我是加密货币新手,也是js加密货币新手。我正在使用这样的.net下面的加密/解密代码。对于js,我需要加密用户名,并使用这个libhttp://code.google.com/p/crypto-js/
Crypto.AES.encrypt("q","test",{mode:new Crypto.mode.CBC(Crypto.pad.pkcs7)})
但当我尝试在.net上解密值时,我得到了"填充错误"请帮忙,非常感谢。
/// <summary>
/// Method which does the encryption using Rijndeal algorithm
/// </summary>
/// <param name="InputText">Data to be encrypted</param>
/// <param name="Password">The string to used for making the key.The same string
/// should be used for making the decrpt key</param>
/// <returns>Encrypted Data</returns>
public static string EncryptString(string InputText, string Password)
{
RijndaelManaged RijndaelCipher = new RijndaelManaged();
byte[] PlainText = System.Text.Encoding.Unicode.GetBytes(InputText);
byte[] Salt = Encoding.ASCII.GetBytes(Password.Length.ToString());
//This class uses an extension of the PBKDF1 algorithm defined in the PKCS#5 v2.0
//standard to derive bytes suitable for use as key material from a password.
//The standard is documented in IETF RRC 2898.
PasswordDeriveBytes SecretKey = new PasswordDeriveBytes(Password, Salt);
//Creates a symmetric encryptor object.
ICryptoTransform Encryptor = RijndaelCipher.CreateEncryptor(SecretKey.GetBytes(32), SecretKey.GetBytes(16));
MemoryStream memoryStream = new MemoryStream();
//Defines a stream that links data streams to cryptographic transformations
CryptoStream cryptoStream = new CryptoStream(memoryStream, Encryptor, CryptoStreamMode.Write);
cryptoStream.Write(PlainText, 0, PlainText.Length);
//Writes the final state and clears the buffer
cryptoStream.FlushFinalBlock();
byte[] CipherBytes = memoryStream.ToArray();
memoryStream.Close();
memoryStream = null;
cryptoStream.Close();
cryptoStream = null;
PlainText = null;
Salt = null;
try
{
GC.Collect();
}
catch { }
return Convert.ToBase64String(CipherBytes);
}
/// <summary>
/// Method which does the encryption using Rijndeal algorithm.This is for decrypting the data
/// which has orginally being encrypted using the above method
/// </summary>
/// <param name="InputText">The encrypted data which has to be decrypted</param>
/// <param name="Password">The string which has been used for encrypting.The same string
/// should be used for making the decrypt key</param>
/// <returns>Decrypted Data</returns>
public static string DecryptString(string InputText, string Password)
{
RijndaelManaged RijndaelCipher = new RijndaelManaged();
byte[] EncryptedData = Convert.FromBase64String(InputText);
byte[] Salt = Encoding.ASCII.GetBytes(Password.Length.ToString());
//Making of the key for decryption
PasswordDeriveBytes SecretKey = new PasswordDeriveBytes(Password, Salt);
//Creates a symmetric Rijndael decryptor object.
ICryptoTransform Decryptor = RijndaelCipher.CreateDecryptor(SecretKey.GetBytes(32), SecretKey.GetBytes(16));
MemoryStream memoryStream = new MemoryStream(EncryptedData);
//Defines the cryptographics stream for decryption.THe stream contains decrpted data
CryptoStream cryptoStream = new CryptoStream(memoryStream, Decryptor, CryptoStreamMode.Read);
byte[] PlainText = new byte[EncryptedData.Length];
int DecryptedCount = cryptoStream.Read(PlainText, 0, PlainText.Length);
memoryStream.Close();
memoryStream = null;
cryptoStream.Close();
cryptoStream = null;
Salt = null;
try
{
GC.Collect();
}
catch { }
//Converting to string
return Encoding.Unicode.GetString(PlainText, 0, DecryptedCount);
}
问题,为什么要在JS中加密密码?为什么不确保您的注册/登录页面通过安全连接运行?
回到你的问题,看看这个问题已经在谷歌群组中被问到并得到了回答:http://groups.google.com/group/crypto-js/browse_thread/thread/b4f32cc2fc59ec2c#
编辑:
您也可以尝试CBC:的默认填充方案
var crypted = Crypto.AES.encrypt("Message", "Secret Passphrase", { mode: new Crypto.mode.CBC });
看到您在.Net中假设默认的CBC填充
PasswordDeriveBytes不执行PBKDF2,它只执行PBKDF1,并且只执行前20个字节。除此之外,它是一个专有的、未描述的、糟糕实现的白痴方案,松散地基于PBKDF1。
你应该使用Rfc2898DeriveBytes,它确实实现了PBKDF2,就像你指向的谷歌库一样。在继续操作之前,请检查计算的密钥字节是否正确。
请注意,如果密文或键值不正确,则padding异常是唯一可能引发的异常;基本上,它告诉你有什么是错误的,但除此之外没有什么。