECB
})
{
ICryptoTransform transform = tripDes.CreateDecryptor();
byte[] result = transform.TransformFinalBlock(data, 0, data.Length);
return UTF8Encoding.UTF8.GetString(result);
}
}
}
我想在我的 wcf 服务中加密。为此,我正在编写一个 class 来加密和解密字符串。加密似乎工作正常并生成加密字符串,但在解密时出现不允许双重转义错误或错误 401。我在 webconfig 中添加了以下内容
<security>
<requestFiltering allowDoubleEscaping="true" />
</security>
现在它给出的错误要么是字符串的长度不正确,要么是较短的字符串 Bad String。密码是
加密
static string hash = "mypass@mysitec0m";
public static string Encrypt(string decrypted)
{
byte[] data = UTF8Encoding.UTF8.GetBytes(decrypted);
using (MD5CryptoServiceProvider mds = new MD5CryptoServiceProvider())
{
byte[] keys = mds.ComputeHash(UTF8Encoding.UTF8.GetBytes(hash));
using (TripleDESCryptoServiceProvider tripDes = new TripleDESCryptoServiceProvider())
{
ICryptoTransform transform = tripDes.CreateEncryptor();
byte[] result = transform.TransformFinalBlock(data, 0, data.Length);
return Convert.ToBase64String(result);
}
}
}
并解密
public static string decrypt(string encrypted)
{
byte[] data = Convert.FromBase64String(encrypted);
using (MD5CryptoServiceProvider mds = new MD5CryptoServiceProvider())
{
byte[] keys = mds.ComputeHash(UTF8Encoding.UTF8.GetBytes(hash));
using (TripleDESCryptoServiceProvider tripDes = new TripleDESCryptoServiceProvider())
{
ICryptoTransform transform = tripDes.CreateDecryptor();
byte[] result = transform.TransformFinalBlock(data, 0, data.Length);
return UTF8Encoding.UTF8.GetString(result);
}
}
}
为什么会出现错误,我该如何解决。
我建议您使用 POST 代替 GET。因为加密的字符串可能很长,而且会有很多特殊字符,就像你在问题中提到的那样
示例如下。
[OperationContract(Name = "Decrypt")]
[WebInvoke(Method = "POST",
UriTemplate = "Decrypt")]
string Decrypt(string data);
您从未使用您的密钥初始化密码,因此您对加密器使用了一个随机密钥,对解密器使用了另一个随机密钥。
使用 CreateEncryptor(Byte[], Byte[]) method instead, and similarly for the decryptor.
CreateEncryptor(Byte[], Byte[])...
creates a symmetric encryptor object with the specified Key property and initialization vector (IV).
这与WCF无关,更像是一个问题TripleDESCryptoServiceProvider.There是你的加解密代码有误。如果不设置 IV,则加密模式应使用 ECB。默认是CBC.CBC需要设置IV.
这是我修改后的代码:
加密
public static string Encrypt(string decrypted)
{
byte[] data = UTF8Encoding.UTF8.GetBytes(decrypted);
using (MD5CryptoServiceProvider mds = new MD5CryptoServiceProvider())
{
byte[] keys = mds.ComputeHash(UTF8Encoding.UTF8.GetBytes(hash));
using (TripleDESCryptoServiceProvider tripDes = new TripleDESCryptoServiceProvider() {
Key=keys,
Mode=CipherMode.ECB
})
{
ICryptoTransform transform = tripDes.CreateEncryptor();
byte[] result = transform.TransformFinalBlock(data, 0, data.Length);
return Convert.ToBase64String(result);
}
}
}
解密
public static string decrypt(string encrypted)
{
byte[] data = Convert.FromBase64String(encrypted);
using (MD5CryptoServiceProvider mds = new MD5CryptoServiceProvider())
{
byte[] keys = mds.ComputeHash(UTF8Encoding.UTF8.GetBytes(hash));
using (TripleDESCryptoServiceProvider tripDes = new TripleDESCryptoServiceProvider()
{
Key = keys,
Mode = CipherMode.ECB
})
{
ICryptoTransform transform = tripDes.CreateDecryptor();
byte[] result = transform.TransformFinalBlock(data, 0, data.Length);
return UTF8Encoding.UTF8.GetString(result);
}
}
}